Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-27 12:46:03 +01:00
Code Issues Projects Releases Wiki Activity

refactor system info API

Browse Source
This commit is contained in:
Wenkai Yin 2017-05-23 18:36:17 +08:00
parent 51c9c252cc
commit 33e2e87b62
2 changed files with 19 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/common/api/base.go
View File

@ -64,7 +64,7 @@ func (b *BaseAPI) HandleUnauthorized() {
// HandleForbidden ... // HandleForbidden ...
func (b *BaseAPI) HandleForbidden(username string) { func (b *BaseAPI) HandleForbidden(username string) {
log.Info("forbidden: %s", username) log.Infof("forbidden: %s", username)
b.RenderError(http.StatusForbidden, "") b.RenderError(http.StatusForbidden, "")
} }

26
src/ui/api/systeminfo.go
View File

@ -21,17 +21,13 @@ import (
"strings" "strings"
"github.com/vmware/harbor/src/common" "github.com/vmware/harbor/src/common"
"github.com/vmware/harbor/src/common/api"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/utils/log" "github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/ui/config" "github.com/vmware/harbor/src/ui/config"
) )
//SystemInfoAPI handle requests for getting system info /api/systeminfo //SystemInfoAPI handle requests for getting system info /api/systeminfo
type SystemInfoAPI struct { type SystemInfoAPI struct {
api.BaseAPI BaseController
currentUserID int
isAdmin bool
} }
const defaultRootCert = "/etc/ui/ca/ca.crt" const defaultRootCert = "/etc/ui/ca/ca.crt"
@ -63,23 +59,20 @@ type GeneralInfo struct {
// validate for validating user if an admin. // validate for validating user if an admin.
func (sia *SystemInfoAPI) validate() { func (sia *SystemInfoAPI) validate() {
sia.currentUserID = sia.ValidateUser() if !sia.SecurityCtx.IsAuthenticated() {
sia.HandleUnauthorized()
sia.StopRun()
}
var err error if !sia.SecurityCtx.IsSysAdmin() {
sia.isAdmin, err = dao.IsAdminRole(sia.currentUserID) sia.HandleForbidden(sia.SecurityCtx.GetUsername())
if err != nil { sia.StopRun()
log.Errorf("Error occurred in IsAdminRole:%v", err)
sia.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
} }
// GetVolumeInfo gets specific volume storage info. // GetVolumeInfo gets specific volume storage info.
func (sia *SystemInfoAPI) GetVolumeInfo() { func (sia *SystemInfoAPI) GetVolumeInfo() {
sia.validate() sia.validate()
if !sia.isAdmin {
sia.RenderError(http.StatusForbidden, "User does not have admin role.")
return
}
capacity, err := config.AdminserverClient.Capacity() capacity, err := config.AdminserverClient.Capacity()
if err != nil { if err != nil {
@ -100,7 +93,6 @@ func (sia *SystemInfoAPI) GetVolumeInfo() {
//GetCert gets default self-signed certificate. //GetCert gets default self-signed certificate.
func (sia *SystemInfoAPI) GetCert() { func (sia *SystemInfoAPI) GetCert() {
sia.validate() sia.validate()
if sia.isAdmin {
if _, err := os.Stat(defaultRootCert); err == nil { if _, err := os.Stat(defaultRootCert); err == nil {
sia.Ctx.Output.Header("Content-Type", "application/octet-stream") sia.Ctx.Output.Header("Content-Type", "application/octet-stream")
sia.Ctx.Output.Header("Content-Disposition", "attachment; filename=ca.crt") sia.Ctx.Output.Header("Content-Disposition", "attachment; filename=ca.crt")
@ -112,8 +104,6 @@ func (sia *SystemInfoAPI) GetCert() {
log.Errorf("Unexpected error: %v", err) log.Errorf("Unexpected error: %v", err)
sia.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError)) sia.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
} }
}
sia.CustomAbort(http.StatusForbidden, "")
} }
// GetGeneralInfo returns the general system info, which is to be called by anonymous user // GetGeneralInfo returns the general system info, which is to be called by anonymous user