Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-22 00:27:44 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9 from reasonerjt/golint-fix-main-api-auth

Browse Source 
fix issues except comments related in main, auth, api packages
This commit is contained in:
reasonerjt 2016-02-25 13:55:51 +08:00
commit 413f3cdf71
13 changed files with 164 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
api/base.go
View File

@ -36,7 +36,7 @@ func (b *BaseAPI) RenderError(code int, text string) {
http.Error(b.Ctx.ResponseWriter, text, code)
}
func (b *BaseAPI) DecodeJsonReq(v interface{}) {
func (b *BaseAPI) DecodeJSONReq(v interface{}) {
err := json.Unmarshal(b.Ctx.Input.CopyBody(1<<32), v)
if err != nil {
beego.Error("Error while decoding the json request:", err)
@ -46,20 +46,20 @@ func (b *BaseAPI) DecodeJsonReq(v interface{}) {
func (b *BaseAPI) ValidateUser() int {
sessionUserId := b.GetSession("userId")
if sessionUserId == nil {
sessionUserID := b.GetSession("userId")
if sessionUserID == nil {
beego.Warning("No user id in session, canceling request")
b.CustomAbort(http.StatusUnauthorized, "")
}
userId := sessionUserId.(int)
u, err := dao.GetUser(models.User{UserId: userId})
userID := sessionUserID.(int)
u, err := dao.GetUser(models.User{UserId: userID})
if err != nil {
beego.Error("Error occurred in GetUser:", err)
b.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if u == nil {
beego.Warning("User was deleted already, user id: ", userId, " canceling request.")
beego.Warning("User was deleted already, user id: ", userID, " canceling request.")
b.CustomAbort(http.StatusUnauthorized, "")
}
return userId
return userID
}

60
api/project_member.go → api/member.go
View File

@ -26,14 +26,14 @@ import (
type ProjectMemberAPI struct {
BaseAPI
memberId int
currentUserId int
memberID int
currentUserID int
project *models.Project
}
type memberReq struct {
Username string `json:"user_name"`
UserId int `json:"user_id"`
UserID int `json:"user_id"`
Roles []int `json:"roles"`
}
@ -55,30 +55,30 @@ func (pma *ProjectMemberAPI) Prepare() {
pma.CustomAbort(http.StatusNotFound, "Project does not exist")
}
pma.project = p
pma.currentUserId = pma.ValidateUser()
pma.currentUserID = pma.ValidateUser()
mid := pma.Ctx.Input.Param(":mid")
if mid == "current" {
pma.memberId = pma.currentUserId
pma.memberID = pma.currentUserID
} else if len(mid) == 0 {
pma.memberId = 0
pma.memberID = 0
} else if len(mid) > 0 {
memberId, err := strconv.Atoi(mid)
memberID, err := strconv.Atoi(mid)
if err != nil {
beego.Error("Invalid member Id, error:", err)
pma.CustomAbort(http.StatusBadRequest, "Invalid member id")
}
pma.memberId = memberId
pma.memberID = memberID
}
}
func (pma *ProjectMemberAPI) Get() {
pid := pma.project.ProjectId
if !CheckProjectPermission(pma.currentUserId, pid) {
beego.Warning("Current user, user id :", pma.currentUserId, "does not have permission for project, id:", pid)
if !CheckProjectPermission(pma.currentUserID, pid) {
beego.Warning("Current user, user id :", pma.currentUserID, "does not have permission for project, id:", pid)
pma.RenderError(http.StatusForbidden, "")
return
}
if pma.memberId == 0 { //member id not set return list of the members
if pma.memberID == 0 { //member id not set return list of the members
username := pma.GetString("username")
queryUser := models.User{Username: "%" + username + "%"}
userList, err := dao.GetUserByProject(pid, queryUser)
@ -89,20 +89,20 @@ func (pma *ProjectMemberAPI) Get() {
}
pma.Data["json"] = userList
} else { //return detail of a member
roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberId}, pid)
roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberID}, pid)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
//return empty role list to indicate if a user is not a member
result := make(map[string]interface{})
user, err := dao.GetUser(models.User{UserId: pma.memberId})
user, err := dao.GetUser(models.User{UserId: pma.memberID})
if err != nil {
beego.Error("Error occurred in GetUser:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
result["user_name"] = user.Username
result["user_id"] = pma.memberId
result["user_id"] = pma.memberID
result["roles"] = roleList
pma.Data["json"] = result
}
@ -111,41 +111,41 @@ func (pma *ProjectMemberAPI) Get() {
func (pma *ProjectMemberAPI) Post() {
pid := pma.project.ProjectId
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, "does not have project admin role for project, id:", pid)
beego.Warning("Current user, id:", pma.currentUserID, "does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "")
return
}
var req memberReq
pma.DecodeJsonReq(&req)
pma.DecodeJSONReq(&req)
username := req.Username
userId := CheckUserExists(username)
if userId <= 0 {
userID := CheckUserExists(username)
if userID <= 0 {
beego.Warning("User does not exist, user name:", username)
pma.RenderError(http.StatusNotFound, "User does not exist")
return
}
rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userId}, pid)
rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userID}, pid)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if len(rolelist) > 0 {
beego.Warning("user is already added to project, user id:", userId, ", project id:", pid)
beego.Warning("user is already added to project, user id:", userID, ", project id:", pid)
pma.RenderError(http.StatusConflict, "user is ready in project")
return
}
for _, rid := range req.Roles {
err = dao.AddUserProjectRole(userId, pid, int(rid))
err = dao.AddUserProjectRole(userID, pid, int(rid))
if err != nil {
beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userId, ", role id:", rid)
beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userID, ", role id:", rid)
pma.RenderError(http.StatusInternalServerError, "Failed to update data in database")
return
}
@ -154,20 +154,20 @@ func (pma *ProjectMemberAPI) Post() {
func (pma *ProjectMemberAPI) Put() {
pid := pma.project.ProjectId
mid := pma.memberId
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
mid := pma.memberID
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid)
beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "")
return
}
var req memberReq
pma.DecodeJsonReq(&req)
pma.DecodeJSONReq(&req)
roleList, err := dao.GetUserProjectRoles(models.User{UserId: mid}, pid)
if len(roleList) == 0 {
beego.Warning("User is not in project, user id:", mid, ", project id:", pid)
@ -195,11 +195,11 @@ func (pma *ProjectMemberAPI) Put() {
func (pma *ProjectMemberAPI) Delete() {
pid := pma.project.ProjectId
mid := pma.memberId
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
mid := pma.memberID
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid)
beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "")
return
}

52
api/project.go
View File

@ -30,8 +30,8 @@ import (
type ProjectAPI struct {
BaseAPI
userId int
projectId int64
userID int
projectID int64
}
type projectReq struct {
@ -39,25 +39,25 @@ type projectReq struct {
Public bool `json:"public"`
}
const PROJECT_NAME_MAX_LEN int = 30
const projectNameMaxLen int = 30
func (p *ProjectAPI) Prepare() {
p.userId = p.ValidateUser()
id_str := p.Ctx.Input.Param(":id")
if len(id_str) > 0 {
p.userID = p.ValidateUser()
idStr := p.Ctx.Input.Param(":id")
if len(idStr) > 0 {
var err error
p.projectId, err = strconv.ParseInt(id_str, 10, 64)
p.projectID, err = strconv.ParseInt(idStr, 10, 64)
if err != nil {
log.Printf("Error parsing project id: %s, error: %v", id_str, err)
log.Printf("Error parsing project id: %s, error: %v", idStr, err)
p.CustomAbort(http.StatusBadRequest, "invalid project id")
}
exist, err := dao.ProjectExists(p.projectId)
exist, err := dao.ProjectExists(p.projectID)
if err != nil {
log.Printf("Error occurred in ProjectExists: %v", err)
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if !exist {
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectId))
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectID))
}
}
}
@ -65,7 +65,7 @@ func (p *ProjectAPI) Prepare() {
func (p *ProjectAPI) Post() {
var req projectReq
var public int
p.DecodeJsonReq(&req)
p.DecodeJSONReq(&req)
if req.Public {
public = 1
}
@ -84,7 +84,7 @@ func (p *ProjectAPI) Post() {
p.RenderError(http.StatusConflict, "")
return
}
project := models.Project{OwnerId: p.userId, Name: projectName, CreationTime: time.Now(), Public: public}
project := models.Project{OwnerId: p.userID, Name: projectName, CreationTime: time.Now(), Public: public}
err = dao.AddProject(project)
if err != nil {
beego.Error("Failed to add project, error: %v", err)
@ -107,7 +107,7 @@ func (p *ProjectAPI) Head() {
}
func (p *ProjectAPI) Get() {
queryProject := models.Project{UserId: p.userId}
queryProject := models.Project{UserId: p.userID}
projectName := p.GetString("project_name")
if len(projectName) > 0 {
queryProject.Name = "%" + projectName + "%"
@ -121,7 +121,7 @@ func (p *ProjectAPI) Get() {
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
for i := 0; i < len(projectList); i++ {
if isProjectAdmin(p.userId, projectList[i].ProjectId) {
if isProjectAdmin(p.userID, projectList[i].ProjectId) {
projectList[i].Togglable = true
}
}
@ -133,25 +133,25 @@ func (p *ProjectAPI) Put() {
var req projectReq
var public int
projectId, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
projectID, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
if err != nil {
beego.Error("Error parsing project id:", projectId, ", error: ", err)
beego.Error("Error parsing project id:", projectID, ", error: ", err)
p.RenderError(http.StatusBadRequest, "invalid project id")
return
}
p.DecodeJsonReq(&req)
p.DecodeJSONReq(&req)
if req.Public {
public = 1
}
if !isProjectAdmin(p.userId, projectId) {
beego.Warning("Current user, id:", p.userId, ", does not have project admin role for project, id:", projectId)
if !isProjectAdmin(p.userID, projectID) {
beego.Warning("Current user, id:", p.userID, ", does not have project admin role for project, id:", projectID)
p.RenderError(http.StatusForbidden, "")
return
}
err = dao.ToggleProjectPublicity(p.projectId, public)
err = dao.ToggleProjectPublicity(p.projectID, public)
if err != nil {
beego.Error("Error while updating project, project id:", projectId, ", error:", err)
beego.Error("Error while updating project, project id:", projectID, ", error:", err)
p.RenderError(http.StatusInternalServerError, "Failed to update project")
}
}
@ -159,7 +159,7 @@ func (p *ProjectAPI) Put() {
func (p *ProjectAPI) FilterAccessLog() {
var filter models.AccessLog
p.DecodeJsonReq(&filter)
p.DecodeJSONReq(&filter)
username := filter.Username
keywords := filter.Keywords
@ -167,7 +167,7 @@ func (p *ProjectAPI) FilterAccessLog() {
beginTime := time.Unix(filter.BeginTimestamp, 0)
endTime := time.Unix(filter.EndTimestamp, 0)
query := models.AccessLog{ProjectId: p.projectId, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp}
query := models.AccessLog{ProjectId: p.projectID, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp}
log.Printf("Query AccessLog: begin: %v, end: %v, keywords: %s", query.BeginTime, query.EndTime, query.Keywords)
@ -180,8 +180,8 @@ func (p *ProjectAPI) FilterAccessLog() {
p.ServeJSON()
}
func isProjectAdmin(userId int, pid int64) bool {
userQuery := models.User{UserId: userId, RoleId: models.PROJECTADMIN}
func isProjectAdmin(userID int, pid int64) bool {
userQuery := models.User{UserId: userID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err, ", returning false")
@ -195,7 +195,7 @@ func validateProjectReq(req projectReq) error {
if len(pn) == 0 {
return fmt.Errorf("Project name can not be empty")
}
if len(pn) > PROJECT_NAME_MAX_LEN {
if len(pn) > projectNameMaxLen {
return fmt.Errorf("Project name is too long")
}
return nil

53
api/repository.go
View File

@ -33,16 +33,16 @@ import (
type RepositoryAPI struct {
BaseAPI
userId int
userID int
username string
}
func (ra *RepositoryAPI) Prepare() {
userId, ok := ra.GetSession("userId").(int)
userID, ok := ra.GetSession("userId").(int)
if !ok {
ra.userId = dao.NON_EXIST_USER_ID
ra.userID = dao.NON_EXIST_USER_ID
} else {
ra.userId = userId
ra.userID = userID
}
username, ok := ra.GetSession("username").(string)
if !ok {
@ -54,23 +54,23 @@ func (ra *RepositoryAPI) Prepare() {
}
func (ra *RepositoryAPI) Get() {
projectId, err0 := ra.GetInt64("project_id")
projectID, err0 := ra.GetInt64("project_id")
if err0 != nil {
beego.Error("Failed to get project id, error:", err0)
ra.RenderError(http.StatusBadRequest, "Invalid project id")
return
}
p, err := dao.GetProjectById(projectId)
p, err := dao.GetProjectById(projectID)
if err != nil {
beego.Error("Error occurred in GetProjectById:", err)
ra.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if p == nil {
beego.Warning("Project with Id:", projectId, ", does not exist", projectId)
beego.Warning("Project with Id:", projectID, ", does not exist")
ra.RenderError(http.StatusNotFound, "")
return
}
if p.Public == 0 && !CheckProjectPermission(ra.userId, projectId) {
if p.Public == 0 && !CheckProjectPermission(ra.userID, projectID) {
ra.RenderError(http.StatusForbidden, "")
return
}
@ -148,27 +148,24 @@ func (ra *RepositoryAPI) GetManifests() {
beego.Error("Failed to get manifests for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return
} else {
mani := Manifest{}
err = json.Unmarshal(result, &mani)
if err != nil {
beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return
} else {
v1Compatibility := mani.History[0].V1Compatibility
err = json.Unmarshal([]byte(v1Compatibility), &item)
if err != nil {
beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return
} else {
item.CreatedStr = item.Created.Format("2006-01-02 15:04:05")
item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days"
}
}
}
mani := Manifest{}
err = json.Unmarshal(result, &mani)
if err != nil {
beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return
}
v1Compatibility := mani.History[0].V1Compatibility
err = json.Unmarshal([]byte(v1Compatibility), &item)
if err != nil {
beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return
}
item.CreatedStr = item.Created.Format("2006-01-02 15:04:05")
item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days"
ra.Data["json"] = item
ra.ServeJSON()

8
api/search.go
View File

@ -37,14 +37,14 @@ type SearchResult struct {
}
func (n *SearchAPI) Get() {
userId, ok := n.GetSession("userId").(int)
userID, ok := n.GetSession("userId").(int)
if !ok {
userId = dao.NON_EXIST_USER_ID
userID = dao.NON_EXIST_USER_ID
}
keyword := n.GetString("q")
projects, err := dao.QueryRelevantProjects(userId)
projects, err := dao.QueryRelevantProjects(userID)
if err != nil {
beego.Error("Failed to get projects of user id:", userId, ", error:", err)
beego.Error("Failed to get projects of user id:", userID, ", error:", err)
n.CustomAbort(http.StatusInternalServerError, "Failed to get project search result")
}
projectSorter := &utils.ProjectSorter{Projects: projects}

38
api/user.go
View File

@ -26,46 +26,46 @@ import (
type UserAPI struct {
BaseAPI
currentUid int
userId int
currentUserID int
userID int
}
func (ua *UserAPI) Prepare() {
ua.currentUid = ua.ValidateUser()
ua.currentUserID = ua.ValidateUser()
id := ua.Ctx.Input.Param(":id")
if id == "current" {
ua.userId = ua.currentUid
ua.userID = ua.currentUserID
} else if len(id) > 0 {
var err error
ua.userId, err = strconv.Atoi(id)
ua.userID, err = strconv.Atoi(id)
if err != nil {
beego.Error("Invalid user id, error:", err)
ua.CustomAbort(http.StatusBadRequest, "Invalid user Id")
}
userQuery := models.User{UserId: ua.userId}
userQuery := models.User{UserId: ua.userID}
u, err := dao.GetUser(userQuery)
if err != nil {
beego.Error("Error occurred in GetUser:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if u == nil {
beego.Error("User with Id:", ua.userId, "does not exist")
beego.Error("User with Id:", ua.userID, "does not exist")
ua.CustomAbort(http.StatusNotFound, "")
}
}
}
func (ua *UserAPI) Get() {
exist, err := dao.IsAdminRole(ua.currentUid)
exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil {
beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if ua.userId == 0 { //list users
if ua.userID == 0 { //list users
if !exist {
beego.Error("Current user, id:", ua.currentUid, ", does not have admin role, can not list users")
beego.Error("Current user, id:", ua.currentUserID, ", does not have admin role, can not list users")
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
@ -82,8 +82,8 @@ func (ua *UserAPI) Get() {
}
ua.Data["json"] = userList
} else if ua.userId == ua.currentUid || exist {
userQuery := models.User{UserId: ua.userId}
} else if ua.userID == ua.currentUserID || exist {
userQuery := models.User{UserId: ua.userID}
u, err := dao.GetUser(userQuery)
if err != nil {
beego.Error("Error occurred in GetUser:", err)
@ -91,7 +91,7 @@ func (ua *UserAPI) Get() {
}
ua.Data["json"] = u
} else {
beego.Error("Current user, id:", ua.currentUid, "does not have admin role, can not view other user's detail")
beego.Error("Current user, id:", ua.currentUserID, "does not have admin role, can not view other user's detail")
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
@ -99,32 +99,32 @@ func (ua *UserAPI) Get() {
}
func (ua *UserAPI) Put() { //currently only for toggle admin, so no request body
exist, err := dao.IsAdminRole(ua.currentUid)
exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil {
beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if !exist {
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not update other user's role")
beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not update other user's role")
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
userQuery := models.User{UserId: ua.userId}
userQuery := models.User{UserId: ua.userID}
dao.ToggleUserAdminRole(userQuery)
}
func (ua *UserAPI) Delete() {
exist, err := dao.IsAdminRole(ua.currentUid)
exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil {
beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if !exist {
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not remove user")
beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not remove user")
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
err = dao.DeleteUser(ua.userId)
err = dao.DeleteUser(ua.userID)
if err != nil {
beego.Error("Failed to delete data from database, error:", err)
ua.RenderError(http.StatusInternalServerError, "Failed to delete User")

6
api/utils.go
View File

@ -21,8 +21,8 @@ import (
"github.com/astaxie/beego"
)
func CheckProjectPermission(userId int, projectId int64) bool {
exist, err := dao.IsAdminRole(userId)
func CheckProjectPermission(userID int, projectID int64) bool {
exist, err := dao.IsAdminRole(userID)
if err != nil {
beego.Error("Error occurred in IsAdminRole:", err)
return false
@ -30,7 +30,7 @@ func CheckProjectPermission(userId int, projectId int64) bool {
if exist {
return true
}
roleList, err := dao.GetUserProjectRoles(models.User{UserId: userId}, projectId)
roleList, err := dao.GetUserProjectRoles(models.User{UserId: userID}, projectID)
if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err)
return false

25
opt_auth/opt_auth.go → auth/authenticator.go
View File

@ -12,10 +12,11 @@
See the License for the specific language governing permissions and
limitations under the License.
*/
package opt_auth
package auth
import (
"fmt"
"log"
"os"
"github.com/vmware/harbor/models"
@ -23,31 +24,31 @@ import (
"github.com/astaxie/beego"
)
type OptAuth interface {
Validate(auth models.AuthModel) (*models.User, error)
type Authenticator interface {
Authenticate(m models.AuthModel) (*models.User, error)
}
var registry = make(map[string]OptAuth)
var registry = make(map[string]Authenticator)
func Register(name string, optAuth OptAuth) {
func Register(name string, authenticator Authenticator) {
if _, dup := registry[name]; dup {
panic(name + " already exist.")
log.Printf("authenticator: %s has been registered", name)
return
}
registry[name] = optAuth
registry[name] = authenticator
}
func Login(auth models.AuthModel) (*models.User, error) {
func Login(m models.AuthModel) (*models.User, error) {
var authMode string = os.Getenv("AUTH_MODE")
if authMode == "" || auth.Principal == "admin" {
if authMode == "" || m.Principal == "admin" {
authMode = "db_auth"
}
beego.Debug("Current AUTH_MODE is ", authMode)
optAuth := registry[authMode]
if optAuth == nil {
authenticator, ok := registry[authMode]
if !ok {
return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode)
}
return optAuth.Validate(auth)
return authenticator.Authenticate(m)
}

10
opt_auth/db/db.go → auth/db/db.go
View File

@ -15,15 +15,15 @@
package db
import (
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
)
type DbAuth struct{}
type Auth struct{}
func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) {
u, err := dao.LoginByDb(auth)
func (d *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
u, err := dao.LoginByDb(m)
if err != nil {
return nil, err
}
@ -31,5 +31,5 @@ func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) {
}
func init() {
opt_auth.Register("db_auth", &DbAuth{})
auth.Register("db_auth", &Auth{})
}

33
opt_auth/ldap/ldap.go → auth/ldap/ldap.go
View File

@ -21,35 +21,34 @@ import (
"os"
"strings"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
"github.com/astaxie/beego"
"github.com/mqu/openldap"
)
type LdapAuth struct{}
type Auth struct{}
const META_CHARS = "&|!=~*<>()"
const metaChars = "&|!=~*<>()"
func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
ldapUrl := os.Getenv("LDAP_URL")
if ldapUrl == "" {
ldapURL := os.Getenv("LDAP_URL")
if ldapURL == "" {
return nil, errors.New("Can not get any available LDAP_URL.")
}
beego.Debug("ldapUrl:", ldapUrl)
beego.Debug("ldapURL:", ldapURL)
p := auth.Principal
for _, c := range META_CHARS {
p := m.Principal
for _, c := range metaChars {
if strings.ContainsRune(p, c) {
log.Printf("The principal contains meta char: %q", c)
return nil, nil
return nil, fmt.Errorf("the principal contains meta char: %q", c)
}
}
ldap, err := openldap.Initialize(ldapUrl)
ldap, err := openldap.Initialize(ldapURL)
if err != nil {
return nil, err
}
@ -62,10 +61,10 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
return nil, errors.New("Can not get any available LDAP_BASE_DN.")
}
baseDn := fmt.Sprintf(ldapBaseDn, auth.Principal)
baseDn := fmt.Sprintf(ldapBaseDn, m.Principal)
beego.Debug("baseDn:", baseDn)
err = ldap.Bind(baseDn, auth.Password)
err = ldap.Bind(baseDn, m.Password)
if err != nil {
return nil, err
}
@ -112,15 +111,15 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
} else {
u.Password = "12345678AbC"
u.Comment = "registered from LDAP."
userId, err := dao.Register(u)
userID, err := dao.Register(u)
if err != nil {
return nil, err
}
u.UserId = int(userId)
u.UserId = int(userID)
}
return &u, nil
}
func init() {
opt_auth.Register("ldap_auth", &LdapAuth{})
auth.Register("ldap_auth", &Auth{})
}

4
controllers/login.go
View File

@ -17,8 +17,8 @@ package controllers
import (
"net/http"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
"github.com/astaxie/beego"
)
@ -44,7 +44,7 @@ func (c *CommonController) Login() {
principal := c.GetString("principal")
password := c.GetString("password")
user, err := opt_auth.Login(models.AuthModel{principal, password})
user, err := auth.Login(models.AuthModel{principal, password})
if err != nil {
beego.Error("Error occurred in UserLogin:", err)
c.CustomAbort(http.StatusInternalServerError, "Internal error.")

25
main.go
View File

@ -15,14 +15,13 @@
package main
import (
"errors"
"fmt"
"log"
_ "github.com/vmware/harbor/auth/db"
_ "github.com/vmware/harbor/auth/ldap"
"github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models"
_ "github.com/vmware/harbor/opt_auth/db"
_ "github.com/vmware/harbor/opt_auth/ldap"
_ "github.com/vmware/harbor/routers"
"os"
@ -31,19 +30,19 @@ import (
)
const (
ADMIN_USER_ID = 1
adminUserID = 1
)
func updateInitPassword(userId int, password string) error {
queryUser := models.User{UserId: userId}
func updateInitPassword(userID int, password string) error {
queryUser := models.User{UserId: userID}
user, err := dao.GetUser(queryUser)
if err != nil {
log.Println("Failed to get user, userId:", userId)
log.Println("Failed to get user, userID:", userID)
return err
}
if user == nil {
log.Printf("User id: %d does not exist.", userId)
return errors.New(fmt.Sprintf("User id: %s does not exist.", userId))
log.Printf("User id: %d does not exist.", userID)
return fmt.Errorf("User id: %s does not exist.", userID)
} else if user.Salt == "" {
salt, err := dao.GenerateRandomString()
if err != nil {
@ -54,12 +53,12 @@ func updateInitPassword(userId int, password string) error {
user.Password = password
err = dao.ChangeUserPassword(*user)
if err != nil {
log.Printf("Failed to update user encrypted password, userId: %d, err: %v", userId, err)
log.Printf("Failed to update user encrypted password, userID: %d, err: %v", userID, err)
return err
}
log.Printf("User id: %d updated its encypted password successfully.", userId)
log.Printf("User id: %d updated its encypted password successfully.", userID)
} else {
log.Printf("User id: %d already has its encrypted password.", userId)
log.Printf("User id: %d already has its encrypted password.", userID)
}
return nil
}
@ -68,6 +67,6 @@ func main() {
beego.BConfig.WebConfig.Session.SessionOn = true
dao.InitDB()
updateInitPassword(ADMIN_USER_ID, os.Getenv("HARBOR_ADMIN_PASSWORD"))
updateInitPassword(adminUserID, os.Getenv("HARBOR_ADMIN_PASSWORD"))
beego.Run()
}

4
service/auth.go
View File

@ -18,8 +18,8 @@ import (
"log"
"net/http"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
svc_utils "github.com/vmware/harbor/service/utils"
"github.com/vmware/harbor/utils"
@ -72,7 +72,7 @@ func (a *AuthController) serveToken(username, service string, access []*token.Re
}
func authenticate(principal, password string) bool {
user, err := opt_auth.Login(models.AuthModel{principal, password})
user, err := auth.Login(models.AuthModel{principal, password})
if err != nil {
log.Printf("Error occurred in UserLogin: %v", err)
return false