1
0
mirror of https://github.com/goharbor/harbor.git synced 2025-01-04 23:17:45 +01:00

Merge pull request from reasonerjt/golint-fix-main-api-auth

fix issues except comments related in main, auth, api packages
This commit is contained in:
reasonerjt 2016-02-25 13:55:51 +08:00
commit 413f3cdf71
13 changed files with 164 additions and 168 deletions

View File

@ -36,7 +36,7 @@ func (b *BaseAPI) RenderError(code int, text string) {
http.Error(b.Ctx.ResponseWriter, text, code) http.Error(b.Ctx.ResponseWriter, text, code)
} }
func (b *BaseAPI) DecodeJsonReq(v interface{}) { func (b *BaseAPI) DecodeJSONReq(v interface{}) {
err := json.Unmarshal(b.Ctx.Input.CopyBody(1<<32), v) err := json.Unmarshal(b.Ctx.Input.CopyBody(1<<32), v)
if err != nil { if err != nil {
beego.Error("Error while decoding the json request:", err) beego.Error("Error while decoding the json request:", err)
@ -46,20 +46,20 @@ func (b *BaseAPI) DecodeJsonReq(v interface{}) {
func (b *BaseAPI) ValidateUser() int { func (b *BaseAPI) ValidateUser() int {
sessionUserId := b.GetSession("userId") sessionUserID := b.GetSession("userId")
if sessionUserId == nil { if sessionUserID == nil {
beego.Warning("No user id in session, canceling request") beego.Warning("No user id in session, canceling request")
b.CustomAbort(http.StatusUnauthorized, "") b.CustomAbort(http.StatusUnauthorized, "")
} }
userId := sessionUserId.(int) userID := sessionUserID.(int)
u, err := dao.GetUser(models.User{UserId: userId}) u, err := dao.GetUser(models.User{UserId: userID})
if err != nil { if err != nil {
beego.Error("Error occurred in GetUser:", err) beego.Error("Error occurred in GetUser:", err)
b.CustomAbort(http.StatusInternalServerError, "Internal error.") b.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if u == nil { if u == nil {
beego.Warning("User was deleted already, user id: ", userId, " canceling request.") beego.Warning("User was deleted already, user id: ", userID, " canceling request.")
b.CustomAbort(http.StatusUnauthorized, "") b.CustomAbort(http.StatusUnauthorized, "")
} }
return userId return userID
} }

View File

@ -26,14 +26,14 @@ import (
type ProjectMemberAPI struct { type ProjectMemberAPI struct {
BaseAPI BaseAPI
memberId int memberID int
currentUserId int currentUserID int
project *models.Project project *models.Project
} }
type memberReq struct { type memberReq struct {
Username string `json:"user_name"` Username string `json:"user_name"`
UserId int `json:"user_id"` UserID int `json:"user_id"`
Roles []int `json:"roles"` Roles []int `json:"roles"`
} }
@ -55,30 +55,30 @@ func (pma *ProjectMemberAPI) Prepare() {
pma.CustomAbort(http.StatusNotFound, "Project does not exist") pma.CustomAbort(http.StatusNotFound, "Project does not exist")
} }
pma.project = p pma.project = p
pma.currentUserId = pma.ValidateUser() pma.currentUserID = pma.ValidateUser()
mid := pma.Ctx.Input.Param(":mid") mid := pma.Ctx.Input.Param(":mid")
if mid == "current" { if mid == "current" {
pma.memberId = pma.currentUserId pma.memberID = pma.currentUserID
} else if len(mid) == 0 { } else if len(mid) == 0 {
pma.memberId = 0 pma.memberID = 0
} else if len(mid) > 0 { } else if len(mid) > 0 {
memberId, err := strconv.Atoi(mid) memberID, err := strconv.Atoi(mid)
if err != nil { if err != nil {
beego.Error("Invalid member Id, error:", err) beego.Error("Invalid member Id, error:", err)
pma.CustomAbort(http.StatusBadRequest, "Invalid member id") pma.CustomAbort(http.StatusBadRequest, "Invalid member id")
} }
pma.memberId = memberId pma.memberID = memberID
} }
} }
func (pma *ProjectMemberAPI) Get() { func (pma *ProjectMemberAPI) Get() {
pid := pma.project.ProjectId pid := pma.project.ProjectId
if !CheckProjectPermission(pma.currentUserId, pid) { if !CheckProjectPermission(pma.currentUserID, pid) {
beego.Warning("Current user, user id :", pma.currentUserId, "does not have permission for project, id:", pid) beego.Warning("Current user, user id :", pma.currentUserID, "does not have permission for project, id:", pid)
pma.RenderError(http.StatusForbidden, "") pma.RenderError(http.StatusForbidden, "")
return return
} }
if pma.memberId == 0 { //member id not set return list of the members if pma.memberID == 0 { //member id not set return list of the members
username := pma.GetString("username") username := pma.GetString("username")
queryUser := models.User{Username: "%" + username + "%"} queryUser := models.User{Username: "%" + username + "%"}
userList, err := dao.GetUserByProject(pid, queryUser) userList, err := dao.GetUserByProject(pid, queryUser)
@ -89,20 +89,20 @@ func (pma *ProjectMemberAPI) Get() {
} }
pma.Data["json"] = userList pma.Data["json"] = userList
} else { //return detail of a member } else { //return detail of a member
roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberId}, pid) roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberID}, pid)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err) beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.") pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
//return empty role list to indicate if a user is not a member //return empty role list to indicate if a user is not a member
result := make(map[string]interface{}) result := make(map[string]interface{})
user, err := dao.GetUser(models.User{UserId: pma.memberId}) user, err := dao.GetUser(models.User{UserId: pma.memberID})
if err != nil { if err != nil {
beego.Error("Error occurred in GetUser:", err) beego.Error("Error occurred in GetUser:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.") pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
result["user_name"] = user.Username result["user_name"] = user.Username
result["user_id"] = pma.memberId result["user_id"] = pma.memberID
result["roles"] = roleList result["roles"] = roleList
pma.Data["json"] = result pma.Data["json"] = result
} }
@ -111,41 +111,41 @@ func (pma *ProjectMemberAPI) Get() {
func (pma *ProjectMemberAPI) Post() { func (pma *ProjectMemberAPI) Post() {
pid := pma.project.ProjectId pid := pma.project.ProjectId
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN} userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid) rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err) beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.") pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if len(rolelist) == 0 { if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, "does not have project admin role for project, id:", pid) beego.Warning("Current user, id:", pma.currentUserID, "does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "") pma.RenderError(http.StatusForbidden, "")
return return
} }
var req memberReq var req memberReq
pma.DecodeJsonReq(&req) pma.DecodeJSONReq(&req)
username := req.Username username := req.Username
userId := CheckUserExists(username) userID := CheckUserExists(username)
if userId <= 0 { if userID <= 0 {
beego.Warning("User does not exist, user name:", username) beego.Warning("User does not exist, user name:", username)
pma.RenderError(http.StatusNotFound, "User does not exist") pma.RenderError(http.StatusNotFound, "User does not exist")
return return
} }
rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userId}, pid) rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userID}, pid)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err) beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.") pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if len(rolelist) > 0 { if len(rolelist) > 0 {
beego.Warning("user is already added to project, user id:", userId, ", project id:", pid) beego.Warning("user is already added to project, user id:", userID, ", project id:", pid)
pma.RenderError(http.StatusConflict, "user is ready in project") pma.RenderError(http.StatusConflict, "user is ready in project")
return return
} }
for _, rid := range req.Roles { for _, rid := range req.Roles {
err = dao.AddUserProjectRole(userId, pid, int(rid)) err = dao.AddUserProjectRole(userID, pid, int(rid))
if err != nil { if err != nil {
beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userId, ", role id:", rid) beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userID, ", role id:", rid)
pma.RenderError(http.StatusInternalServerError, "Failed to update data in database") pma.RenderError(http.StatusInternalServerError, "Failed to update data in database")
return return
} }
@ -154,20 +154,20 @@ func (pma *ProjectMemberAPI) Post() {
func (pma *ProjectMemberAPI) Put() { func (pma *ProjectMemberAPI) Put() {
pid := pma.project.ProjectId pid := pma.project.ProjectId
mid := pma.memberId mid := pma.memberID
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN} userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid) rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err) beego.Error("Error occurred in GetUserProjectRoles:", err)
pma.CustomAbort(http.StatusInternalServerError, "Internal error.") pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if len(rolelist) == 0 { if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid) beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "") pma.RenderError(http.StatusForbidden, "")
return return
} }
var req memberReq var req memberReq
pma.DecodeJsonReq(&req) pma.DecodeJSONReq(&req)
roleList, err := dao.GetUserProjectRoles(models.User{UserId: mid}, pid) roleList, err := dao.GetUserProjectRoles(models.User{UserId: mid}, pid)
if len(roleList) == 0 { if len(roleList) == 0 {
beego.Warning("User is not in project, user id:", mid, ", project id:", pid) beego.Warning("User is not in project, user id:", mid, ", project id:", pid)
@ -195,11 +195,11 @@ func (pma *ProjectMemberAPI) Put() {
func (pma *ProjectMemberAPI) Delete() { func (pma *ProjectMemberAPI) Delete() {
pid := pma.project.ProjectId pid := pma.project.ProjectId
mid := pma.memberId mid := pma.memberID
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN} userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid) rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if len(rolelist) == 0 { if len(rolelist) == 0 {
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid) beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
pma.RenderError(http.StatusForbidden, "") pma.RenderError(http.StatusForbidden, "")
return return
} }

View File

@ -30,8 +30,8 @@ import (
type ProjectAPI struct { type ProjectAPI struct {
BaseAPI BaseAPI
userId int userID int
projectId int64 projectID int64
} }
type projectReq struct { type projectReq struct {
@ -39,25 +39,25 @@ type projectReq struct {
Public bool `json:"public"` Public bool `json:"public"`
} }
const PROJECT_NAME_MAX_LEN int = 30 const projectNameMaxLen int = 30
func (p *ProjectAPI) Prepare() { func (p *ProjectAPI) Prepare() {
p.userId = p.ValidateUser() p.userID = p.ValidateUser()
id_str := p.Ctx.Input.Param(":id") idStr := p.Ctx.Input.Param(":id")
if len(id_str) > 0 { if len(idStr) > 0 {
var err error var err error
p.projectId, err = strconv.ParseInt(id_str, 10, 64) p.projectID, err = strconv.ParseInt(idStr, 10, 64)
if err != nil { if err != nil {
log.Printf("Error parsing project id: %s, error: %v", id_str, err) log.Printf("Error parsing project id: %s, error: %v", idStr, err)
p.CustomAbort(http.StatusBadRequest, "invalid project id") p.CustomAbort(http.StatusBadRequest, "invalid project id")
} }
exist, err := dao.ProjectExists(p.projectId) exist, err := dao.ProjectExists(p.projectID)
if err != nil { if err != nil {
log.Printf("Error occurred in ProjectExists: %v", err) log.Printf("Error occurred in ProjectExists: %v", err)
p.CustomAbort(http.StatusInternalServerError, "Internal error.") p.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if !exist { if !exist {
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectId)) p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectID))
} }
} }
} }
@ -65,7 +65,7 @@ func (p *ProjectAPI) Prepare() {
func (p *ProjectAPI) Post() { func (p *ProjectAPI) Post() {
var req projectReq var req projectReq
var public int var public int
p.DecodeJsonReq(&req) p.DecodeJSONReq(&req)
if req.Public { if req.Public {
public = 1 public = 1
} }
@ -84,7 +84,7 @@ func (p *ProjectAPI) Post() {
p.RenderError(http.StatusConflict, "") p.RenderError(http.StatusConflict, "")
return return
} }
project := models.Project{OwnerId: p.userId, Name: projectName, CreationTime: time.Now(), Public: public} project := models.Project{OwnerId: p.userID, Name: projectName, CreationTime: time.Now(), Public: public}
err = dao.AddProject(project) err = dao.AddProject(project)
if err != nil { if err != nil {
beego.Error("Failed to add project, error: %v", err) beego.Error("Failed to add project, error: %v", err)
@ -107,7 +107,7 @@ func (p *ProjectAPI) Head() {
} }
func (p *ProjectAPI) Get() { func (p *ProjectAPI) Get() {
queryProject := models.Project{UserId: p.userId} queryProject := models.Project{UserId: p.userID}
projectName := p.GetString("project_name") projectName := p.GetString("project_name")
if len(projectName) > 0 { if len(projectName) > 0 {
queryProject.Name = "%" + projectName + "%" queryProject.Name = "%" + projectName + "%"
@ -121,7 +121,7 @@ func (p *ProjectAPI) Get() {
p.CustomAbort(http.StatusInternalServerError, "Internal error.") p.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
for i := 0; i < len(projectList); i++ { for i := 0; i < len(projectList); i++ {
if isProjectAdmin(p.userId, projectList[i].ProjectId) { if isProjectAdmin(p.userID, projectList[i].ProjectId) {
projectList[i].Togglable = true projectList[i].Togglable = true
} }
} }
@ -133,25 +133,25 @@ func (p *ProjectAPI) Put() {
var req projectReq var req projectReq
var public int var public int
projectId, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64) projectID, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
if err != nil { if err != nil {
beego.Error("Error parsing project id:", projectId, ", error: ", err) beego.Error("Error parsing project id:", projectID, ", error: ", err)
p.RenderError(http.StatusBadRequest, "invalid project id") p.RenderError(http.StatusBadRequest, "invalid project id")
return return
} }
p.DecodeJsonReq(&req) p.DecodeJSONReq(&req)
if req.Public { if req.Public {
public = 1 public = 1
} }
if !isProjectAdmin(p.userId, projectId) { if !isProjectAdmin(p.userID, projectID) {
beego.Warning("Current user, id:", p.userId, ", does not have project admin role for project, id:", projectId) beego.Warning("Current user, id:", p.userID, ", does not have project admin role for project, id:", projectID)
p.RenderError(http.StatusForbidden, "") p.RenderError(http.StatusForbidden, "")
return return
} }
err = dao.ToggleProjectPublicity(p.projectId, public) err = dao.ToggleProjectPublicity(p.projectID, public)
if err != nil { if err != nil {
beego.Error("Error while updating project, project id:", projectId, ", error:", err) beego.Error("Error while updating project, project id:", projectID, ", error:", err)
p.RenderError(http.StatusInternalServerError, "Failed to update project") p.RenderError(http.StatusInternalServerError, "Failed to update project")
} }
} }
@ -159,7 +159,7 @@ func (p *ProjectAPI) Put() {
func (p *ProjectAPI) FilterAccessLog() { func (p *ProjectAPI) FilterAccessLog() {
var filter models.AccessLog var filter models.AccessLog
p.DecodeJsonReq(&filter) p.DecodeJSONReq(&filter)
username := filter.Username username := filter.Username
keywords := filter.Keywords keywords := filter.Keywords
@ -167,7 +167,7 @@ func (p *ProjectAPI) FilterAccessLog() {
beginTime := time.Unix(filter.BeginTimestamp, 0) beginTime := time.Unix(filter.BeginTimestamp, 0)
endTime := time.Unix(filter.EndTimestamp, 0) endTime := time.Unix(filter.EndTimestamp, 0)
query := models.AccessLog{ProjectId: p.projectId, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp} query := models.AccessLog{ProjectId: p.projectID, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp}
log.Printf("Query AccessLog: begin: %v, end: %v, keywords: %s", query.BeginTime, query.EndTime, query.Keywords) log.Printf("Query AccessLog: begin: %v, end: %v, keywords: %s", query.BeginTime, query.EndTime, query.Keywords)
@ -180,8 +180,8 @@ func (p *ProjectAPI) FilterAccessLog() {
p.ServeJSON() p.ServeJSON()
} }
func isProjectAdmin(userId int, pid int64) bool { func isProjectAdmin(userID int, pid int64) bool {
userQuery := models.User{UserId: userId, RoleId: models.PROJECTADMIN} userQuery := models.User{UserId: userID, RoleId: models.PROJECTADMIN}
rolelist, err := dao.GetUserProjectRoles(userQuery, pid) rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err, ", returning false") beego.Error("Error occurred in GetUserProjectRoles:", err, ", returning false")
@ -195,7 +195,7 @@ func validateProjectReq(req projectReq) error {
if len(pn) == 0 { if len(pn) == 0 {
return fmt.Errorf("Project name can not be empty") return fmt.Errorf("Project name can not be empty")
} }
if len(pn) > PROJECT_NAME_MAX_LEN { if len(pn) > projectNameMaxLen {
return fmt.Errorf("Project name is too long") return fmt.Errorf("Project name is too long")
} }
return nil return nil

View File

@ -33,16 +33,16 @@ import (
type RepositoryAPI struct { type RepositoryAPI struct {
BaseAPI BaseAPI
userId int userID int
username string username string
} }
func (ra *RepositoryAPI) Prepare() { func (ra *RepositoryAPI) Prepare() {
userId, ok := ra.GetSession("userId").(int) userID, ok := ra.GetSession("userId").(int)
if !ok { if !ok {
ra.userId = dao.NON_EXIST_USER_ID ra.userID = dao.NON_EXIST_USER_ID
} else { } else {
ra.userId = userId ra.userID = userID
} }
username, ok := ra.GetSession("username").(string) username, ok := ra.GetSession("username").(string)
if !ok { if !ok {
@ -54,23 +54,23 @@ func (ra *RepositoryAPI) Prepare() {
} }
func (ra *RepositoryAPI) Get() { func (ra *RepositoryAPI) Get() {
projectId, err0 := ra.GetInt64("project_id") projectID, err0 := ra.GetInt64("project_id")
if err0 != nil { if err0 != nil {
beego.Error("Failed to get project id, error:", err0) beego.Error("Failed to get project id, error:", err0)
ra.RenderError(http.StatusBadRequest, "Invalid project id") ra.RenderError(http.StatusBadRequest, "Invalid project id")
return return
} }
p, err := dao.GetProjectById(projectId) p, err := dao.GetProjectById(projectID)
if err != nil { if err != nil {
beego.Error("Error occurred in GetProjectById:", err) beego.Error("Error occurred in GetProjectById:", err)
ra.CustomAbort(http.StatusInternalServerError, "Internal error.") ra.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if p == nil { if p == nil {
beego.Warning("Project with Id:", projectId, ", does not exist", projectId) beego.Warning("Project with Id:", projectID, ", does not exist")
ra.RenderError(http.StatusNotFound, "") ra.RenderError(http.StatusNotFound, "")
return return
} }
if p.Public == 0 && !CheckProjectPermission(ra.userId, projectId) { if p.Public == 0 && !CheckProjectPermission(ra.userID, projectID) {
ra.RenderError(http.StatusForbidden, "") ra.RenderError(http.StatusForbidden, "")
return return
} }
@ -148,14 +148,14 @@ func (ra *RepositoryAPI) GetManifests() {
beego.Error("Failed to get manifests for repo, repo name:", repoName, ", tag:", tag, ", error:", err) beego.Error("Failed to get manifests for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error") ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return return
} else { }
mani := Manifest{} mani := Manifest{}
err = json.Unmarshal(result, &mani) err = json.Unmarshal(result, &mani)
if err != nil { if err != nil {
beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err) beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error") ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return return
} else { }
v1Compatibility := mani.History[0].V1Compatibility v1Compatibility := mani.History[0].V1Compatibility
err = json.Unmarshal([]byte(v1Compatibility), &item) err = json.Unmarshal([]byte(v1Compatibility), &item)
@ -163,12 +163,9 @@ func (ra *RepositoryAPI) GetManifests() {
beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err) beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
ra.RenderError(http.StatusInternalServerError, "Internal Server Error") ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
return return
} else { }
item.CreatedStr = item.Created.Format("2006-01-02 15:04:05") item.CreatedStr = item.Created.Format("2006-01-02 15:04:05")
item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days" item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days"
}
}
}
ra.Data["json"] = item ra.Data["json"] = item
ra.ServeJSON() ra.ServeJSON()

View File

@ -37,14 +37,14 @@ type SearchResult struct {
} }
func (n *SearchAPI) Get() { func (n *SearchAPI) Get() {
userId, ok := n.GetSession("userId").(int) userID, ok := n.GetSession("userId").(int)
if !ok { if !ok {
userId = dao.NON_EXIST_USER_ID userID = dao.NON_EXIST_USER_ID
} }
keyword := n.GetString("q") keyword := n.GetString("q")
projects, err := dao.QueryRelevantProjects(userId) projects, err := dao.QueryRelevantProjects(userID)
if err != nil { if err != nil {
beego.Error("Failed to get projects of user id:", userId, ", error:", err) beego.Error("Failed to get projects of user id:", userID, ", error:", err)
n.CustomAbort(http.StatusInternalServerError, "Failed to get project search result") n.CustomAbort(http.StatusInternalServerError, "Failed to get project search result")
} }
projectSorter := &utils.ProjectSorter{Projects: projects} projectSorter := &utils.ProjectSorter{Projects: projects}

View File

@ -26,46 +26,46 @@ import (
type UserAPI struct { type UserAPI struct {
BaseAPI BaseAPI
currentUid int currentUserID int
userId int userID int
} }
func (ua *UserAPI) Prepare() { func (ua *UserAPI) Prepare() {
ua.currentUid = ua.ValidateUser() ua.currentUserID = ua.ValidateUser()
id := ua.Ctx.Input.Param(":id") id := ua.Ctx.Input.Param(":id")
if id == "current" { if id == "current" {
ua.userId = ua.currentUid ua.userID = ua.currentUserID
} else if len(id) > 0 { } else if len(id) > 0 {
var err error var err error
ua.userId, err = strconv.Atoi(id) ua.userID, err = strconv.Atoi(id)
if err != nil { if err != nil {
beego.Error("Invalid user id, error:", err) beego.Error("Invalid user id, error:", err)
ua.CustomAbort(http.StatusBadRequest, "Invalid user Id") ua.CustomAbort(http.StatusBadRequest, "Invalid user Id")
} }
userQuery := models.User{UserId: ua.userId} userQuery := models.User{UserId: ua.userID}
u, err := dao.GetUser(userQuery) u, err := dao.GetUser(userQuery)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUser:", err) beego.Error("Error occurred in GetUser:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.") ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if u == nil { if u == nil {
beego.Error("User with Id:", ua.userId, "does not exist") beego.Error("User with Id:", ua.userID, "does not exist")
ua.CustomAbort(http.StatusNotFound, "") ua.CustomAbort(http.StatusNotFound, "")
} }
} }
} }
func (ua *UserAPI) Get() { func (ua *UserAPI) Get() {
exist, err := dao.IsAdminRole(ua.currentUid) exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil { if err != nil {
beego.Error("Error occurred in IsAdminRole:", err) beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.") ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if ua.userId == 0 { //list users if ua.userID == 0 { //list users
if !exist { if !exist {
beego.Error("Current user, id:", ua.currentUid, ", does not have admin role, can not list users") beego.Error("Current user, id:", ua.currentUserID, ", does not have admin role, can not list users")
ua.RenderError(http.StatusForbidden, "User does not have admin role") ua.RenderError(http.StatusForbidden, "User does not have admin role")
return return
} }
@ -82,8 +82,8 @@ func (ua *UserAPI) Get() {
} }
ua.Data["json"] = userList ua.Data["json"] = userList
} else if ua.userId == ua.currentUid || exist { } else if ua.userID == ua.currentUserID || exist {
userQuery := models.User{UserId: ua.userId} userQuery := models.User{UserId: ua.userID}
u, err := dao.GetUser(userQuery) u, err := dao.GetUser(userQuery)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUser:", err) beego.Error("Error occurred in GetUser:", err)
@ -91,7 +91,7 @@ func (ua *UserAPI) Get() {
} }
ua.Data["json"] = u ua.Data["json"] = u
} else { } else {
beego.Error("Current user, id:", ua.currentUid, "does not have admin role, can not view other user's detail") beego.Error("Current user, id:", ua.currentUserID, "does not have admin role, can not view other user's detail")
ua.RenderError(http.StatusForbidden, "User does not have admin role") ua.RenderError(http.StatusForbidden, "User does not have admin role")
return return
} }
@ -99,32 +99,32 @@ func (ua *UserAPI) Get() {
} }
func (ua *UserAPI) Put() { //currently only for toggle admin, so no request body func (ua *UserAPI) Put() { //currently only for toggle admin, so no request body
exist, err := dao.IsAdminRole(ua.currentUid) exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil { if err != nil {
beego.Error("Error occurred in IsAdminRole:", err) beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.") ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if !exist { if !exist {
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not update other user's role") beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not update other user's role")
ua.RenderError(http.StatusForbidden, "User does not have admin role") ua.RenderError(http.StatusForbidden, "User does not have admin role")
return return
} }
userQuery := models.User{UserId: ua.userId} userQuery := models.User{UserId: ua.userID}
dao.ToggleUserAdminRole(userQuery) dao.ToggleUserAdminRole(userQuery)
} }
func (ua *UserAPI) Delete() { func (ua *UserAPI) Delete() {
exist, err := dao.IsAdminRole(ua.currentUid) exist, err := dao.IsAdminRole(ua.currentUserID)
if err != nil { if err != nil {
beego.Error("Error occurred in IsAdminRole:", err) beego.Error("Error occurred in IsAdminRole:", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.") ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
} }
if !exist { if !exist {
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not remove user") beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not remove user")
ua.RenderError(http.StatusForbidden, "User does not have admin role") ua.RenderError(http.StatusForbidden, "User does not have admin role")
return return
} }
err = dao.DeleteUser(ua.userId) err = dao.DeleteUser(ua.userID)
if err != nil { if err != nil {
beego.Error("Failed to delete data from database, error:", err) beego.Error("Failed to delete data from database, error:", err)
ua.RenderError(http.StatusInternalServerError, "Failed to delete User") ua.RenderError(http.StatusInternalServerError, "Failed to delete User")

View File

@ -21,8 +21,8 @@ import (
"github.com/astaxie/beego" "github.com/astaxie/beego"
) )
func CheckProjectPermission(userId int, projectId int64) bool { func CheckProjectPermission(userID int, projectID int64) bool {
exist, err := dao.IsAdminRole(userId) exist, err := dao.IsAdminRole(userID)
if err != nil { if err != nil {
beego.Error("Error occurred in IsAdminRole:", err) beego.Error("Error occurred in IsAdminRole:", err)
return false return false
@ -30,7 +30,7 @@ func CheckProjectPermission(userId int, projectId int64) bool {
if exist { if exist {
return true return true
} }
roleList, err := dao.GetUserProjectRoles(models.User{UserId: userId}, projectId) roleList, err := dao.GetUserProjectRoles(models.User{UserId: userID}, projectID)
if err != nil { if err != nil {
beego.Error("Error occurred in GetUserProjectRoles:", err) beego.Error("Error occurred in GetUserProjectRoles:", err)
return false return false

View File

@ -12,10 +12,11 @@
See the License for the specific language governing permissions and See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/ */
package opt_auth package auth
import ( import (
"fmt" "fmt"
"log"
"os" "os"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
@ -23,31 +24,31 @@ import (
"github.com/astaxie/beego" "github.com/astaxie/beego"
) )
type OptAuth interface { type Authenticator interface {
Validate(auth models.AuthModel) (*models.User, error) Authenticate(m models.AuthModel) (*models.User, error)
} }
var registry = make(map[string]OptAuth) var registry = make(map[string]Authenticator)
func Register(name string, optAuth OptAuth) { func Register(name string, authenticator Authenticator) {
if _, dup := registry[name]; dup { if _, dup := registry[name]; dup {
panic(name + " already exist.") log.Printf("authenticator: %s has been registered", name)
return return
} }
registry[name] = optAuth registry[name] = authenticator
} }
func Login(auth models.AuthModel) (*models.User, error) { func Login(m models.AuthModel) (*models.User, error) {
var authMode string = os.Getenv("AUTH_MODE") var authMode string = os.Getenv("AUTH_MODE")
if authMode == "" || auth.Principal == "admin" { if authMode == "" || m.Principal == "admin" {
authMode = "db_auth" authMode = "db_auth"
} }
beego.Debug("Current AUTH_MODE is ", authMode) beego.Debug("Current AUTH_MODE is ", authMode)
optAuth := registry[authMode] authenticator, ok := registry[authMode]
if optAuth == nil { if !ok {
return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode) return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode)
} }
return optAuth.Validate(auth) return authenticator.Authenticate(m)
} }

View File

@ -15,15 +15,15 @@
package db package db
import ( import (
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/dao" "github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
) )
type DbAuth struct{} type Auth struct{}
func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) { func (d *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
u, err := dao.LoginByDb(auth) u, err := dao.LoginByDb(m)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -31,5 +31,5 @@ func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) {
} }
func init() { func init() {
opt_auth.Register("db_auth", &DbAuth{}) auth.Register("db_auth", &Auth{})
} }

View File

@ -21,35 +21,34 @@ import (
"os" "os"
"strings" "strings"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/dao" "github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
"github.com/astaxie/beego" "github.com/astaxie/beego"
"github.com/mqu/openldap" "github.com/mqu/openldap"
) )
type LdapAuth struct{} type Auth struct{}
const META_CHARS = "&|!=~*<>()" const metaChars = "&|!=~*<>()"
func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) { func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
ldapUrl := os.Getenv("LDAP_URL") ldapURL := os.Getenv("LDAP_URL")
if ldapUrl == "" { if ldapURL == "" {
return nil, errors.New("Can not get any available LDAP_URL.") return nil, errors.New("Can not get any available LDAP_URL.")
} }
beego.Debug("ldapUrl:", ldapUrl) beego.Debug("ldapURL:", ldapURL)
p := auth.Principal p := m.Principal
for _, c := range META_CHARS { for _, c := range metaChars {
if strings.ContainsRune(p, c) { if strings.ContainsRune(p, c) {
log.Printf("The principal contains meta char: %q", c) return nil, fmt.Errorf("the principal contains meta char: %q", c)
return nil, nil
} }
} }
ldap, err := openldap.Initialize(ldapUrl) ldap, err := openldap.Initialize(ldapURL)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -62,10 +61,10 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
return nil, errors.New("Can not get any available LDAP_BASE_DN.") return nil, errors.New("Can not get any available LDAP_BASE_DN.")
} }
baseDn := fmt.Sprintf(ldapBaseDn, auth.Principal) baseDn := fmt.Sprintf(ldapBaseDn, m.Principal)
beego.Debug("baseDn:", baseDn) beego.Debug("baseDn:", baseDn)
err = ldap.Bind(baseDn, auth.Password) err = ldap.Bind(baseDn, m.Password)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -112,15 +111,15 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
} else { } else {
u.Password = "12345678AbC" u.Password = "12345678AbC"
u.Comment = "registered from LDAP." u.Comment = "registered from LDAP."
userId, err := dao.Register(u) userID, err := dao.Register(u)
if err != nil { if err != nil {
return nil, err return nil, err
} }
u.UserId = int(userId) u.UserId = int(userID)
} }
return &u, nil return &u, nil
} }
func init() { func init() {
opt_auth.Register("ldap_auth", &LdapAuth{}) auth.Register("ldap_auth", &Auth{})
} }

View File

@ -17,8 +17,8 @@ package controllers
import ( import (
"net/http" "net/http"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
"github.com/astaxie/beego" "github.com/astaxie/beego"
) )
@ -44,7 +44,7 @@ func (c *CommonController) Login() {
principal := c.GetString("principal") principal := c.GetString("principal")
password := c.GetString("password") password := c.GetString("password")
user, err := opt_auth.Login(models.AuthModel{principal, password}) user, err := auth.Login(models.AuthModel{principal, password})
if err != nil { if err != nil {
beego.Error("Error occurred in UserLogin:", err) beego.Error("Error occurred in UserLogin:", err)
c.CustomAbort(http.StatusInternalServerError, "Internal error.") c.CustomAbort(http.StatusInternalServerError, "Internal error.")

25
main.go
View File

@ -15,14 +15,13 @@
package main package main
import ( import (
"errors"
"fmt" "fmt"
"log" "log"
_ "github.com/vmware/harbor/auth/db"
_ "github.com/vmware/harbor/auth/ldap"
"github.com/vmware/harbor/dao" "github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
_ "github.com/vmware/harbor/opt_auth/db"
_ "github.com/vmware/harbor/opt_auth/ldap"
_ "github.com/vmware/harbor/routers" _ "github.com/vmware/harbor/routers"
"os" "os"
@ -31,19 +30,19 @@ import (
) )
const ( const (
ADMIN_USER_ID = 1 adminUserID = 1
) )
func updateInitPassword(userId int, password string) error { func updateInitPassword(userID int, password string) error {
queryUser := models.User{UserId: userId} queryUser := models.User{UserId: userID}
user, err := dao.GetUser(queryUser) user, err := dao.GetUser(queryUser)
if err != nil { if err != nil {
log.Println("Failed to get user, userId:", userId) log.Println("Failed to get user, userID:", userID)
return err return err
} }
if user == nil { if user == nil {
log.Printf("User id: %d does not exist.", userId) log.Printf("User id: %d does not exist.", userID)
return errors.New(fmt.Sprintf("User id: %s does not exist.", userId)) return fmt.Errorf("User id: %s does not exist.", userID)
} else if user.Salt == "" { } else if user.Salt == "" {
salt, err := dao.GenerateRandomString() salt, err := dao.GenerateRandomString()
if err != nil { if err != nil {
@ -54,12 +53,12 @@ func updateInitPassword(userId int, password string) error {
user.Password = password user.Password = password
err = dao.ChangeUserPassword(*user) err = dao.ChangeUserPassword(*user)
if err != nil { if err != nil {
log.Printf("Failed to update user encrypted password, userId: %d, err: %v", userId, err) log.Printf("Failed to update user encrypted password, userID: %d, err: %v", userID, err)
return err return err
} }
log.Printf("User id: %d updated its encypted password successfully.", userId) log.Printf("User id: %d updated its encypted password successfully.", userID)
} else { } else {
log.Printf("User id: %d already has its encrypted password.", userId) log.Printf("User id: %d already has its encrypted password.", userID)
} }
return nil return nil
} }
@ -68,6 +67,6 @@ func main() {
beego.BConfig.WebConfig.Session.SessionOn = true beego.BConfig.WebConfig.Session.SessionOn = true
dao.InitDB() dao.InitDB()
updateInitPassword(ADMIN_USER_ID, os.Getenv("HARBOR_ADMIN_PASSWORD")) updateInitPassword(adminUserID, os.Getenv("HARBOR_ADMIN_PASSWORD"))
beego.Run() beego.Run()
} }

View File

@ -18,8 +18,8 @@ import (
"log" "log"
"net/http" "net/http"
"github.com/vmware/harbor/auth"
"github.com/vmware/harbor/models" "github.com/vmware/harbor/models"
"github.com/vmware/harbor/opt_auth"
svc_utils "github.com/vmware/harbor/service/utils" svc_utils "github.com/vmware/harbor/service/utils"
"github.com/vmware/harbor/utils" "github.com/vmware/harbor/utils"
@ -72,7 +72,7 @@ func (a *AuthController) serveToken(username, service string, access []*token.Re
} }
func authenticate(principal, password string) bool { func authenticate(principal, password string) bool {
user, err := opt_auth.Login(models.AuthModel{principal, password}) user, err := auth.Login(models.AuthModel{principal, password})
if err != nil { if err != nil {
log.Printf("Error occurred in UserLogin: %v", err) log.Printf("Error occurred in UserLogin: %v", err)
return false return false