mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-22 08:38:03 +01:00
Merge pull request #9 from reasonerjt/golint-fix-main-api-auth
fix issues except comments related in main, auth, api packages
This commit is contained in:
commit
413f3cdf71
14
api/base.go
14
api/base.go
@ -36,7 +36,7 @@ func (b *BaseAPI) RenderError(code int, text string) {
|
||||
http.Error(b.Ctx.ResponseWriter, text, code)
|
||||
}
|
||||
|
||||
func (b *BaseAPI) DecodeJsonReq(v interface{}) {
|
||||
func (b *BaseAPI) DecodeJSONReq(v interface{}) {
|
||||
err := json.Unmarshal(b.Ctx.Input.CopyBody(1<<32), v)
|
||||
if err != nil {
|
||||
beego.Error("Error while decoding the json request:", err)
|
||||
@ -46,20 +46,20 @@ func (b *BaseAPI) DecodeJsonReq(v interface{}) {
|
||||
|
||||
func (b *BaseAPI) ValidateUser() int {
|
||||
|
||||
sessionUserId := b.GetSession("userId")
|
||||
if sessionUserId == nil {
|
||||
sessionUserID := b.GetSession("userId")
|
||||
if sessionUserID == nil {
|
||||
beego.Warning("No user id in session, canceling request")
|
||||
b.CustomAbort(http.StatusUnauthorized, "")
|
||||
}
|
||||
userId := sessionUserId.(int)
|
||||
u, err := dao.GetUser(models.User{UserId: userId})
|
||||
userID := sessionUserID.(int)
|
||||
u, err := dao.GetUser(models.User{UserId: userID})
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUser:", err)
|
||||
b.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if u == nil {
|
||||
beego.Warning("User was deleted already, user id: ", userId, " canceling request.")
|
||||
beego.Warning("User was deleted already, user id: ", userID, " canceling request.")
|
||||
b.CustomAbort(http.StatusUnauthorized, "")
|
||||
}
|
||||
return userId
|
||||
return userID
|
||||
}
|
||||
|
@ -26,14 +26,14 @@ import (
|
||||
|
||||
type ProjectMemberAPI struct {
|
||||
BaseAPI
|
||||
memberId int
|
||||
currentUserId int
|
||||
memberID int
|
||||
currentUserID int
|
||||
project *models.Project
|
||||
}
|
||||
|
||||
type memberReq struct {
|
||||
Username string `json:"user_name"`
|
||||
UserId int `json:"user_id"`
|
||||
UserID int `json:"user_id"`
|
||||
Roles []int `json:"roles"`
|
||||
}
|
||||
|
||||
@ -55,30 +55,30 @@ func (pma *ProjectMemberAPI) Prepare() {
|
||||
pma.CustomAbort(http.StatusNotFound, "Project does not exist")
|
||||
}
|
||||
pma.project = p
|
||||
pma.currentUserId = pma.ValidateUser()
|
||||
pma.currentUserID = pma.ValidateUser()
|
||||
mid := pma.Ctx.Input.Param(":mid")
|
||||
if mid == "current" {
|
||||
pma.memberId = pma.currentUserId
|
||||
pma.memberID = pma.currentUserID
|
||||
} else if len(mid) == 0 {
|
||||
pma.memberId = 0
|
||||
pma.memberID = 0
|
||||
} else if len(mid) > 0 {
|
||||
memberId, err := strconv.Atoi(mid)
|
||||
memberID, err := strconv.Atoi(mid)
|
||||
if err != nil {
|
||||
beego.Error("Invalid member Id, error:", err)
|
||||
pma.CustomAbort(http.StatusBadRequest, "Invalid member id")
|
||||
}
|
||||
pma.memberId = memberId
|
||||
pma.memberID = memberID
|
||||
}
|
||||
}
|
||||
|
||||
func (pma *ProjectMemberAPI) Get() {
|
||||
pid := pma.project.ProjectId
|
||||
if !CheckProjectPermission(pma.currentUserId, pid) {
|
||||
beego.Warning("Current user, user id :", pma.currentUserId, "does not have permission for project, id:", pid)
|
||||
if !CheckProjectPermission(pma.currentUserID, pid) {
|
||||
beego.Warning("Current user, user id :", pma.currentUserID, "does not have permission for project, id:", pid)
|
||||
pma.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
||||
if pma.memberId == 0 { //member id not set return list of the members
|
||||
if pma.memberID == 0 { //member id not set return list of the members
|
||||
username := pma.GetString("username")
|
||||
queryUser := models.User{Username: "%" + username + "%"}
|
||||
userList, err := dao.GetUserByProject(pid, queryUser)
|
||||
@ -89,20 +89,20 @@ func (pma *ProjectMemberAPI) Get() {
|
||||
}
|
||||
pma.Data["json"] = userList
|
||||
} else { //return detail of a member
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberId}, pid)
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserId: pma.memberID}, pid)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
//return empty role list to indicate if a user is not a member
|
||||
result := make(map[string]interface{})
|
||||
user, err := dao.GetUser(models.User{UserId: pma.memberId})
|
||||
user, err := dao.GetUser(models.User{UserId: pma.memberID})
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUser:", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
result["user_name"] = user.Username
|
||||
result["user_id"] = pma.memberId
|
||||
result["user_id"] = pma.memberID
|
||||
result["roles"] = roleList
|
||||
pma.Data["json"] = result
|
||||
}
|
||||
@ -111,41 +111,41 @@ func (pma *ProjectMemberAPI) Get() {
|
||||
|
||||
func (pma *ProjectMemberAPI) Post() {
|
||||
pid := pma.project.ProjectId
|
||||
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
|
||||
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
|
||||
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if len(rolelist) == 0 {
|
||||
beego.Warning("Current user, id:", pma.currentUserId, "does not have project admin role for project, id:", pid)
|
||||
beego.Warning("Current user, id:", pma.currentUserID, "does not have project admin role for project, id:", pid)
|
||||
pma.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
||||
var req memberReq
|
||||
pma.DecodeJsonReq(&req)
|
||||
pma.DecodeJSONReq(&req)
|
||||
username := req.Username
|
||||
userId := CheckUserExists(username)
|
||||
if userId <= 0 {
|
||||
userID := CheckUserExists(username)
|
||||
if userID <= 0 {
|
||||
beego.Warning("User does not exist, user name:", username)
|
||||
pma.RenderError(http.StatusNotFound, "User does not exist")
|
||||
return
|
||||
}
|
||||
rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userId}, pid)
|
||||
rolelist, err = dao.GetUserProjectRoles(models.User{UserId: userID}, pid)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if len(rolelist) > 0 {
|
||||
beego.Warning("user is already added to project, user id:", userId, ", project id:", pid)
|
||||
beego.Warning("user is already added to project, user id:", userID, ", project id:", pid)
|
||||
pma.RenderError(http.StatusConflict, "user is ready in project")
|
||||
return
|
||||
}
|
||||
|
||||
for _, rid := range req.Roles {
|
||||
err = dao.AddUserProjectRole(userId, pid, int(rid))
|
||||
err = dao.AddUserProjectRole(userID, pid, int(rid))
|
||||
if err != nil {
|
||||
beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userId, ", role id:", rid)
|
||||
beego.Error("Failed to update DB to add project user role, project id:", pid, ", user id:", userID, ", role id:", rid)
|
||||
pma.RenderError(http.StatusInternalServerError, "Failed to update data in database")
|
||||
return
|
||||
}
|
||||
@ -154,20 +154,20 @@ func (pma *ProjectMemberAPI) Post() {
|
||||
|
||||
func (pma *ProjectMemberAPI) Put() {
|
||||
pid := pma.project.ProjectId
|
||||
mid := pma.memberId
|
||||
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
|
||||
mid := pma.memberID
|
||||
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
|
||||
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if len(rolelist) == 0 {
|
||||
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid)
|
||||
beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
|
||||
pma.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
||||
var req memberReq
|
||||
pma.DecodeJsonReq(&req)
|
||||
pma.DecodeJSONReq(&req)
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserId: mid}, pid)
|
||||
if len(roleList) == 0 {
|
||||
beego.Warning("User is not in project, user id:", mid, ", project id:", pid)
|
||||
@ -195,11 +195,11 @@ func (pma *ProjectMemberAPI) Put() {
|
||||
|
||||
func (pma *ProjectMemberAPI) Delete() {
|
||||
pid := pma.project.ProjectId
|
||||
mid := pma.memberId
|
||||
userQuery := models.User{UserId: pma.currentUserId, RoleId: models.PROJECTADMIN}
|
||||
mid := pma.memberID
|
||||
userQuery := models.User{UserId: pma.currentUserID, RoleId: models.PROJECTADMIN}
|
||||
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
|
||||
if len(rolelist) == 0 {
|
||||
beego.Warning("Current user, id:", pma.currentUserId, ", does not have project admin role for project, id:", pid)
|
||||
beego.Warning("Current user, id:", pma.currentUserID, ", does not have project admin role for project, id:", pid)
|
||||
pma.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
@ -30,8 +30,8 @@ import (
|
||||
|
||||
type ProjectAPI struct {
|
||||
BaseAPI
|
||||
userId int
|
||||
projectId int64
|
||||
userID int
|
||||
projectID int64
|
||||
}
|
||||
|
||||
type projectReq struct {
|
||||
@ -39,25 +39,25 @@ type projectReq struct {
|
||||
Public bool `json:"public"`
|
||||
}
|
||||
|
||||
const PROJECT_NAME_MAX_LEN int = 30
|
||||
const projectNameMaxLen int = 30
|
||||
|
||||
func (p *ProjectAPI) Prepare() {
|
||||
p.userId = p.ValidateUser()
|
||||
id_str := p.Ctx.Input.Param(":id")
|
||||
if len(id_str) > 0 {
|
||||
p.userID = p.ValidateUser()
|
||||
idStr := p.Ctx.Input.Param(":id")
|
||||
if len(idStr) > 0 {
|
||||
var err error
|
||||
p.projectId, err = strconv.ParseInt(id_str, 10, 64)
|
||||
p.projectID, err = strconv.ParseInt(idStr, 10, 64)
|
||||
if err != nil {
|
||||
log.Printf("Error parsing project id: %s, error: %v", id_str, err)
|
||||
log.Printf("Error parsing project id: %s, error: %v", idStr, err)
|
||||
p.CustomAbort(http.StatusBadRequest, "invalid project id")
|
||||
}
|
||||
exist, err := dao.ProjectExists(p.projectId)
|
||||
exist, err := dao.ProjectExists(p.projectID)
|
||||
if err != nil {
|
||||
log.Printf("Error occurred in ProjectExists: %v", err)
|
||||
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if !exist {
|
||||
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectId))
|
||||
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectID))
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -65,7 +65,7 @@ func (p *ProjectAPI) Prepare() {
|
||||
func (p *ProjectAPI) Post() {
|
||||
var req projectReq
|
||||
var public int
|
||||
p.DecodeJsonReq(&req)
|
||||
p.DecodeJSONReq(&req)
|
||||
if req.Public {
|
||||
public = 1
|
||||
}
|
||||
@ -84,7 +84,7 @@ func (p *ProjectAPI) Post() {
|
||||
p.RenderError(http.StatusConflict, "")
|
||||
return
|
||||
}
|
||||
project := models.Project{OwnerId: p.userId, Name: projectName, CreationTime: time.Now(), Public: public}
|
||||
project := models.Project{OwnerId: p.userID, Name: projectName, CreationTime: time.Now(), Public: public}
|
||||
err = dao.AddProject(project)
|
||||
if err != nil {
|
||||
beego.Error("Failed to add project, error: %v", err)
|
||||
@ -107,7 +107,7 @@ func (p *ProjectAPI) Head() {
|
||||
}
|
||||
|
||||
func (p *ProjectAPI) Get() {
|
||||
queryProject := models.Project{UserId: p.userId}
|
||||
queryProject := models.Project{UserId: p.userID}
|
||||
projectName := p.GetString("project_name")
|
||||
if len(projectName) > 0 {
|
||||
queryProject.Name = "%" + projectName + "%"
|
||||
@ -121,7 +121,7 @@ func (p *ProjectAPI) Get() {
|
||||
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
for i := 0; i < len(projectList); i++ {
|
||||
if isProjectAdmin(p.userId, projectList[i].ProjectId) {
|
||||
if isProjectAdmin(p.userID, projectList[i].ProjectId) {
|
||||
projectList[i].Togglable = true
|
||||
}
|
||||
}
|
||||
@ -133,25 +133,25 @@ func (p *ProjectAPI) Put() {
|
||||
var req projectReq
|
||||
var public int
|
||||
|
||||
projectId, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
|
||||
projectID, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
|
||||
if err != nil {
|
||||
beego.Error("Error parsing project id:", projectId, ", error: ", err)
|
||||
beego.Error("Error parsing project id:", projectID, ", error: ", err)
|
||||
p.RenderError(http.StatusBadRequest, "invalid project id")
|
||||
return
|
||||
}
|
||||
|
||||
p.DecodeJsonReq(&req)
|
||||
p.DecodeJSONReq(&req)
|
||||
if req.Public {
|
||||
public = 1
|
||||
}
|
||||
if !isProjectAdmin(p.userId, projectId) {
|
||||
beego.Warning("Current user, id:", p.userId, ", does not have project admin role for project, id:", projectId)
|
||||
if !isProjectAdmin(p.userID, projectID) {
|
||||
beego.Warning("Current user, id:", p.userID, ", does not have project admin role for project, id:", projectID)
|
||||
p.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
||||
err = dao.ToggleProjectPublicity(p.projectId, public)
|
||||
err = dao.ToggleProjectPublicity(p.projectID, public)
|
||||
if err != nil {
|
||||
beego.Error("Error while updating project, project id:", projectId, ", error:", err)
|
||||
beego.Error("Error while updating project, project id:", projectID, ", error:", err)
|
||||
p.RenderError(http.StatusInternalServerError, "Failed to update project")
|
||||
}
|
||||
}
|
||||
@ -159,7 +159,7 @@ func (p *ProjectAPI) Put() {
|
||||
func (p *ProjectAPI) FilterAccessLog() {
|
||||
|
||||
var filter models.AccessLog
|
||||
p.DecodeJsonReq(&filter)
|
||||
p.DecodeJSONReq(&filter)
|
||||
|
||||
username := filter.Username
|
||||
keywords := filter.Keywords
|
||||
@ -167,7 +167,7 @@ func (p *ProjectAPI) FilterAccessLog() {
|
||||
beginTime := time.Unix(filter.BeginTimestamp, 0)
|
||||
endTime := time.Unix(filter.EndTimestamp, 0)
|
||||
|
||||
query := models.AccessLog{ProjectId: p.projectId, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp}
|
||||
query := models.AccessLog{ProjectId: p.projectID, Username: "%" + username + "%", Keywords: keywords, BeginTime: beginTime, BeginTimestamp: filter.BeginTimestamp, EndTime: endTime, EndTimestamp: filter.EndTimestamp}
|
||||
|
||||
log.Printf("Query AccessLog: begin: %v, end: %v, keywords: %s", query.BeginTime, query.EndTime, query.Keywords)
|
||||
|
||||
@ -180,8 +180,8 @@ func (p *ProjectAPI) FilterAccessLog() {
|
||||
p.ServeJSON()
|
||||
}
|
||||
|
||||
func isProjectAdmin(userId int, pid int64) bool {
|
||||
userQuery := models.User{UserId: userId, RoleId: models.PROJECTADMIN}
|
||||
func isProjectAdmin(userID int, pid int64) bool {
|
||||
userQuery := models.User{UserId: userID, RoleId: models.PROJECTADMIN}
|
||||
rolelist, err := dao.GetUserProjectRoles(userQuery, pid)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err, ", returning false")
|
||||
@ -195,7 +195,7 @@ func validateProjectReq(req projectReq) error {
|
||||
if len(pn) == 0 {
|
||||
return fmt.Errorf("Project name can not be empty")
|
||||
}
|
||||
if len(pn) > PROJECT_NAME_MAX_LEN {
|
||||
if len(pn) > projectNameMaxLen {
|
||||
return fmt.Errorf("Project name is too long")
|
||||
}
|
||||
return nil
|
||||
|
@ -33,16 +33,16 @@ import (
|
||||
|
||||
type RepositoryAPI struct {
|
||||
BaseAPI
|
||||
userId int
|
||||
userID int
|
||||
username string
|
||||
}
|
||||
|
||||
func (ra *RepositoryAPI) Prepare() {
|
||||
userId, ok := ra.GetSession("userId").(int)
|
||||
userID, ok := ra.GetSession("userId").(int)
|
||||
if !ok {
|
||||
ra.userId = dao.NON_EXIST_USER_ID
|
||||
ra.userID = dao.NON_EXIST_USER_ID
|
||||
} else {
|
||||
ra.userId = userId
|
||||
ra.userID = userID
|
||||
}
|
||||
username, ok := ra.GetSession("username").(string)
|
||||
if !ok {
|
||||
@ -54,23 +54,23 @@ func (ra *RepositoryAPI) Prepare() {
|
||||
}
|
||||
|
||||
func (ra *RepositoryAPI) Get() {
|
||||
projectId, err0 := ra.GetInt64("project_id")
|
||||
projectID, err0 := ra.GetInt64("project_id")
|
||||
if err0 != nil {
|
||||
beego.Error("Failed to get project id, error:", err0)
|
||||
ra.RenderError(http.StatusBadRequest, "Invalid project id")
|
||||
return
|
||||
}
|
||||
p, err := dao.GetProjectById(projectId)
|
||||
p, err := dao.GetProjectById(projectID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetProjectById:", err)
|
||||
ra.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if p == nil {
|
||||
beego.Warning("Project with Id:", projectId, ", does not exist", projectId)
|
||||
beego.Warning("Project with Id:", projectID, ", does not exist")
|
||||
ra.RenderError(http.StatusNotFound, "")
|
||||
return
|
||||
}
|
||||
if p.Public == 0 && !CheckProjectPermission(ra.userId, projectId) {
|
||||
if p.Public == 0 && !CheckProjectPermission(ra.userID, projectID) {
|
||||
ra.RenderError(http.StatusForbidden, "")
|
||||
return
|
||||
}
|
||||
@ -148,27 +148,24 @@ func (ra *RepositoryAPI) GetManifests() {
|
||||
beego.Error("Failed to get manifests for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
|
||||
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
|
||||
return
|
||||
} else {
|
||||
mani := Manifest{}
|
||||
err = json.Unmarshal(result, &mani)
|
||||
if err != nil {
|
||||
beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err)
|
||||
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
|
||||
return
|
||||
} else {
|
||||
v1Compatibility := mani.History[0].V1Compatibility
|
||||
|
||||
err = json.Unmarshal([]byte(v1Compatibility), &item)
|
||||
if err != nil {
|
||||
beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
|
||||
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
|
||||
return
|
||||
} else {
|
||||
item.CreatedStr = item.Created.Format("2006-01-02 15:04:05")
|
||||
item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days"
|
||||
}
|
||||
}
|
||||
}
|
||||
mani := Manifest{}
|
||||
err = json.Unmarshal(result, &mani)
|
||||
if err != nil {
|
||||
beego.Error("Failed to decode json from response for manifests, repo name:", repoName, ", tag:", tag, ", error:", err)
|
||||
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
|
||||
return
|
||||
}
|
||||
v1Compatibility := mani.History[0].V1Compatibility
|
||||
|
||||
err = json.Unmarshal([]byte(v1Compatibility), &item)
|
||||
if err != nil {
|
||||
beego.Error("Failed to decode V1 field for repo, repo name:", repoName, ", tag:", tag, ", error:", err)
|
||||
ra.RenderError(http.StatusInternalServerError, "Internal Server Error")
|
||||
return
|
||||
}
|
||||
item.CreatedStr = item.Created.Format("2006-01-02 15:04:05")
|
||||
item.DurationDays = strconv.Itoa(int(time.Since(item.Created).Hours()/24)) + " days"
|
||||
|
||||
ra.Data["json"] = item
|
||||
ra.ServeJSON()
|
||||
|
@ -37,14 +37,14 @@ type SearchResult struct {
|
||||
}
|
||||
|
||||
func (n *SearchAPI) Get() {
|
||||
userId, ok := n.GetSession("userId").(int)
|
||||
userID, ok := n.GetSession("userId").(int)
|
||||
if !ok {
|
||||
userId = dao.NON_EXIST_USER_ID
|
||||
userID = dao.NON_EXIST_USER_ID
|
||||
}
|
||||
keyword := n.GetString("q")
|
||||
projects, err := dao.QueryRelevantProjects(userId)
|
||||
projects, err := dao.QueryRelevantProjects(userID)
|
||||
if err != nil {
|
||||
beego.Error("Failed to get projects of user id:", userId, ", error:", err)
|
||||
beego.Error("Failed to get projects of user id:", userID, ", error:", err)
|
||||
n.CustomAbort(http.StatusInternalServerError, "Failed to get project search result")
|
||||
}
|
||||
projectSorter := &utils.ProjectSorter{Projects: projects}
|
||||
|
38
api/user.go
38
api/user.go
@ -26,46 +26,46 @@ import (
|
||||
|
||||
type UserAPI struct {
|
||||
BaseAPI
|
||||
currentUid int
|
||||
userId int
|
||||
currentUserID int
|
||||
userID int
|
||||
}
|
||||
|
||||
func (ua *UserAPI) Prepare() {
|
||||
|
||||
ua.currentUid = ua.ValidateUser()
|
||||
ua.currentUserID = ua.ValidateUser()
|
||||
id := ua.Ctx.Input.Param(":id")
|
||||
if id == "current" {
|
||||
ua.userId = ua.currentUid
|
||||
ua.userID = ua.currentUserID
|
||||
} else if len(id) > 0 {
|
||||
var err error
|
||||
ua.userId, err = strconv.Atoi(id)
|
||||
ua.userID, err = strconv.Atoi(id)
|
||||
if err != nil {
|
||||
beego.Error("Invalid user id, error:", err)
|
||||
ua.CustomAbort(http.StatusBadRequest, "Invalid user Id")
|
||||
}
|
||||
userQuery := models.User{UserId: ua.userId}
|
||||
userQuery := models.User{UserId: ua.userID}
|
||||
u, err := dao.GetUser(userQuery)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUser:", err)
|
||||
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if u == nil {
|
||||
beego.Error("User with Id:", ua.userId, "does not exist")
|
||||
beego.Error("User with Id:", ua.userID, "does not exist")
|
||||
ua.CustomAbort(http.StatusNotFound, "")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (ua *UserAPI) Get() {
|
||||
exist, err := dao.IsAdminRole(ua.currentUid)
|
||||
exist, err := dao.IsAdminRole(ua.currentUserID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in IsAdminRole:", err)
|
||||
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
|
||||
if ua.userId == 0 { //list users
|
||||
if ua.userID == 0 { //list users
|
||||
if !exist {
|
||||
beego.Error("Current user, id:", ua.currentUid, ", does not have admin role, can not list users")
|
||||
beego.Error("Current user, id:", ua.currentUserID, ", does not have admin role, can not list users")
|
||||
ua.RenderError(http.StatusForbidden, "User does not have admin role")
|
||||
return
|
||||
}
|
||||
@ -82,8 +82,8 @@ func (ua *UserAPI) Get() {
|
||||
}
|
||||
ua.Data["json"] = userList
|
||||
|
||||
} else if ua.userId == ua.currentUid || exist {
|
||||
userQuery := models.User{UserId: ua.userId}
|
||||
} else if ua.userID == ua.currentUserID || exist {
|
||||
userQuery := models.User{UserId: ua.userID}
|
||||
u, err := dao.GetUser(userQuery)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUser:", err)
|
||||
@ -91,7 +91,7 @@ func (ua *UserAPI) Get() {
|
||||
}
|
||||
ua.Data["json"] = u
|
||||
} else {
|
||||
beego.Error("Current user, id:", ua.currentUid, "does not have admin role, can not view other user's detail")
|
||||
beego.Error("Current user, id:", ua.currentUserID, "does not have admin role, can not view other user's detail")
|
||||
ua.RenderError(http.StatusForbidden, "User does not have admin role")
|
||||
return
|
||||
}
|
||||
@ -99,32 +99,32 @@ func (ua *UserAPI) Get() {
|
||||
}
|
||||
|
||||
func (ua *UserAPI) Put() { //currently only for toggle admin, so no request body
|
||||
exist, err := dao.IsAdminRole(ua.currentUid)
|
||||
exist, err := dao.IsAdminRole(ua.currentUserID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in IsAdminRole:", err)
|
||||
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if !exist {
|
||||
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not update other user's role")
|
||||
beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not update other user's role")
|
||||
ua.RenderError(http.StatusForbidden, "User does not have admin role")
|
||||
return
|
||||
}
|
||||
userQuery := models.User{UserId: ua.userId}
|
||||
userQuery := models.User{UserId: ua.userID}
|
||||
dao.ToggleUserAdminRole(userQuery)
|
||||
}
|
||||
|
||||
func (ua *UserAPI) Delete() {
|
||||
exist, err := dao.IsAdminRole(ua.currentUid)
|
||||
exist, err := dao.IsAdminRole(ua.currentUserID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in IsAdminRole:", err)
|
||||
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
if !exist {
|
||||
beego.Warning("current user, id:", ua.currentUid, ", does not have admin role, can not remove user")
|
||||
beego.Warning("current user, id:", ua.currentUserID, ", does not have admin role, can not remove user")
|
||||
ua.RenderError(http.StatusForbidden, "User does not have admin role")
|
||||
return
|
||||
}
|
||||
err = dao.DeleteUser(ua.userId)
|
||||
err = dao.DeleteUser(ua.userID)
|
||||
if err != nil {
|
||||
beego.Error("Failed to delete data from database, error:", err)
|
||||
ua.RenderError(http.StatusInternalServerError, "Failed to delete User")
|
||||
|
@ -21,8 +21,8 @@ import (
|
||||
"github.com/astaxie/beego"
|
||||
)
|
||||
|
||||
func CheckProjectPermission(userId int, projectId int64) bool {
|
||||
exist, err := dao.IsAdminRole(userId)
|
||||
func CheckProjectPermission(userID int, projectID int64) bool {
|
||||
exist, err := dao.IsAdminRole(userID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in IsAdminRole:", err)
|
||||
return false
|
||||
@ -30,7 +30,7 @@ func CheckProjectPermission(userId int, projectId int64) bool {
|
||||
if exist {
|
||||
return true
|
||||
}
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserId: userId}, projectId)
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserId: userID}, projectID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
return false
|
||||
|
@ -12,10 +12,11 @@
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
package opt_auth
|
||||
package auth
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/vmware/harbor/models"
|
||||
@ -23,31 +24,31 @@ import (
|
||||
"github.com/astaxie/beego"
|
||||
)
|
||||
|
||||
type OptAuth interface {
|
||||
Validate(auth models.AuthModel) (*models.User, error)
|
||||
type Authenticator interface {
|
||||
Authenticate(m models.AuthModel) (*models.User, error)
|
||||
}
|
||||
|
||||
var registry = make(map[string]OptAuth)
|
||||
var registry = make(map[string]Authenticator)
|
||||
|
||||
func Register(name string, optAuth OptAuth) {
|
||||
func Register(name string, authenticator Authenticator) {
|
||||
if _, dup := registry[name]; dup {
|
||||
panic(name + " already exist.")
|
||||
log.Printf("authenticator: %s has been registered", name)
|
||||
return
|
||||
}
|
||||
registry[name] = optAuth
|
||||
registry[name] = authenticator
|
||||
}
|
||||
|
||||
func Login(auth models.AuthModel) (*models.User, error) {
|
||||
func Login(m models.AuthModel) (*models.User, error) {
|
||||
|
||||
var authMode string = os.Getenv("AUTH_MODE")
|
||||
if authMode == "" || auth.Principal == "admin" {
|
||||
if authMode == "" || m.Principal == "admin" {
|
||||
authMode = "db_auth"
|
||||
}
|
||||
beego.Debug("Current AUTH_MODE is ", authMode)
|
||||
|
||||
optAuth := registry[authMode]
|
||||
if optAuth == nil {
|
||||
authenticator, ok := registry[authMode]
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode)
|
||||
}
|
||||
return optAuth.Validate(auth)
|
||||
return authenticator.Authenticate(m)
|
||||
}
|
@ -15,15 +15,15 @@
|
||||
package db
|
||||
|
||||
import (
|
||||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/dao"
|
||||
"github.com/vmware/harbor/models"
|
||||
"github.com/vmware/harbor/opt_auth"
|
||||
)
|
||||
|
||||
type DbAuth struct{}
|
||||
type Auth struct{}
|
||||
|
||||
func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) {
|
||||
u, err := dao.LoginByDb(auth)
|
||||
func (d *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
|
||||
u, err := dao.LoginByDb(m)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -31,5 +31,5 @@ func (d *DbAuth) Validate(auth models.AuthModel) (*models.User, error) {
|
||||
}
|
||||
|
||||
func init() {
|
||||
opt_auth.Register("db_auth", &DbAuth{})
|
||||
auth.Register("db_auth", &Auth{})
|
||||
}
|
@ -21,35 +21,34 @@ import (
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/dao"
|
||||
"github.com/vmware/harbor/models"
|
||||
"github.com/vmware/harbor/opt_auth"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/mqu/openldap"
|
||||
)
|
||||
|
||||
type LdapAuth struct{}
|
||||
type Auth struct{}
|
||||
|
||||
const META_CHARS = "&|!=~*<>()"
|
||||
const metaChars = "&|!=~*<>()"
|
||||
|
||||
func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
|
||||
func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
|
||||
|
||||
ldapUrl := os.Getenv("LDAP_URL")
|
||||
if ldapUrl == "" {
|
||||
ldapURL := os.Getenv("LDAP_URL")
|
||||
if ldapURL == "" {
|
||||
return nil, errors.New("Can not get any available LDAP_URL.")
|
||||
}
|
||||
beego.Debug("ldapUrl:", ldapUrl)
|
||||
beego.Debug("ldapURL:", ldapURL)
|
||||
|
||||
p := auth.Principal
|
||||
for _, c := range META_CHARS {
|
||||
p := m.Principal
|
||||
for _, c := range metaChars {
|
||||
if strings.ContainsRune(p, c) {
|
||||
log.Printf("The principal contains meta char: %q", c)
|
||||
return nil, nil
|
||||
return nil, fmt.Errorf("the principal contains meta char: %q", c)
|
||||
}
|
||||
}
|
||||
|
||||
ldap, err := openldap.Initialize(ldapUrl)
|
||||
ldap, err := openldap.Initialize(ldapURL)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -62,10 +61,10 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
|
||||
return nil, errors.New("Can not get any available LDAP_BASE_DN.")
|
||||
}
|
||||
|
||||
baseDn := fmt.Sprintf(ldapBaseDn, auth.Principal)
|
||||
baseDn := fmt.Sprintf(ldapBaseDn, m.Principal)
|
||||
beego.Debug("baseDn:", baseDn)
|
||||
|
||||
err = ldap.Bind(baseDn, auth.Password)
|
||||
err = ldap.Bind(baseDn, m.Password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -112,15 +111,15 @@ func (l *LdapAuth) Validate(auth models.AuthModel) (*models.User, error) {
|
||||
} else {
|
||||
u.Password = "12345678AbC"
|
||||
u.Comment = "registered from LDAP."
|
||||
userId, err := dao.Register(u)
|
||||
userID, err := dao.Register(u)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
u.UserId = int(userId)
|
||||
u.UserId = int(userID)
|
||||
}
|
||||
return &u, nil
|
||||
}
|
||||
|
||||
func init() {
|
||||
opt_auth.Register("ldap_auth", &LdapAuth{})
|
||||
auth.Register("ldap_auth", &Auth{})
|
||||
}
|
@ -17,8 +17,8 @@ package controllers
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/models"
|
||||
"github.com/vmware/harbor/opt_auth"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
)
|
||||
@ -44,7 +44,7 @@ func (c *CommonController) Login() {
|
||||
principal := c.GetString("principal")
|
||||
password := c.GetString("password")
|
||||
|
||||
user, err := opt_auth.Login(models.AuthModel{principal, password})
|
||||
user, err := auth.Login(models.AuthModel{principal, password})
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in UserLogin:", err)
|
||||
c.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
|
25
main.go
25
main.go
@ -15,14 +15,13 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
_ "github.com/vmware/harbor/auth/db"
|
||||
_ "github.com/vmware/harbor/auth/ldap"
|
||||
"github.com/vmware/harbor/dao"
|
||||
"github.com/vmware/harbor/models"
|
||||
_ "github.com/vmware/harbor/opt_auth/db"
|
||||
_ "github.com/vmware/harbor/opt_auth/ldap"
|
||||
_ "github.com/vmware/harbor/routers"
|
||||
|
||||
"os"
|
||||
@ -31,19 +30,19 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
ADMIN_USER_ID = 1
|
||||
adminUserID = 1
|
||||
)
|
||||
|
||||
func updateInitPassword(userId int, password string) error {
|
||||
queryUser := models.User{UserId: userId}
|
||||
func updateInitPassword(userID int, password string) error {
|
||||
queryUser := models.User{UserId: userID}
|
||||
user, err := dao.GetUser(queryUser)
|
||||
if err != nil {
|
||||
log.Println("Failed to get user, userId:", userId)
|
||||
log.Println("Failed to get user, userID:", userID)
|
||||
return err
|
||||
}
|
||||
if user == nil {
|
||||
log.Printf("User id: %d does not exist.", userId)
|
||||
return errors.New(fmt.Sprintf("User id: %s does not exist.", userId))
|
||||
log.Printf("User id: %d does not exist.", userID)
|
||||
return fmt.Errorf("User id: %s does not exist.", userID)
|
||||
} else if user.Salt == "" {
|
||||
salt, err := dao.GenerateRandomString()
|
||||
if err != nil {
|
||||
@ -54,12 +53,12 @@ func updateInitPassword(userId int, password string) error {
|
||||
user.Password = password
|
||||
err = dao.ChangeUserPassword(*user)
|
||||
if err != nil {
|
||||
log.Printf("Failed to update user encrypted password, userId: %d, err: %v", userId, err)
|
||||
log.Printf("Failed to update user encrypted password, userID: %d, err: %v", userID, err)
|
||||
return err
|
||||
}
|
||||
log.Printf("User id: %d updated its encypted password successfully.", userId)
|
||||
log.Printf("User id: %d updated its encypted password successfully.", userID)
|
||||
} else {
|
||||
log.Printf("User id: %d already has its encrypted password.", userId)
|
||||
log.Printf("User id: %d already has its encrypted password.", userID)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@ -68,6 +67,6 @@ func main() {
|
||||
|
||||
beego.BConfig.WebConfig.Session.SessionOn = true
|
||||
dao.InitDB()
|
||||
updateInitPassword(ADMIN_USER_ID, os.Getenv("HARBOR_ADMIN_PASSWORD"))
|
||||
updateInitPassword(adminUserID, os.Getenv("HARBOR_ADMIN_PASSWORD"))
|
||||
beego.Run()
|
||||
}
|
||||
|
@ -18,8 +18,8 @@ import (
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/models"
|
||||
"github.com/vmware/harbor/opt_auth"
|
||||
svc_utils "github.com/vmware/harbor/service/utils"
|
||||
"github.com/vmware/harbor/utils"
|
||||
|
||||
@ -72,7 +72,7 @@ func (a *AuthController) serveToken(username, service string, access []*token.Re
|
||||
}
|
||||
|
||||
func authenticate(principal, password string) bool {
|
||||
user, err := opt_auth.Login(models.AuthModel{principal, password})
|
||||
user, err := auth.Login(models.AuthModel{principal, password})
|
||||
if err != nil {
|
||||
log.Printf("Error occurred in UserLogin: %v", err)
|
||||
return false
|
||||
|
Loading…
Reference in New Issue
Block a user