Fix notification event filtered because of user agent

Signed-off-by: 陈德 <chende@caicloud.io>
2025-01-11 10:27:58 +01:00 · 2018-09-01 14:55:01 +08:00 · 2018-09-01 14:55:01 +08:00 · 48d2435146
commit 48d2435146
parent 03af3c5936
5 changed files with 63 additions and 5 deletions
--- a/src/common/dao/project.go
+++ b/src/common/dao/project.go
@ -113,6 +113,12 @@ func GetProjectByName(name string) (*models.Project, error) {
 	return &p[0], nil
 }

+// ProjectExistsByName returns whether the project exists according to its name.
+func ProjectExistsByName(name string) bool {
+	o := GetOrmer()
+	return o.QueryTable("project").Filter("name", name).Exist()
+}
+
 // GetTotalOfProjects returns the total count of projects
 // according to the query conditions
 func GetTotalOfProjects(query *models.ProjectQueryParam) (int64, error) {
--- a/src/common/utils/registry/auth/tokenauthorizer.go
+++ b/src/common/utils/registry/auth/tokenauthorizer.go
@ -38,6 +38,17 @@ type tokenGenerator interface {
 	generate(scopes []*token.ResourceActions, endpoint string) (*models.Token, error)
 }

+// UserAgentModifier adds the "User-Agent" header to the request
+type UserAgentModifier struct {
+	UserAgent string
+}
+
+// Modify adds user-agent header to the request
+func (u *UserAgentModifier) Modify(req *http.Request) error {
+	req.Header.Set(http.CanonicalHeaderKey("User-Agent"), u.UserAgent)
+	return nil
+}
+
 // tokenAuthorizer implements registry.Modifier interface. It parses scopses
 // from the request, generates authentication token and modifies the requset
 // by adding the token
--- a/src/core/utils/utils.go
+++ b/src/core/utils/utils.go
@ -32,8 +32,11 @@ func NewRepositoryClientForUI(username, repository string) (*registry.Repository
 		return nil, err
 	}

+	uam := &auth.UserAgentModifier{
+		UserAgent: "harbor-registry-client",
+	}
 	authorizer := auth.NewRawTokenAuthorizer(username, token.Registry)
-	transport := registry.NewTransport(http.DefaultTransport, authorizer)
+	transport := registry.NewTransport(http.DefaultTransport, authorizer, uam)
 	client := &http.Client{
 		Transport: transport,
 	}
--- a/src/ui/api/retag.go
+++ b/src/ui/api/retag.go
@ -17,6 +17,7 @@ package api
 import (
 	"fmt"

+	"github.com/goharbor/harbor/src/common/dao"
 	"github.com/goharbor/harbor/src/common/models"
 	"github.com/goharbor/harbor/src/common/utils/log"
 	"github.com/goharbor/harbor/src/ui/utils"
@ -47,19 +48,31 @@ func (r *RetagAPI) Retag() {
 		return
 	}

+	if !dao.RepositoryExists(fmt.Sprintf("%s/%s", srcImage.Project, srcImage.Repo)) {
+		log.Errorf("source repository '%s/%s' not exist", srcImage.Project, srcImage.Repo)
+		r.HandleNotFound(fmt.Sprintf("repository '%s/%s' not found", srcImage.Project, srcImage.Repo))
+		return
+	}
+
+	if !dao.ProjectExistsByName(destImage.Project) {
+		log.Errorf("destination project '%s' not exist", destImage.Project)
+		r.HandleNotFound(fmt.Sprintf("project '%s' not found", destImage.Project))
+		return
+	}
+
 	if !r.SecurityCtx.HasReadPerm(srcImage.Project) {
 		log.Errorf("user has no read permission to project '%s'", srcImage.Project)
 		r.HandleUnauthorized()
+		return
 	}

 	if !r.SecurityCtx.HasWritePerm(destImage.Project) {
 		log.Errorf("user has no write permission to project '%s'", destImage.Project)
 		r.HandleUnauthorized()
+		return
 	}

 	if err = utils.Retag(srcImage, destImage); err != nil {
 		r.HandleInternalServerError(fmt.Sprintf("%v", err))
 	}
 }
-
-
--- a/src/ui/utils/retag.go
+++ b/src/ui/utils/retag.go
@ -1,11 +1,25 @@
+// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package utils

 import (
 	"fmt"

 	"github.com/goharbor/harbor/src/common/models"
-	"github.com/goharbor/harbor/src/common/utils/registry"
 	"github.com/goharbor/harbor/src/common/utils/log"
+	"github.com/goharbor/harbor/src/common/utils/registry"

 	"github.com/docker/distribution/manifest/schema1"
 	"github.com/docker/distribution/manifest/schema2"
@ -24,6 +38,17 @@ func Retag(srcImage, destImage *models.Image) error {
 		}
 	}

+	_, exist, err := srcClient.ManifestExist(srcImage.Tag)
+	if err != nil {
+		log.Errorf("check existence of manifest '%s:%s' error: %v", srcClient.Name, srcImage.Tag, err)
+		return err
+	}
+
+	if !exist {
+		log.Errorf("source image %s:%s not found", srcClient.Name, srcImage.Tag)
+		return fmt.Errorf("image %s:%s not found", srcClient.Name, srcImage.Tag)
+	}
+
 	accepted := []string{schema1.MediaTypeManifest, schema2.MediaTypeManifest}
 	digest, mediaType, payload, err := srcClient.PullManifest(srcImage.Tag, accepted)
 	if err != nil {
@ -65,4 +90,4 @@ func Retag(srcImage, destImage *models.Image) error {

 func getRepoName(image *models.Image) string {
 	return fmt.Sprintf("%s/%s", image.Project, image.Repo)
-}
+}