diff --git a/docs/swagger.yaml b/docs/swagger.yaml index f2a002a52..907bca5a1 100644 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -513,7 +513,7 @@ paths: '403': description: User in session does not have permission to the project. '404': - description: Project does not exist. + description: Project does not exist, or the username does not found, or the user group does not found. '500': description: Unexpected internal errors. '/projects/{project_id}/members/{mid}': diff --git a/src/ui/api/projectmember.go b/src/ui/api/projectmember.go index 102ce2811..19000c808 100644 --- a/src/ui/api/projectmember.go +++ b/src/ui/api/projectmember.go @@ -122,6 +122,10 @@ func (pma *ProjectMemberAPI) Post() { var request models.MemberReq pma.DecodeJSONReq(&request) pmid, err := AddOrUpdateProjectMember(projectID, request) + if err == auth.ErrorGroupNotExist || err == auth.ErrorUserNotExist { + pma.HandleNotFound(fmt.Sprintf("Failed to add project member, error: %v", err)) + return + } if err != nil { pma.HandleInternalServerError(fmt.Sprintf("Failed to add project member, error: %v", err)) return diff --git a/src/ui/api/projectmember_test.go b/src/ui/api/projectmember_test.go index 49b15e2b1..93d782d65 100644 --- a/src/ui/api/projectmember_test.go +++ b/src/ui/api/projectmember_test.go @@ -114,6 +114,20 @@ func TestProjectMemberAPI_Post(t *testing.T) { }, code: http.StatusCreated, }, + &codeCheckingCase{ + request: &testingRequest{ + method: http.MethodPost, + url: "/api/projects/1/members", + bodyJSON: &models.MemberReq{ + Role: 1, + MemberUser: models.User{ + Username: "notexistuser", + }, + }, + credential: admin, + }, + code: http.StatusNotFound, + }, &codeCheckingCase{ request: &testingRequest{ method: http.MethodPost, diff --git a/src/ui/auth/authenticator.go b/src/ui/auth/authenticator.go index 9ac7e8853..3cfb75e29 100644 --- a/src/ui/auth/authenticator.go +++ b/src/ui/auth/authenticator.go @@ -31,6 +31,12 @@ const frozenTime time.Duration = 1500 * time.Millisecond var lock = NewUserLock(frozenTime) +// ErrorUserNotExist ... +var ErrorUserNotExist = errors.New("User does not exist") + +// ErrorGroupNotExist ... +var ErrorGroupNotExist = errors.New("Group does not exist") + //ErrAuth is the type of error to indicate a failed authentication due to user's error. type ErrAuth struct { details string @@ -200,6 +206,9 @@ func SearchGroup(groupKey string) (*models.UserGroup, error) { // SearchAndOnBoardUser ... Search user and OnBoard user, if user exist, return the ID of current user. func SearchAndOnBoardUser(username string) (int, error) { user, err := SearchUser(username) + if user == nil { + return 0, ErrorUserNotExist + } if err != nil { return 0, err } @@ -215,6 +224,9 @@ func SearchAndOnBoardUser(username string) (int, error) { // SearchAndOnBoardGroup ... if altGroupName is not empty, take the altGroupName as groupName in harbor DB func SearchAndOnBoardGroup(groupKey, altGroupName string) (int, error) { userGroup, err := SearchGroup(groupKey) + if userGroup == nil { + return 0, ErrorGroupNotExist + } if err != nil { return 0, err }