Merge pull request #328 from ywk253100/sync_image

Sync image
2024-06-29 00:05:09 +02:00 · 2016-06-13 14:40:25 +08:00 · 2016-06-13 14:40:25 +08:00 · 784947a787
commit 784947a787
parent a7845df552 cf7ee9a327
4 changed files with 72 additions and 29 deletions
--- a/api/target.go
+++ b/api/target.go
@ -121,22 +121,6 @@ func (t *TargetAPI) Ping() {
 // Get ...
 func (t *TargetAPI) Get() {
 	id := t.getIDFromURL()
-	// list targets
-	if id == 0 {
-		targets, err := dao.GetAllRepTargets()
-		if err != nil {
-			log.Errorf("failed to get all targets: %v", err)
-			t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
-		}
-
-		for _, target := range targets {
-			target.Password = ""
-		}
-
-		t.Data["json"] = targets
-		t.ServeJSON()
-		return
-	}

 	target, err := dao.GetRepTarget(id)
 	if err != nil {
@ -148,6 +132,9 @@ func (t *TargetAPI) Get() {
 		t.CustomAbort(http.StatusNotFound, http.StatusText(http.StatusNotFound))
 	}

+	// The reason why the password is returned is that when user just wants to
+	// modify other fields of target he does not need to input the password again.
+	// The security issue can be fixed by enable https.
 	if len(target.Password) != 0 {
 		pwd, err := utils.ReversibleDecrypt(target.Password)
 		if err != nil {
@ -161,6 +148,33 @@ func (t *TargetAPI) Get() {
 	t.ServeJSON()
 }

+// List ...
+func (t *TargetAPI) List() {
+	name := t.GetString("name")
+	targets, err := dao.FilterRepTargets(name)
+	if err != nil {
+		log.Errorf("failed to filter targets %s: %v", name, err)
+		t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
+	}
+
+	for _, target := range targets {
+		if len(target.Password) == 0 {
+			continue
+		}
+
+		str, err := utils.ReversibleDecrypt(target.Password)
+		if err != nil {
+			log.Errorf("failed to decrypt password: %v", err)
+			t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
+		}
+		target.Password = str
+	}
+
+	t.Data["json"] = targets
+	t.ServeJSON()
+	return
+}
+
 // Post ...
 func (t *TargetAPI) Post() {
 	target := &models.RepTarget{}
@ -192,12 +206,6 @@ func (t *TargetAPI) Post() {
 // Put ...
 func (t *TargetAPI) Put() {
 	id := t.getIDFromURL()
-	if id == 0 {
-		t.CustomAbort(http.StatusBadRequest, "id can not be empty or 0")
-	}
-
-	target := &models.RepTarget{}
-	t.DecodeJSONReqAndValidate(target)

 	originTarget, err := dao.GetRepTarget(id)
 	if err != nil {
@ -205,6 +213,13 @@ func (t *TargetAPI) Put() {
 		t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
 	}

+	if originTarget == nil {
+		t.CustomAbort(http.StatusNotFound, http.StatusText(http.StatusNotFound))
+	}
+
+	target := &models.RepTarget{}
+	t.DecodeJSONReqAndValidate(target)
+
 	if target.Name != originTarget.Name {
 		ta, err := dao.GetRepTargetByName(target.Name)
 		if err != nil {
@ -232,9 +247,6 @@ func (t *TargetAPI) Put() {
 // Delete ...
 func (t *TargetAPI) Delete() {
 	id := t.getIDFromURL()
-	if id == 0 {
-		t.CustomAbort(http.StatusBadRequest, http.StatusText(http.StatusBadRequest))
-	}

 	target, err := dao.GetRepTarget(id)
 	if err != nil {
@ -255,12 +267,12 @@ func (t *TargetAPI) Delete() {
 func (t *TargetAPI) getIDFromURL() int64 {
 	idStr := t.Ctx.Input.Param(":id")
 	if len(idStr) == 0 {
-		return 0
+		t.CustomAbort(http.StatusBadRequest, "invalid target ID")
 	}

 	id, err := strconv.ParseInt(idStr, 10, 64)
-	if err != nil {
-		t.CustomAbort(http.StatusBadRequest, "invalid ID in request URL")
+	if err != nil || id <= 0 {
+		t.CustomAbort(http.StatusBadRequest, "invalid target ID")
 	}

 	return id
--- a/dao/dao_test.go
+++ b/dao/dao_test.go
@ -764,6 +764,7 @@ var targetID, policyID, policyID2, policyID3, jobID, jobID2, jobID3 int64

 func TestAddRepTarget(t *testing.T) {
 	target := models.RepTarget{
+		Name:     "test",
 		URL:      "127.0.0.1:5000",
 		Username: "admin",
 		Password: "admin",
@ -871,6 +872,17 @@ func TestGetAllRepTargets(t *testing.T) {
 	}
 }

+func TestFilterRepTargets(t *testing.T) {
+	targets, err := FilterRepTargets("test")
+	if err != nil {
+		t.Fatalf("failed to get all targets: %v", err)
+	}
+
+	if len(targets) == 0 {
+		t.Errorf("unexpected num of targets: %d, expected: %d", len(targets), 1)
+	}
+}
+
 func TestAddRepPolicy(t *testing.T) {
 	policy := models.RepPolicy{
 		ProjectID:   1,
--- a/dao/replication_job.go
+++ b/dao/replication_job.go
@ -54,12 +54,30 @@ func UpdateRepTarget(target models.RepTarget) error {
 // GetAllRepTargets ...
 func GetAllRepTargets() ([]*models.RepTarget, error) {
 	o := GetOrmer()
+
 	qs := o.QueryTable(&models.RepTarget{})
 	var targets []*models.RepTarget
 	_, err := qs.All(&targets)
 	return targets, err
 }

+// FilterRepTargets filters targets by name
+func FilterRepTargets(name string) ([]*models.RepTarget, error) {
+	if len(name) == 0 {
+		return GetAllRepTargets()
+	}
+
+	o := GetOrmer()
+	var targets []*models.RepTarget
+
+	sql := "select * from replication_target where name like ?"
+	if _, err := o.Raw(sql, "%"+name+"%").QueryRows(&targets); err != nil {
+		return nil, err
+	}
+
+	return targets, nil
+}
+
 // AddRepPolicy ...
 func AddRepPolicy(policy models.RepPolicy) (int64, error) {
 	o := GetOrmer()
--- a/ui/router.go
+++ b/ui/router.go
@ -67,7 +67,8 @@ func initRouters() {
 	beego.Router("/api/jobs/replication/:id([0-9]+)/log", &api.RepJobAPI{}, "get:GetLog")
 	beego.Router("/api/policies/replication", &api.RepPolicyAPI{})
 	beego.Router("/api/policies/replication/:id([0-9]+)/enablement", &api.RepPolicyAPI{}, "put:UpdateEnablement")
-	beego.Router("/api/targets/?:id([0-9]+)", &api.TargetAPI{})
+	beego.Router("/api/targets/", &api.TargetAPI{}, "get:List")
+	beego.Router("/api/targets/:id([0-9]+)", &api.TargetAPI{})
 	beego.Router("/api/targets/ping", &api.TargetAPI{}, "post:Ping")
 	beego.Router("/api/users/:id/sysadmin", &api.UserAPI{}, "put:ToggleUserAdminRole")
 	beego.Router("/api/repositories/top", &api.RepositoryAPI{}, "get:GetTopRepos")