From 92aa8ac15b17bbd2c64f39d652cd75d456d6a3a0 Mon Sep 17 00:00:00 2001
From: Wenkai Yin <yinw@vmware.com>
Date: Wed, 3 May 2017 18:48:19 +0800
Subject: [PATCH 1/3] implement PMS based on database

---
 src/ui/pms/db/service.go      |  95 ++++++++++++++++++++++++++++++
 src/ui/pms/db/service_test.go | 106 ++++++++++++++++++++++++++++++++++
 2 files changed, 201 insertions(+)
 create mode 100644 src/ui/pms/db/service_test.go

diff --git a/src/ui/pms/db/service.go b/src/ui/pms/db/service.go
index 0086c5d31..8d1055a06 100644
--- a/src/ui/pms/db/service.go
+++ b/src/ui/pms/db/service.go
@@ -13,3 +13,98 @@
 // limitations under the License.
 
 package db
+
+import (
+	"github.com/vmware/harbor/src/common"
+	"github.com/vmware/harbor/src/common/dao"
+	"github.com/vmware/harbor/src/common/models"
+	"github.com/vmware/harbor/src/common/utils/log"
+)
+
+// PMS implements pms.PMS interface based on database
+type PMS struct{}
+
+// IsPublic returns whether the project is public or not
+func (p *PMS) IsPublic(projectIDOrName interface{}) bool {
+	var project *models.Project
+	var err error
+	switch projectIDOrName.(type) {
+	case string:
+		name := projectIDOrName.(string)
+		project, err = dao.GetProjectByName(name)
+		if err != nil {
+			log.Errorf("failed to get project %s: %v", name, err)
+		}
+	case int64:
+		id := projectIDOrName.(int64)
+		project, err = dao.GetProjectByID(id)
+		if err != nil {
+			log.Errorf("failed to get project %d: %v", id, err)
+		}
+	default:
+		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
+	}
+
+	if project == nil {
+		return false
+	}
+
+	return project.Public == 1
+}
+
+// GetRoles return a role list which contains the user's roles to the project
+func (p *PMS) GetRoles(username string, projectIDOrName interface{}) []int {
+	roles := []int{}
+
+	user, err := dao.GetUser(models.User{
+		Username: username,
+	})
+	if err != nil {
+		log.Errorf("failed to get user %s: %v", username, err)
+		return roles
+	}
+	if user == nil {
+		return roles
+	}
+
+	var projectID int64
+	switch projectIDOrName.(type) {
+	case string:
+		name := projectIDOrName.(string)
+		project, err := dao.GetProjectByName(name)
+		if err != nil {
+			log.Errorf("failed to get project %s: %v", name, err)
+			return roles
+		}
+
+		if project == nil {
+			return roles
+		}
+		projectID = project.ProjectID
+	case int64:
+		projectID = projectIDOrName.(int64)
+	default:
+		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
+		return roles
+	}
+
+	roleList, err := dao.GetUserProjectRoles(user.UserID, projectID)
+	if err != nil {
+		log.Errorf("failed to get roles for user %d to project %d: %v",
+			user.UserID, projectID, err)
+		return roles
+	}
+
+	for _, role := range roleList {
+		switch role.RoleCode {
+		case "MDRWS":
+			roles = append(roles, common.RoleProjectAdmin)
+		case "RWS":
+			roles = append(roles, common.RoleDeveloper)
+		case "RS":
+			roles = append(roles, common.RoleGuest)
+		}
+	}
+
+	return roles
+}
diff --git a/src/ui/pms/db/service_test.go b/src/ui/pms/db/service_test.go
new file mode 100644
index 000000000..37ce2d9f8
--- /dev/null
+++ b/src/ui/pms/db/service_test.go
@@ -0,0 +1,106 @@
+// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package db
+
+import (
+	"os"
+	"strconv"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/vmware/harbor/src/common"
+	"github.com/vmware/harbor/src/common/dao"
+	"github.com/vmware/harbor/src/common/models"
+	"github.com/vmware/harbor/src/common/utils/log"
+)
+
+func TestMain(m *testing.M) {
+	dbHost := os.Getenv("MYSQL_HOST")
+	if len(dbHost) == 0 {
+		log.Fatalf("environment variable MYSQL_HOST is not set")
+	}
+	dbPortStr := os.Getenv("MYSQL_PORT")
+	if len(dbPortStr) == 0 {
+		log.Fatalf("environment variable MYSQL_PORT is not set")
+	}
+	dbPort, err := strconv.Atoi(dbPortStr)
+	if err != nil {
+		log.Fatalf("invalid MYSQL_PORT: %v", err)
+	}
+	dbUser := os.Getenv("MYSQL_USR")
+	if len(dbUser) == 0 {
+		log.Fatalf("environment variable MYSQL_USR is not set")
+	}
+
+	dbPassword := os.Getenv("MYSQL_PWD")
+	dbDatabase := os.Getenv("MYSQL_DATABASE")
+	if len(dbDatabase) == 0 {
+		log.Fatalf("environment variable MYSQL_DATABASE is not set")
+	}
+
+	database := &models.Database{
+		Type: "mysql",
+		MySQL: &models.MySQL{
+			Host:     dbHost,
+			Port:     dbPort,
+			Username: dbUser,
+			Password: dbPassword,
+			Database: dbDatabase,
+		},
+	}
+
+	log.Infof("MYSQL_HOST: %s, MYSQL_USR: %s, MYSQL_PORT: %d, MYSQL_PWD: %s\n", dbHost, dbUser, dbPort, dbPassword)
+
+	if err := dao.InitDatabase(database); err != nil {
+		log.Fatalf("failed to initialize database: %v", err)
+	}
+
+	os.Exit(m.Run())
+}
+
+func TestIsPublic(t *testing.T) {
+	pms := &PMS{}
+	// project name
+	assert.True(t, pms.IsPublic("library"))
+	// project ID
+	assert.True(t, pms.IsPublic(int64(1)))
+	// non exist project
+	assert.False(t, pms.IsPublic("non_exist_project"))
+	// invalid type
+	assert.False(t, pms.IsPublic(1))
+}
+
+func TestGetRoles(t *testing.T) {
+	pms := &PMS{}
+
+	// non exist user
+	assert.Equal(t, []int{},
+		pms.GetRoles("non_exist_user", int64(1)))
+
+	// project ID
+	assert.Equal(t, []int{common.RoleProjectAdmin},
+		pms.GetRoles("admin", int64(1)))
+
+	// project name
+	assert.Equal(t, []int{common.RoleProjectAdmin},
+		pms.GetRoles("admin", "library"))
+
+	// non exist project
+	assert.Equal(t, []int{},
+		pms.GetRoles("admin", "non_exist_project"))
+
+	// invalid type
+	assert.Equal(t, []int{}, pms.GetRoles("admin", 1))
+}

From 359108625951df0277ed7bc527bdd7c8560d648d Mon Sep 17 00:00:00 2001
From: Wenkai Yin <yinw@vmware.com>
Date: Thu, 4 May 2017 12:27:14 +0800
Subject: [PATCH 2/3] update

---
 src/common/security/rbac/context.go      |  16 ++--
 src/common/security/rbac/context_test.go |  40 ++++-----
 src/ui/pm/db/pm.go                       | 110 +++++++++++++++++++++++
 src/ui/pm/db/pm_test.go                  | 106 ++++++++++++++++++++++
 src/ui/pm/pm.go                          |  22 +++++
 5 files changed, 266 insertions(+), 28 deletions(-)
 create mode 100644 src/ui/pm/db/pm.go
 create mode 100644 src/ui/pm/db/pm_test.go
 create mode 100644 src/ui/pm/pm.go

diff --git a/src/common/security/rbac/context.go b/src/common/security/rbac/context.go
index f72e6452d..eccf02d28 100644
--- a/src/common/security/rbac/context.go
+++ b/src/common/security/rbac/context.go
@@ -17,20 +17,20 @@ package rbac
 import (
 	"github.com/vmware/harbor/src/common"
 	"github.com/vmware/harbor/src/common/models"
-	"github.com/vmware/harbor/src/ui/pms"
+	"github.com/vmware/harbor/src/ui/pm"
 )
 
 // SecurityContext implements security.Context interface based on database
 type SecurityContext struct {
 	user *models.User
-	pms  pms.PMS
+	pm   pm.PM
 }
 
 // NewSecurityContext ...
-func NewSecurityContext(user *models.User, pms pms.PMS) *SecurityContext {
+func NewSecurityContext(user *models.User, pm pm.PM) *SecurityContext {
 	return &SecurityContext{
 		user: user,
-		pms:  pms,
+		pm:   pm,
 	}
 }
 
@@ -60,7 +60,7 @@ func (s *SecurityContext) IsSysAdmin() bool {
 // HasReadPerm returns whether the user has read permission to the project
 func (s *SecurityContext) HasReadPerm(projectIDOrName interface{}) bool {
 	// public project
-	if s.pms.IsPublic(projectIDOrName) {
+	if s.pm.IsPublic(projectIDOrName) {
 		return true
 	}
 
@@ -74,7 +74,7 @@ func (s *SecurityContext) HasReadPerm(projectIDOrName interface{}) bool {
 		return true
 	}
 
-	roles := s.pms.GetRoles(s.GetUsername(), projectIDOrName)
+	roles := s.pm.GetRoles(s.GetUsername(), projectIDOrName)
 	for _, role := range roles {
 		switch role {
 		case common.RoleProjectAdmin,
@@ -98,7 +98,7 @@ func (s *SecurityContext) HasWritePerm(projectIDOrName interface{}) bool {
 		return true
 	}
 
-	roles := s.pms.GetRoles(s.GetUsername(), projectIDOrName)
+	roles := s.pm.GetRoles(s.GetUsername(), projectIDOrName)
 	for _, role := range roles {
 		switch role {
 		case common.RoleProjectAdmin,
@@ -120,7 +120,7 @@ func (s *SecurityContext) HasAllPerm(projectIDOrName interface{}) bool {
 		return true
 	}
 
-	roles := s.pms.GetRoles(s.GetUsername(), projectIDOrName)
+	roles := s.pm.GetRoles(s.GetUsername(), projectIDOrName)
 	for _, role := range roles {
 		switch role {
 		case common.RoleProjectAdmin:
diff --git a/src/common/security/rbac/context_test.go b/src/common/security/rbac/context_test.go
index 52aabd39e..ef297c1be 100644
--- a/src/common/security/rbac/context_test.go
+++ b/src/common/security/rbac/context_test.go
@@ -22,15 +22,15 @@ import (
 	"github.com/vmware/harbor/src/common/models"
 )
 
-type fakePMS struct {
+type fakePM struct {
 	public string
 	roles  map[string][]int
 }
 
-func (f *fakePMS) IsPublic(projectIDOrName interface{}) bool {
+func (f *fakePM) IsPublic(projectIDOrName interface{}) bool {
 	return f.public == projectIDOrName.(string)
 }
-func (f *fakePMS) GetRoles(username string, projectIDOrName interface{}) []int {
+func (f *fakePM) GetRoles(username string, projectIDOrName interface{}) []int {
 	return f.roles[projectIDOrName.(string)]
 }
 
@@ -78,7 +78,7 @@ func TestIsSysAdmin(t *testing.T) {
 }
 
 func TestHasReadPerm(t *testing.T) {
-	pms := &fakePMS{
+	pm := &fakePM{
 		public: "public_project",
 		roles: map[string][]int{
 			"has_read_perm_project": []int{common.RoleGuest},
@@ -86,35 +86,35 @@ func TestHasReadPerm(t *testing.T) {
 	}
 
 	// public project, unauthenticated
-	ctx := NewSecurityContext(nil, pms)
+	ctx := NewSecurityContext(nil, pm)
 	assert.True(t, ctx.HasReadPerm("public_project"))
 
 	// private project, unauthenticated
-	ctx = NewSecurityContext(nil, pms)
+	ctx = NewSecurityContext(nil, pm)
 	assert.False(t, ctx.HasReadPerm("has_read_perm_project"))
 
 	// private project, authenticated, has no perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.False(t, ctx.HasReadPerm("has_no_perm_project"))
 
 	// private project, authenticated, has read perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasReadPerm("has_read_perm_project"))
 
 	// private project, authenticated, system admin
 	ctx = NewSecurityContext(&models.User{
 		Username:     "test",
 		HasAdminRole: 1,
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasReadPerm("has_no_perm_project"))
 }
 
 func TestHasWritePerm(t *testing.T) {
-	pms := &fakePMS{
+	pm := &fakePM{
 		roles: map[string][]int{
 			"has_read_perm_project":  []int{common.RoleGuest},
 			"has_write_perm_project": []int{common.RoleGuest, common.RoleDeveloper},
@@ -122,31 +122,31 @@ func TestHasWritePerm(t *testing.T) {
 	}
 
 	// unauthenticated
-	ctx := NewSecurityContext(nil, pms)
+	ctx := NewSecurityContext(nil, pm)
 	assert.False(t, ctx.HasWritePerm("has_write_perm_project"))
 
 	// authenticated, has read perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.False(t, ctx.HasWritePerm("has_read_perm_project")) // authenticated, has read perm
 
 	// authenticated, has write perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasWritePerm("has_write_perm_project"))
 
 	// authenticated, system admin
 	ctx = NewSecurityContext(&models.User{
 		Username:     "test",
 		HasAdminRole: 1,
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasReadPerm("has_no_perm_project"))
 }
 
 func TestHasAllPerm(t *testing.T) {
-	pms := &fakePMS{
+	pm := &fakePM{
 		roles: map[string][]int{
 			"has_read_perm_project":  []int{common.RoleGuest},
 			"has_write_perm_project": []int{common.RoleGuest, common.RoleDeveloper},
@@ -155,31 +155,31 @@ func TestHasAllPerm(t *testing.T) {
 	}
 
 	// unauthenticated
-	ctx := NewSecurityContext(nil, pms)
+	ctx := NewSecurityContext(nil, pm)
 	assert.False(t, ctx.HasAllPerm("has_all_perm_project"))
 
 	// authenticated, has read perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.False(t, ctx.HasAllPerm("has_read_perm_project"))
 
 	// authenticated, has write perm
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.False(t, ctx.HasAllPerm("has_write_perm_project"))
 
 	// authenticated, has all perms
 	ctx = NewSecurityContext(&models.User{
 		Username: "test",
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasAllPerm("has_all_perm_project"))
 
 	// authenticated, system admin
 	ctx = NewSecurityContext(&models.User{
 		Username:     "test",
 		HasAdminRole: 1,
-	}, pms)
+	}, pm)
 	assert.True(t, ctx.HasReadPerm("has_no_perm_project"))
 }
diff --git a/src/ui/pm/db/pm.go b/src/ui/pm/db/pm.go
new file mode 100644
index 000000000..cabe127ff
--- /dev/null
+++ b/src/ui/pm/db/pm.go
@@ -0,0 +1,110 @@
+// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package db
+
+import (
+	"github.com/vmware/harbor/src/common"
+	"github.com/vmware/harbor/src/common/dao"
+	"github.com/vmware/harbor/src/common/models"
+	"github.com/vmware/harbor/src/common/utils/log"
+)
+
+// PM implements pm.PM interface based on database
+type PM struct{}
+
+// IsPublic returns whether the project is public or not
+func (p *PM) IsPublic(projectIDOrName interface{}) bool {
+	var project *models.Project
+	var err error
+	switch projectIDOrName.(type) {
+	case string:
+		name := projectIDOrName.(string)
+		project, err = dao.GetProjectByName(name)
+		if err != nil {
+			log.Errorf("failed to get project %s: %v", name, err)
+		}
+	case int64:
+		id := projectIDOrName.(int64)
+		project, err = dao.GetProjectByID(id)
+		if err != nil {
+			log.Errorf("failed to get project %d: %v", id, err)
+		}
+	default:
+		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
+	}
+
+	if project == nil {
+		return false
+	}
+
+	return project.Public == 1
+}
+
+// GetRoles return a role list which contains the user's roles to the project
+func (p *PM) GetRoles(username string, projectIDOrName interface{}) []int {
+	roles := []int{}
+
+	user, err := dao.GetUser(models.User{
+		Username: username,
+	})
+	if err != nil {
+		log.Errorf("failed to get user %s: %v", username, err)
+		return roles
+	}
+	if user == nil {
+		return roles
+	}
+
+	var projectID int64
+	switch projectIDOrName.(type) {
+	case string:
+		name := projectIDOrName.(string)
+		project, err := dao.GetProjectByName(name)
+		if err != nil {
+			log.Errorf("failed to get project %s: %v", name, err)
+			return roles
+		}
+
+		if project == nil {
+			return roles
+		}
+		projectID = project.ProjectID
+	case int64:
+		projectID = projectIDOrName.(int64)
+	default:
+		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
+		return roles
+	}
+
+	roleList, err := dao.GetUserProjectRoles(user.UserID, projectID)
+	if err != nil {
+		log.Errorf("failed to get roles for user %d to project %d: %v",
+			user.UserID, projectID, err)
+		return roles
+	}
+
+	for _, role := range roleList {
+		switch role.RoleCode {
+		case "MDRWS":
+			roles = append(roles, common.RoleProjectAdmin)
+		case "RWS":
+			roles = append(roles, common.RoleDeveloper)
+		case "RS":
+			roles = append(roles, common.RoleGuest)
+		}
+	}
+
+	return roles
+}
diff --git a/src/ui/pm/db/pm_test.go b/src/ui/pm/db/pm_test.go
new file mode 100644
index 000000000..a106686c9
--- /dev/null
+++ b/src/ui/pm/db/pm_test.go
@@ -0,0 +1,106 @@
+// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package db
+
+import (
+	"os"
+	"strconv"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/vmware/harbor/src/common"
+	"github.com/vmware/harbor/src/common/dao"
+	"github.com/vmware/harbor/src/common/models"
+	"github.com/vmware/harbor/src/common/utils/log"
+)
+
+func TestMain(m *testing.M) {
+	dbHost := os.Getenv("MYSQL_HOST")
+	if len(dbHost) == 0 {
+		log.Fatalf("environment variable MYSQL_HOST is not set")
+	}
+	dbPortStr := os.Getenv("MYSQL_PORT")
+	if len(dbPortStr) == 0 {
+		log.Fatalf("environment variable MYSQL_PORT is not set")
+	}
+	dbPort, err := strconv.Atoi(dbPortStr)
+	if err != nil {
+		log.Fatalf("invalid MYSQL_PORT: %v", err)
+	}
+	dbUser := os.Getenv("MYSQL_USR")
+	if len(dbUser) == 0 {
+		log.Fatalf("environment variable MYSQL_USR is not set")
+	}
+
+	dbPassword := os.Getenv("MYSQL_PWD")
+	dbDatabase := os.Getenv("MYSQL_DATABASE")
+	if len(dbDatabase) == 0 {
+		log.Fatalf("environment variable MYSQL_DATABASE is not set")
+	}
+
+	database := &models.Database{
+		Type: "mysql",
+		MySQL: &models.MySQL{
+			Host:     dbHost,
+			Port:     dbPort,
+			Username: dbUser,
+			Password: dbPassword,
+			Database: dbDatabase,
+		},
+	}
+
+	log.Infof("MYSQL_HOST: %s, MYSQL_USR: %s, MYSQL_PORT: %d, MYSQL_PWD: %s\n", dbHost, dbUser, dbPort, dbPassword)
+
+	if err := dao.InitDatabase(database); err != nil {
+		log.Fatalf("failed to initialize database: %v", err)
+	}
+
+	os.Exit(m.Run())
+}
+
+func TestIsPublic(t *testing.T) {
+	pms := &PM{}
+	// project name
+	assert.True(t, pms.IsPublic("library"))
+	// project ID
+	assert.True(t, pms.IsPublic(int64(1)))
+	// non exist project
+	assert.False(t, pms.IsPublic("non_exist_project"))
+	// invalid type
+	assert.False(t, pms.IsPublic(1))
+}
+
+func TestGetRoles(t *testing.T) {
+	pm := &PM{}
+
+	// non exist user
+	assert.Equal(t, []int{},
+		pm.GetRoles("non_exist_user", int64(1)))
+
+	// project ID
+	assert.Equal(t, []int{common.RoleProjectAdmin},
+		pm.GetRoles("admin", int64(1)))
+
+	// project name
+	assert.Equal(t, []int{common.RoleProjectAdmin},
+		pm.GetRoles("admin", "library"))
+
+	// non exist project
+	assert.Equal(t, []int{},
+		pm.GetRoles("admin", "non_exist_project"))
+
+	// invalid type
+	assert.Equal(t, []int{}, pm.GetRoles("admin", 1))
+}
diff --git a/src/ui/pm/pm.go b/src/ui/pm/pm.go
new file mode 100644
index 000000000..8a42fe9f0
--- /dev/null
+++ b/src/ui/pm/pm.go
@@ -0,0 +1,22 @@
+// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package pm
+
+// PM is the project mamager which abstracts the operations related
+// to projects
+type PM interface {
+	IsPublic(projectIDOrName interface{}) bool
+	GetRoles(username string, projectIDOrName interface{}) []int
+}

From b4c172b7545b57ceda35a494516dd68c1cb5afeb Mon Sep 17 00:00:00 2001
From: Wenkai Yin <yinw@vmware.com>
Date: Thu, 4 May 2017 12:28:00 +0800
Subject: [PATCH 3/3] update

---
 src/ui/pms/db/service.go      | 110 ----------------------------------
 src/ui/pms/db/service_test.go | 106 --------------------------------
 src/ui/pms/service.go         |  22 -------
 3 files changed, 238 deletions(-)
 delete mode 100644 src/ui/pms/db/service.go
 delete mode 100644 src/ui/pms/db/service_test.go
 delete mode 100644 src/ui/pms/service.go

diff --git a/src/ui/pms/db/service.go b/src/ui/pms/db/service.go
deleted file mode 100644
index 8d1055a06..000000000
--- a/src/ui/pms/db/service.go
+++ /dev/null
@@ -1,110 +0,0 @@
-// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//    http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package db
-
-import (
-	"github.com/vmware/harbor/src/common"
-	"github.com/vmware/harbor/src/common/dao"
-	"github.com/vmware/harbor/src/common/models"
-	"github.com/vmware/harbor/src/common/utils/log"
-)
-
-// PMS implements pms.PMS interface based on database
-type PMS struct{}
-
-// IsPublic returns whether the project is public or not
-func (p *PMS) IsPublic(projectIDOrName interface{}) bool {
-	var project *models.Project
-	var err error
-	switch projectIDOrName.(type) {
-	case string:
-		name := projectIDOrName.(string)
-		project, err = dao.GetProjectByName(name)
-		if err != nil {
-			log.Errorf("failed to get project %s: %v", name, err)
-		}
-	case int64:
-		id := projectIDOrName.(int64)
-		project, err = dao.GetProjectByID(id)
-		if err != nil {
-			log.Errorf("failed to get project %d: %v", id, err)
-		}
-	default:
-		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
-	}
-
-	if project == nil {
-		return false
-	}
-
-	return project.Public == 1
-}
-
-// GetRoles return a role list which contains the user's roles to the project
-func (p *PMS) GetRoles(username string, projectIDOrName interface{}) []int {
-	roles := []int{}
-
-	user, err := dao.GetUser(models.User{
-		Username: username,
-	})
-	if err != nil {
-		log.Errorf("failed to get user %s: %v", username, err)
-		return roles
-	}
-	if user == nil {
-		return roles
-	}
-
-	var projectID int64
-	switch projectIDOrName.(type) {
-	case string:
-		name := projectIDOrName.(string)
-		project, err := dao.GetProjectByName(name)
-		if err != nil {
-			log.Errorf("failed to get project %s: %v", name, err)
-			return roles
-		}
-
-		if project == nil {
-			return roles
-		}
-		projectID = project.ProjectID
-	case int64:
-		projectID = projectIDOrName.(int64)
-	default:
-		log.Errorf("unsupported type of %v, must be string or int64", projectIDOrName)
-		return roles
-	}
-
-	roleList, err := dao.GetUserProjectRoles(user.UserID, projectID)
-	if err != nil {
-		log.Errorf("failed to get roles for user %d to project %d: %v",
-			user.UserID, projectID, err)
-		return roles
-	}
-
-	for _, role := range roleList {
-		switch role.RoleCode {
-		case "MDRWS":
-			roles = append(roles, common.RoleProjectAdmin)
-		case "RWS":
-			roles = append(roles, common.RoleDeveloper)
-		case "RS":
-			roles = append(roles, common.RoleGuest)
-		}
-	}
-
-	return roles
-}
diff --git a/src/ui/pms/db/service_test.go b/src/ui/pms/db/service_test.go
deleted file mode 100644
index 37ce2d9f8..000000000
--- a/src/ui/pms/db/service_test.go
+++ /dev/null
@@ -1,106 +0,0 @@
-// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//    http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package db
-
-import (
-	"os"
-	"strconv"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/vmware/harbor/src/common"
-	"github.com/vmware/harbor/src/common/dao"
-	"github.com/vmware/harbor/src/common/models"
-	"github.com/vmware/harbor/src/common/utils/log"
-)
-
-func TestMain(m *testing.M) {
-	dbHost := os.Getenv("MYSQL_HOST")
-	if len(dbHost) == 0 {
-		log.Fatalf("environment variable MYSQL_HOST is not set")
-	}
-	dbPortStr := os.Getenv("MYSQL_PORT")
-	if len(dbPortStr) == 0 {
-		log.Fatalf("environment variable MYSQL_PORT is not set")
-	}
-	dbPort, err := strconv.Atoi(dbPortStr)
-	if err != nil {
-		log.Fatalf("invalid MYSQL_PORT: %v", err)
-	}
-	dbUser := os.Getenv("MYSQL_USR")
-	if len(dbUser) == 0 {
-		log.Fatalf("environment variable MYSQL_USR is not set")
-	}
-
-	dbPassword := os.Getenv("MYSQL_PWD")
-	dbDatabase := os.Getenv("MYSQL_DATABASE")
-	if len(dbDatabase) == 0 {
-		log.Fatalf("environment variable MYSQL_DATABASE is not set")
-	}
-
-	database := &models.Database{
-		Type: "mysql",
-		MySQL: &models.MySQL{
-			Host:     dbHost,
-			Port:     dbPort,
-			Username: dbUser,
-			Password: dbPassword,
-			Database: dbDatabase,
-		},
-	}
-
-	log.Infof("MYSQL_HOST: %s, MYSQL_USR: %s, MYSQL_PORT: %d, MYSQL_PWD: %s\n", dbHost, dbUser, dbPort, dbPassword)
-
-	if err := dao.InitDatabase(database); err != nil {
-		log.Fatalf("failed to initialize database: %v", err)
-	}
-
-	os.Exit(m.Run())
-}
-
-func TestIsPublic(t *testing.T) {
-	pms := &PMS{}
-	// project name
-	assert.True(t, pms.IsPublic("library"))
-	// project ID
-	assert.True(t, pms.IsPublic(int64(1)))
-	// non exist project
-	assert.False(t, pms.IsPublic("non_exist_project"))
-	// invalid type
-	assert.False(t, pms.IsPublic(1))
-}
-
-func TestGetRoles(t *testing.T) {
-	pms := &PMS{}
-
-	// non exist user
-	assert.Equal(t, []int{},
-		pms.GetRoles("non_exist_user", int64(1)))
-
-	// project ID
-	assert.Equal(t, []int{common.RoleProjectAdmin},
-		pms.GetRoles("admin", int64(1)))
-
-	// project name
-	assert.Equal(t, []int{common.RoleProjectAdmin},
-		pms.GetRoles("admin", "library"))
-
-	// non exist project
-	assert.Equal(t, []int{},
-		pms.GetRoles("admin", "non_exist_project"))
-
-	// invalid type
-	assert.Equal(t, []int{}, pms.GetRoles("admin", 1))
-}
diff --git a/src/ui/pms/service.go b/src/ui/pms/service.go
deleted file mode 100644
index 8ab949af7..000000000
--- a/src/ui/pms/service.go
+++ /dev/null
@@ -1,22 +0,0 @@
-// Copyright (c) 2017 VMware, Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//    http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package pms
-
-// PMS is the project mamagement service which abstracts
-// the operations related to projects
-type PMS interface {
-	IsPublic(projectIDOrName interface{}) bool
-	GetRoles(username string, projectIDOrName interface{}) []int
-}