Merge pull request #13313 from AllForNothing/oidc

[UI]Add admin group support to OIDC auth mode
This commit is contained in:
Daniel Jiang 2020-10-21 11:10:28 +08:00 committed by GitHub
commit 7c57e984a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 36 additions and 8 deletions

View File

@ -360,7 +360,19 @@
[(ngModel)]="currentConfig.oidc_groups_claim.value" id="oidcGroupClaim" size="40" [(ngModel)]="currentConfig.oidc_groups_claim.value" id="oidcGroupClaim" size="40"
[disabled]="disabled(currentConfig.oidc_groups_claim)" /> [disabled]="disabled(currentConfig.oidc_groups_claim)" />
</clr-input-container> </clr-input-container>
<clr-input-container>
<label for="OIDCAdminGroup">{{'CONFIG.OIDC.OIDC_ADMIN_GROUP' | translate}}
<clr-tooltip>
<clr-icon clrTooltipTrigger shape="info-circle" size="24"></clr-icon>
<clr-tooltip-content clrPosition="top-right" clrSize="lg" *clrIfOpen>
<span>{{'CONFIG.OIDC.OIDC_ADMIN_GROUP_INFO' | translate}}</span>
</clr-tooltip-content>
</clr-tooltip>
</label>
<input clrInput name="OIDCAdminGroup" type="text" #ngOIDCAdminGroup="ngModel"
[(ngModel)]="currentConfig.oidc_admin_group.value" id="OIDCAdminGroup" size="40"
[disabled]="disabled(currentConfig.oidc_admin_group)" />
</clr-input-container>
<clr-input-container> <clr-input-container>
<label class="required" for="oidcScope">{{'CONFIG.OIDC.SCOPE' | translate}} <label class="required" for="oidcScope">{{'CONFIG.OIDC.SCOPE' | translate}}
<clr-tooltip> <clr-tooltip>

View File

@ -927,7 +927,9 @@
"OIDC_SETNAME": "Set OIDC Username", "OIDC_SETNAME": "Set OIDC Username",
"OIDC_SETNAMECONTENT": "You must create a Harbor username the first time when authenticating via a third party(OIDC).This will be used within Harbor to be associated with projects, roles, etc.", "OIDC_SETNAMECONTENT": "You must create a Harbor username the first time when authenticating via a third party(OIDC).This will be used within Harbor to be associated with projects, roles, etc.",
"OIDC_USERNAME": "Username", "OIDC_USERNAME": "Username",
"GROUP_CLAIM_NAME": "Group Claim Name" "GROUP_CLAIM_NAME": "Group Claim Name",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "Trigger scan all successfully!", "TRIGGER_SCAN_ALL_SUCCESS": "Trigger scan all successfully!",

View File

@ -927,7 +927,9 @@
"OIDC_SETNAME": "Set OIDC nombre de usuario", "OIDC_SETNAME": "Set OIDC nombre de usuario",
"OIDC_SETNAMECONTENT": "Usted debe crear un Harbor nombre de usuario la primera vez cuando la autenticación a través de un tercero (OIDC). Esta será usada en Harbor para ser asociados con proyectos, funciones, etc.", "OIDC_SETNAMECONTENT": "Usted debe crear un Harbor nombre de usuario la primera vez cuando la autenticación a través de un tercero (OIDC). Esta será usada en Harbor para ser asociados con proyectos, funciones, etc.",
"OIDC_USERNAME": "Usuario", "OIDC_USERNAME": "Usuario",
"GROUP_CLAIM_NAME": "Group Claim Name" "GROUP_CLAIM_NAME": "Group Claim Name",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "Trigger scan all successfully!", "TRIGGER_SCAN_ALL_SUCCESS": "Trigger scan all successfully!",

View File

@ -900,7 +900,9 @@
"OIDC_SETNAME": "Ensemble OIDC nom d'utilisateur", "OIDC_SETNAME": "Ensemble OIDC nom d'utilisateur",
"OIDC_SETNAMECONTENT": "vous devez créer un Harbor identifiant la première fois lors de la vérification par une tierce partie (oidc). il sera utilisé au sein de port à être associés aux projets, des rôles, etc.", "OIDC_SETNAMECONTENT": "vous devez créer un Harbor identifiant la première fois lors de la vérification par une tierce partie (oidc). il sera utilisé au sein de port à être associés aux projets, des rôles, etc.",
"OIDC_USERNAME": "d'utilisateur", "OIDC_USERNAME": "d'utilisateur",
"GROUP_CLAIM_NAME": "Group Claim Name" "GROUP_CLAIM_NAME": "Group Claim Name",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "Déclenchement d'analyse globale avec succès !", "TRIGGER_SCAN_ALL_SUCCESS": "Déclenchement d'analyse globale avec succès !",

View File

@ -923,7 +923,9 @@
"OIDC_SETNAME": "Definir o Utilizador OIDC", "OIDC_SETNAME": "Definir o Utilizador OIDC",
"OIDC_SETNAMECONTENT": "Você deve Criar um Nome de usuário do Porto a primeira vez que autenticar através de um terceiro (OIDC). Isto será usado Dentro de Harbor para ser associado a projetos, papéis, etc.", "OIDC_SETNAMECONTENT": "Você deve Criar um Nome de usuário do Porto a primeira vez que autenticar através de um terceiro (OIDC). Isto será usado Dentro de Harbor para ser associado a projetos, papéis, etc.",
"OIDC_USERNAME": "Utilizador", "OIDC_USERNAME": "Utilizador",
"GROUP_CLAIM_NAME": "Group Claim Name" "GROUP_CLAIM_NAME": "Group Claim Name",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "Disparo de análise geral efetuado com sucesso!", "TRIGGER_SCAN_ALL_SUCCESS": "Disparo de análise geral efetuado com sucesso!",

View File

@ -927,7 +927,9 @@
"OIDC_SETNAME": "OIDC Kullanıcı Adını Ayarla", "OIDC_SETNAME": "OIDC Kullanıcı Adını Ayarla",
"OIDC_SETNAMECONTENT": "Üçüncü tarafla (OIDC) kimlik doğrulaması yaparken ilk kez bir Harbor kullanıcı adı oluşturmalısınız. Bu, harbor projeler, roller vb. ile ilişkilendirilmek üzere kullanılacaktır.", "OIDC_SETNAMECONTENT": "Üçüncü tarafla (OIDC) kimlik doğrulaması yaparken ilk kez bir Harbor kullanıcı adı oluşturmalısınız. Bu, harbor projeler, roller vb. ile ilişkilendirilmek üzere kullanılacaktır.",
"OIDC_USERNAME": "Kullanıcı Adı", "OIDC_USERNAME": "Kullanıcı Adı",
"GROUP_CLAIM_NAME": "Group Claim Name" "GROUP_CLAIM_NAME": "Group Claim Name",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "Tümünü başarılı bir şekilde tara!", "TRIGGER_SCAN_ALL_SUCCESS": "Tümünü başarılı bir şekilde tara!",

View File

@ -927,7 +927,9 @@
"OIDC_SETNAME": "设置OIDC用户名", "OIDC_SETNAME": "设置OIDC用户名",
"OIDC_SETNAMECONTENT": "在通过第三方OIDC进行身份验证时您必须第一次创建一个Harbor用户名。这将在Harbor中用于与项目、角色等关联。", "OIDC_SETNAMECONTENT": "在通过第三方OIDC进行身份验证时您必须第一次创建一个Harbor用户名。这将在Harbor中用于与项目、角色等关联。",
"OIDC_USERNAME": "用户名", "OIDC_USERNAME": "用户名",
"GROUP_CLAIM_NAME": "组名称" "GROUP_CLAIM_NAME": "组名称",
"OIDC_ADMIN_GROUP": "OIDC管理员组",
"OIDC_ADMIN_GROUP_INFO": "OIDC管理员组名称。所有该组内用户都会有管理员权限此属性可以为空。"
}, },
"SCANNING": { "SCANNING": {
"TRIGGER_SCAN_ALL_SUCCESS": "启动扫描所有镜像任务成功!", "TRIGGER_SCAN_ALL_SUCCESS": "启动扫描所有镜像任务成功!",

View File

@ -922,7 +922,9 @@
"OIDC_SETNAME": "設置OIDC用戶名", "OIDC_SETNAME": "設置OIDC用戶名",
"OIDC_SETNAMECONTENT": "在通過第三方OIDC進行身份驗證時,您必須第一次創建一個Harbor用戶名。這將在端口中用於與項目、角色等關聯。", "OIDC_SETNAMECONTENT": "在通過第三方OIDC進行身份驗證時,您必須第一次創建一個Harbor用戶名。這將在端口中用於與項目、角色等關聯。",
"OIDC_USERNAME": "用戶名", "OIDC_USERNAME": "用戶名",
"GROUP_CLAIM_NAME": "組名稱" "GROUP_CLAIM_NAME": "組名稱",
"OIDC_ADMIN_GROUP": "OIDC Admin Group",
"OIDC_ADMIN_GROUP_INFO": "Specify an OIDC admin group name. All OIDC users in this group will have harbor admin privilege. Keep it blank if you do not want to."
}, },
"SCANNING":{ "SCANNING":{
"TRIGGER_SCAN_ALL_SUCCESS": "啟動掃描所有鏡像任務成功!", "TRIGGER_SCAN_ALL_SUCCESS": "啟動掃描所有鏡像任務成功!",

View File

@ -105,6 +105,7 @@ export class Configuration {
storage_per_project: NumberValueItem; storage_per_project: NumberValueItem;
cfg_expiration: NumberValueItem; cfg_expiration: NumberValueItem;
oidc_groups_claim: StringValueItem; oidc_groups_claim: StringValueItem;
oidc_admin_group: StringValueItem;
public constructor() { public constructor() {
this.auth_mode = new StringValueItem("db_auth", true); this.auth_mode = new StringValueItem("db_auth", true);
this.project_creation_restriction = new StringValueItem("everyone", true); this.project_creation_restriction = new StringValueItem("everyone", true);
@ -160,6 +161,7 @@ export class Configuration {
this.oidc_auto_onboard = new BoolValueItem(false, true); this.oidc_auto_onboard = new BoolValueItem(false, true);
this.oidc_scope = new StringValueItem('', true); this.oidc_scope = new StringValueItem('', true);
this.oidc_groups_claim = new StringValueItem('', true); this.oidc_groups_claim = new StringValueItem('', true);
this.oidc_admin_group = new StringValueItem('', true);
this.oidc_user_claim = new StringValueItem('', true); this.oidc_user_claim = new StringValueItem('', true);
this.count_per_project = new NumberValueItem(-1, true); this.count_per_project = new NumberValueItem(-1, true);
this.storage_per_project = new NumberValueItem(-1, true); this.storage_per_project = new NumberValueItem(-1, true);