Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-18 22:57:38 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #11569 from ywk253100/200410_replication

Browse Source 
Add "delete" into the action map if the action in token is "*"
This commit is contained in:
Wenkai Yin(尹文开) 2020-04-10 18:06:47 +08:00 committed by GitHub
commit 81a4e7d468
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/common/security/v2token/context.go
View File

@ -94,13 +94,16 @@ func New(ctx context.Context, name string, access []*registry_token.ResourceActi
} }
actionMap := make(map[types.Action]struct{}) actionMap := make(map[types.Action]struct{})
for _, a := range ac.Actions { for _, a := range ac.Actions {
if a == "pull" || a == "*" { switch a {
case "pull":
actionMap[rbac.ActionPull] = struct{}{} actionMap[rbac.ActionPull] = struct{}{}
} case "push":
if a == "push" || a == "*" {
actionMap[rbac.ActionPush] = struct{}{} actionMap[rbac.ActionPush] = struct{}{}
} case "*":
if a == "scanner-pull" { actionMap[rbac.ActionPull] = struct{}{}
actionMap[rbac.ActionPush] = struct{}{}
actionMap[rbac.ActionDelete] = struct{}{}
case "scanner-pull":
actionMap[rbac.ActionScannerPull] = struct{}{} actionMap[rbac.ActionScannerPull] = struct{}{}
} }
} }

5
src/common/security/v2token/context_test.go
View File

@ -69,6 +69,11 @@ func TestAll(t *testing.T) {
action: rbac.ActionPush, action: rbac.ActionPush,
expect: true, expect: true,
}, },
{
resource: rbac.NewProjectNamespace(2).Resource(rbac.ResourceRepository),
action: rbac.ActionDelete,
expect: true,
},
{ {
resource: rbac.NewProjectNamespace(2).Resource(rbac.ResourceRepository), resource: rbac.NewProjectNamespace(2).Resource(rbac.ResourceRepository),
action: rbac.ActionScannerPull, action: rbac.ActionScannerPull,