Do not check security context in Get of user controller

This commit make sure when security context is not found the `Get` function in user controller should not return error. Because this func will be called by security middleware, at which point of time the security context is not generated. Additionally, checking security context is not necessary because the permission checking is already done in the API handler layer. fixes #15535 Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2024-06-26 14:55:06 +02:00 · 2021-09-21 16:40:16 +08:00 · 2021-09-21 16:40:16 +08:00 · 884da19414
commit 884da19414
parent 04cd65d179
1 changed files with 2 additions and 5 deletions
--- a/src/controller/user/controller.go
+++ b/src/controller/user/controller.go
@ -16,7 +16,7 @@ package user

 import (
 	"context"
-	"fmt"
+
 	"github.com/goharbor/harbor/src/common"
 	commonmodels "github.com/goharbor/harbor/src/common/models"
 	"github.com/goharbor/harbor/src/common/security"
@ -148,10 +148,7 @@ func (c *controller) Get(ctx context.Context, id int, opt *Option) (*models.User
 	if err != nil {
 		return nil, err
 	}
-	sctx, ok := security.FromContext(ctx)
-	if !ok {
-		return nil, fmt.Errorf("can't find security context")
-	}
+	sctx, _ := security.FromContext(ctx)
 	lsc, ok := sctx.(*local.SecurityContext)
 	if ok && lsc.User() != nil && lsc.User().UserID == id {
 		u.AdminRoleInAuth = lsc.User().AdminRoleInAuth