mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-27 02:58:05 +01:00
sysadmin has all privileges for projects
This commit is contained in:
parent
6373497e58
commit
8c8bad8602
@ -92,7 +92,7 @@ func (pma *ProjectMemberAPI) Get() {
|
||||
}
|
||||
pma.Data["json"] = userList
|
||||
} else { //return detail of a member
|
||||
roleList, err := dao.GetUserProjectRoles(pma.memberID, pid)
|
||||
roleList, err := listRoles(pma.memberID, pid)
|
||||
if err != nil {
|
||||
log.Errorf("Error occurred in GetUserProjectRoles, error: %v", err)
|
||||
pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
@ -241,3 +241,27 @@ func (pma *ProjectMemberAPI) Delete() {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
//sysadmin has all privileges to all projects
|
||||
func listRoles(userID int, projectID int64) ([]models.Role, error) {
|
||||
roles := make([]models.Role, 1)
|
||||
isSysAdmin, err := dao.IsAdminRole(userID)
|
||||
if err != nil {
|
||||
return roles, err
|
||||
}
|
||||
if isSysAdmin {
|
||||
role, err := dao.GetRoleByID(models.PROJECTADMIN)
|
||||
if err != nil {
|
||||
return roles, err
|
||||
}
|
||||
roles = append(roles, *role)
|
||||
return roles, nil
|
||||
}
|
||||
|
||||
rs, err := dao.GetUserProjectRoles(userID, projectID)
|
||||
if err != nil {
|
||||
return roles, err
|
||||
}
|
||||
roles = append(roles, rs...)
|
||||
return roles, nil
|
||||
}
|
||||
|
@ -190,6 +190,16 @@ func (p *ProjectAPI) FilterAccessLog() {
|
||||
}
|
||||
|
||||
func isProjectAdmin(userID int, pid int64) bool {
|
||||
isSysAdmin, err := dao.IsAdminRole(userID)
|
||||
if err != nil {
|
||||
log.Errorf("Error occurred in IsAdminRole, returning false, error: %v", err)
|
||||
return false
|
||||
}
|
||||
|
||||
if isSysAdmin {
|
||||
return true
|
||||
}
|
||||
|
||||
rolelist, err := dao.GetUserProjectRoles(userID, pid)
|
||||
if err != nil {
|
||||
log.Errorf("Error occurred in GetUserProjectRoles, returning false, error: %v", err)
|
||||
|
15
dao/role.go
15
dao/role.go
@ -73,3 +73,18 @@ func IsAdminRole(userIDOrUsername interface{}) (bool, error) {
|
||||
|
||||
return user.HasAdminRole == 1, nil
|
||||
}
|
||||
|
||||
// GetRoleByID ...
|
||||
func GetRoleByID(id int) (*models.Role, error) {
|
||||
o := orm.NewOrm()
|
||||
|
||||
sql := `select *
|
||||
from role
|
||||
where role_id = ?`
|
||||
|
||||
var role models.Role
|
||||
if err := o.Raw(sql, id).QueryRow(&role); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &role, nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user