verify permission of GetRetentionExecTaskLog

Signed-off-by: Ziming Zhang <zziming@vmware.com> Change-Id: I4bf4ddf3d3ed6f07a4618e242e2f3774996716d6 Signed-off-by: Ziming Zhang <zziming@vmware.com>
2024-11-25 11:46:43 +01:00 · 2019-08-29 14:58:59 +08:00 · 2019-08-29 14:58:59 +08:00 · 8fb6e2f65b
commit 8fb6e2f65b
parent db5781bf78
4 changed files with 15 additions and 18 deletions
--- a/src/core/api/retention.go
+++ b/src/core/api/retention.go
@ -380,11 +380,24 @@ func (r *RetentionAPI) ListRetentionExecTasks() {

 // GetRetentionExecTaskLog Get Retention Execution Task log
 func (r *RetentionAPI) GetRetentionExecTaskLog() {
+	id, err := r.GetIDFromURL()
+	if err != nil {
+		r.SendBadRequestError(err)
+		return
+	}
 	tid, err := r.GetInt64FromPath(":tid")
 	if err != nil {
 		r.SendBadRequestError(err)
 		return
 	}
+	p, err := retentionController.GetRetention(id)
+	if err != nil {
+		r.SendBadRequestError(err)
+		return
+	}
+	if !r.requireAccess(p, rbac.ActionRead) {
+		return
+	}
 	log, err := retentionController.GetRetentionExecTaskLog(tid)
 	if err != nil {
 		r.SendInternalServerError(err)
--- a/src/pkg/retention/controller.go
+++ b/src/pkg/retention/controller.go
@ -18,7 +18,6 @@ import (
 	"fmt"
 	"time"

-	"github.com/goharbor/harbor/src/jobservice/job"
 	"github.com/goharbor/harbor/src/pkg/project"
 	"github.com/goharbor/harbor/src/pkg/repository"
 	"github.com/goharbor/harbor/src/pkg/retention/policy"
@ -28,16 +27,6 @@ import (

 // APIController to handle the requests related with retention
 type APIController interface {
-	// Handle the related hooks from the job service and launch the corresponding actions if needed
-	//
-	//  Arguments:
-	//    PolicyID string         : uuid of the retention policy
-	//    event *job.StatusChange : event object sent by job service
-	//
-	//  Returns:
-	//    common error object if any errors occurred
-	HandleHook(policyID string, event *job.StatusChange) error
-
 	GetRetention(id int64) (*policy.Metadata, error)

 	CreateRetention(p *policy.Metadata) (int64, error)
@ -263,11 +252,6 @@ func (r *DefaultAPIController) GetRetentionExecTaskLog(taskID int64) ([]byte, er
 	return r.manager.GetTaskLog(taskID)
 }

-// HandleHook HandleHook
-func (r *DefaultAPIController) HandleHook(policyID string, event *job.StatusChange) error {
-	panic("implement me")
-}
-
 // NewAPIController ...
 func NewAPIController(retentionMgr Manager, projectManager project.Manager, repositoryMgr repository.Manager, scheduler scheduler.Scheduler, retentionLauncher Launcher) APIController {
 	return &DefaultAPIController{
--- a/tests/harbor_ca.crt
+++ b/tests/harbor_ca.crt
@ -29,4 +29,4 @@ y8oWY+ZrEsG7lID2zMaZopSAwDzuBoqLGE66LK+RtFSrAcGHSr3Xlp0R6hX4FeyN
 flTTBxE6eNoEiV56x9RuSDvWnw/l38B/y9q9wMNkI+kb2d8QNkWFz9q1W01Vdceo
 ZzTA/fNcErZ0YiE/wY9VEW+DRoO3ntMN8lEsNLr04kUG7RJ6EOu6kQPHQuJ3Bujy
 rnAVXLxzOqGPfKD6gBQS2pTikQCYpqtaFg==
-----END CERTIFICATE-----
+-----END CERTIFICATE-----
--- a/tests/harbor_ca.key
+++ b/tests/harbor_ca.key
@ -49,4 +49,4 @@ c3UER6XNgI0CpdOb6Jq1529+g9/dly39qqQM4n82nFuizknMWlW5BlxsbwTy2xhi
 JAA3JgLgB38UdL1sBDscX2vCl5pZhXXxWmVDud67exbMUnR4ib1bzG4nsXTHe72P
 Jq2W5mySj9uDfcNHyBmfl95mP+VWOjQlxMg/cmS/CU3q04cMzUKX4froNRUi3eYQ
 CFZg63hc+GA5YEhJM3n6ZkTZnTJH3Lc=
-----END PRIVATE KEY-----
+-----END PRIVATE KEY-----