refactor policy, job, target API

This commit is contained in:
Wenkai Yin 2017-05-23 13:38:11 +08:00
parent 4884ec7835
commit 92dcf4bfd3
4 changed files with 48 additions and 37 deletions

View File

@ -152,12 +152,11 @@ func FilterRepPolicies(name string, projectID int64) ([]*models.RepPolicy, error
var args []interface{} var args []interface{}
sql := `select rp.id, rp.project_id, p.name as project_name, rp.target_id, sql := `select rp.id, rp.project_id, rp.target_id,
rt.name as target_name, rp.name, rp.enabled, rp.description, rt.name as target_name, rp.name, rp.enabled, rp.description,
rp.cron_str, rp.start_time, rp.creation_time, rp.update_time, rp.cron_str, rp.start_time, rp.creation_time, rp.update_time,
count(rj.status) as error_job_count count(rj.status) as error_job_count
from replication_policy rp from replication_policy rp
left join project p on rp.project_id=p.project_id
left join replication_target rt on rp.target_id=rt.id left join replication_target rt on rp.target_id=rt.id
left join replication_job rj on rp.id=rj.policy_id and (rj.status="error" left join replication_job rj on rp.id=rj.policy_id and (rj.status="error"
or rj.status="retrying") or rj.status="retrying")

View File

@ -25,29 +25,29 @@ import (
"github.com/vmware/harbor/src/common/dao" "github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models" "github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log" "github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common/api"
) )
// RepJobAPI handles request to /api/replicationJobs /api/replicationJobs/:id/log // RepJobAPI handles request to /api/replicationJobs /api/replicationJobs/:id/log
type RepJobAPI struct { type RepJobAPI struct {
api.BaseAPI BaseController
jobID int64 jobID int64
} }
// Prepare validates that whether user has system admin role // Prepare validates that whether user has system admin role
func (ra *RepJobAPI) Prepare() { func (ra *RepJobAPI) Prepare() {
uid := ra.ValidateUser() ra.BaseController.Prepare()
isAdmin, err := dao.IsAdminRole(uid) if !ra.SecurityCtx.IsAuthenticated() {
if err != nil { ra.HandleUnauthorized()
log.Errorf("Failed to Check if the user is admin, error: %v, uid: %d", err, uid) return
}
if !isAdmin {
ra.CustomAbort(http.StatusForbidden, "")
} }
idStr := ra.Ctx.Input.Param(":id") if !ra.SecurityCtx.IsSysAdmin() {
if len(idStr) != 0 { ra.HandleForbidden(ra.SecurityCtx.GetUsername())
id, err := strconv.ParseInt(idStr, 10, 64) return
}
if len(ra.GetStringFromPath(":id")) != 0 {
id, err := ra.GetInt64FromPath(":id")
if err != nil { if err != nil {
ra.CustomAbort(http.StatusBadRequest, "ID is invalid") ra.CustomAbort(http.StatusBadRequest, "ID is invalid")
} }

View File

@ -23,24 +23,24 @@ import (
"github.com/vmware/harbor/src/common/dao" "github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models" "github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils/log" "github.com/vmware/harbor/src/common/utils/log"
"github.com/vmware/harbor/src/common/api"
) )
// RepPolicyAPI handles /api/replicationPolicies /api/replicationPolicies/:id/enablement // RepPolicyAPI handles /api/replicationPolicies /api/replicationPolicies/:id/enablement
type RepPolicyAPI struct { type RepPolicyAPI struct {
api.BaseAPI BaseController
} }
// Prepare validates whether the user has system admin role // Prepare validates whether the user has system admin role
func (pa *RepPolicyAPI) Prepare() { func (pa *RepPolicyAPI) Prepare() {
uid := pa.ValidateUser() pa.BaseController.Prepare()
var err error if !pa.SecurityCtx.IsAuthenticated() {
isAdmin, err := dao.IsAdminRole(uid) pa.HandleUnauthorized()
if err != nil { return
log.Errorf("Failed to Check if the user is admin, error: %v, uid: %d", err, uid)
} }
if !isAdmin {
pa.CustomAbort(http.StatusForbidden, "") if !pa.SecurityCtx.IsSysAdmin() {
pa.HandleForbidden(pa.SecurityCtx.GetUsername())
return
} }
} }
@ -82,6 +82,19 @@ func (pa *RepPolicyAPI) List() {
log.Errorf("failed to filter policies %s project ID %d: %v", name, projectID, err) log.Errorf("failed to filter policies %s project ID %d: %v", name, projectID, err)
pa.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError)) pa.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
} }
for _, policy := range policies {
project, err := pa.ProjectMgr.Get(policy.ProjectID)
if err != nil {
pa.HandleInternalServerError(fmt.Sprintf(
"failed to get project %d: %v", policy.ProjectID, err))
return
}
if project != nil {
policy.ProjectName = project.Name
}
}
pa.Data["json"] = policies pa.Data["json"] = policies
pa.ServeJSON() pa.ServeJSON()
} }
@ -103,7 +116,7 @@ func (pa *RepPolicyAPI) Post() {
} }
*/ */
project, err := dao.GetProjectByID(policy.ProjectID) project, err := pa.ProjectMgr.Get(policy.ProjectID)
if err != nil { if err != nil {
log.Errorf("failed to get project %d: %v", policy.ProjectID, err) log.Errorf("failed to get project %d: %v", policy.ProjectID, err)
pa.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError)) pa.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))

View File

@ -21,7 +21,6 @@ import (
"net/url" "net/url"
"strconv" "strconv"
"github.com/vmware/harbor/src/common/api"
"github.com/vmware/harbor/src/common/dao" "github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models" "github.com/vmware/harbor/src/common/models"
"github.com/vmware/harbor/src/common/utils" "github.com/vmware/harbor/src/common/utils"
@ -34,29 +33,29 @@ import (
// TargetAPI handles request to /api/targets/ping /api/targets/{} // TargetAPI handles request to /api/targets/ping /api/targets/{}
type TargetAPI struct { type TargetAPI struct {
api.BaseAPI BaseController
secretKey string secretKey string
} }
// Prepare validates the user // Prepare validates the user
func (t *TargetAPI) Prepare() { func (t *TargetAPI) Prepare() {
t.BaseController.Prepare()
if !t.SecurityCtx.IsAuthenticated() {
t.HandleUnauthorized()
return
}
if !t.SecurityCtx.IsSysAdmin() {
t.HandleForbidden(t.SecurityCtx.GetUsername())
return
}
var err error var err error
t.secretKey, err = config.SecretKey() t.secretKey, err = config.SecretKey()
if err != nil { if err != nil {
log.Errorf("failed to get secret key: %v", err) log.Errorf("failed to get secret key: %v", err)
t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError)) t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
} }
userID := t.ValidateUser()
isSysAdmin, err := dao.IsAdminRole(userID)
if err != nil {
log.Errorf("error occurred in IsAdminRole: %v", err)
t.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
}
if !isSysAdmin {
t.CustomAbort(http.StatusForbidden, http.StatusText(http.StatusForbidden))
}
} }
func (t *TargetAPI) ping(endpoint, username, password string) { func (t *TargetAPI) ping(endpoint, username, password string) {