mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-23 02:35:17 +01:00
Remove register and userexists funcs from dao pkg (#14798)
This commit replaces them with funcs with user pkg Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit is contained in:
Daniel Jiang
GitHub
parent
f8171cdf6e
commit
a66809cf85
@ -26,6 +26,7 @@ import (
|
||||
"github.com/goharbor/harbor/src/common/utils"
|
||||
"github.com/goharbor/harbor/src/lib/log"
|
||||
libOrm "github.com/goharbor/harbor/src/lib/orm"
|
||||
"github.com/goharbor/harbor/src/pkg/user"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
@ -109,7 +110,6 @@ func TestMain(m *testing.M) {
|
||||
switch database {
|
||||
case "postgresql":
|
||||
PrepareTestForPostgresSQL()
|
||||
PrepareTestData([]string{"delete from admin_job"}, []string{})
|
||||
default:
|
||||
log.Fatalf("invalid database: %s", database)
|
||||
}
|
||||
@ -124,6 +124,19 @@ func TestMain(m *testing.M) {
|
||||
|
||||
func testForAll(m *testing.M) int {
|
||||
cleanByUser(username)
|
||||
// TODO: remove the code for populating data after the record is not needed.
|
||||
ctx := libOrm.Context()
|
||||
_, err := user.Mgr.Create(ctx, &models.User{
|
||||
Username: username,
|
||||
Email: "tester01@vmware.com",
|
||||
Password: password,
|
||||
Realname: "tester01",
|
||||
Comment: "register",
|
||||
})
|
||||
if err != nil {
|
||||
log.Errorf("Error occurred when creating user: %v", err)
|
||||
return 1
|
||||
}
|
||||
|
||||
rc := m.Run()
|
||||
clearAll()
|
||||
@ -133,8 +146,7 @@ func testForAll(m *testing.M) int {
|
||||
func clearAll() {
|
||||
tables := []string{"project_member",
|
||||
"project_metadata", "repository", "replication_policy",
|
||||
"registry", "replication_execution", "replication_task",
|
||||
"replication_schedule_job", "project", "harbor_user"}
|
||||
"registry", "project", "harbor_user"}
|
||||
for _, t := range tables {
|
||||
if err := ClearTable(t); err != nil {
|
||||
log.Errorf("Failed to clear table: %s,error: %v", t, err)
|
||||
@ -142,82 +154,16 @@ func clearAll() {
|
||||
}
|
||||
}
|
||||
|
||||
func TestRegister(t *testing.T) {
|
||||
|
||||
user := models.User{
|
||||
Username: username,
|
||||
Email: "tester01@vmware.com",
|
||||
Password: password,
|
||||
Realname: "tester01",
|
||||
Comment: "register",
|
||||
}
|
||||
|
||||
_, err := Register(user)
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in Register: %v", err)
|
||||
}
|
||||
|
||||
// Check if user registered successfully.
|
||||
queryUser := models.User{
|
||||
Username: username,
|
||||
}
|
||||
newUser, err := GetUser(queryUser)
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in GetUser: %v", err)
|
||||
}
|
||||
|
||||
if newUser.Username != username {
|
||||
t.Errorf("Username does not match, expected: %s, actual: %s", username, newUser.Username)
|
||||
}
|
||||
if newUser.Email != "tester01@vmware.com" {
|
||||
t.Errorf("Email does not match, expected: %s, actual: %s", "tester01@vmware.com", newUser.Email)
|
||||
}
|
||||
}
|
||||
|
||||
func TestUserExists(t *testing.T) {
|
||||
var exists bool
|
||||
var err error
|
||||
|
||||
exists, err = UserExists(models.User{Username: username}, "username")
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in UserExists: %v", err)
|
||||
}
|
||||
if !exists {
|
||||
t.Errorf("User %s was inserted but does not exist", username)
|
||||
}
|
||||
exists, err = UserExists(models.User{Email: "tester01@vmware.com"}, "email")
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in UserExists: %v", err)
|
||||
}
|
||||
if !exists {
|
||||
t.Errorf("User with email %s inserted but does not exist", "tester01@vmware.com")
|
||||
}
|
||||
exists, err = UserExists(models.User{Username: "NOTHERE"}, "username")
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in UserExists: %v", err)
|
||||
}
|
||||
if exists {
|
||||
t.Errorf("User %s was not inserted but does exist", "NOTHERE")
|
||||
}
|
||||
}
|
||||
|
||||
func TestLoginByUserName(t *testing.T) {
|
||||
|
||||
userQuery := models.User{
|
||||
Username: username,
|
||||
Password: "Abc12345",
|
||||
}
|
||||
|
||||
loginUser, err := LoginByDb(models.AuthModel{
|
||||
Principal: userQuery.Username,
|
||||
Password: userQuery.Password,
|
||||
Principal: username,
|
||||
Password: password,
|
||||
})
|
||||
if err != nil {
|
||||
t.Errorf("Error occurred in LoginByDb: %v", err)
|
||||
}
|
||||
if loginUser == nil {
|
||||
t.Errorf("No found for user logined by username and password: %v", userQuery)
|
||||
t.Errorf("No found for user logined by username and password: %s, %s", username, password)
|
||||
}
|
||||
|
||||
if loginUser.Username != username {
|
||||
|
||||
@ -127,9 +127,6 @@ func TestOIDCOnboard(t *testing.T) {
|
||||
err = OnBoardOIDCUser(&userDup)
|
||||
require.NotNil(t, err)
|
||||
require.Contains(t, err.Error(), ErrDupUser.Error())
|
||||
exist, err := UserExists(userDup, "email")
|
||||
require.Nil(t, err)
|
||||
require.False(t, exist)
|
||||
|
||||
// duplicate OIDC user -- ErrDupRows
|
||||
// ouDup is duplicate with ou333
|
||||
@ -137,17 +134,11 @@ func TestOIDCOnboard(t *testing.T) {
|
||||
err = OnBoardOIDCUser(&user555)
|
||||
require.NotNil(t, err)
|
||||
require.Contains(t, err.Error(), ErrDupOIDCUser.Error())
|
||||
exist, err = UserExists(user555, "username")
|
||||
require.Nil(t, err)
|
||||
require.False(t, exist)
|
||||
|
||||
// success
|
||||
user555.OIDCUserMeta = ou555
|
||||
err = OnBoardOIDCUser(&user555)
|
||||
require.Nil(t, err)
|
||||
exist, err = UserExists(user555, "username")
|
||||
require.Nil(t, err)
|
||||
require.True(t, exist)
|
||||
defer CleanUser(int64(user555.UserID))
|
||||
|
||||
// duplicate OIDC user's sub -- ErrDupRows
|
||||
@ -156,9 +147,6 @@ func TestOIDCOnboard(t *testing.T) {
|
||||
err = OnBoardOIDCUser(&user666)
|
||||
require.NotNil(t, err)
|
||||
require.Contains(t, err.Error(), ErrDupOIDCUser.Error())
|
||||
exist, err = UserExists(user666, "username")
|
||||
require.Nil(t, err)
|
||||
require.False(t, exist)
|
||||
|
||||
// clear data
|
||||
defer func() {
|
||||
|
||||
@ -1,74 +0,0 @@
|
||||
// Copyright Project Harbor Authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package dao
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/goharbor/harbor/src/common/models"
|
||||
"github.com/goharbor/harbor/src/common/utils"
|
||||
)
|
||||
|
||||
// Register is used for user to register, the password is encrypted before the record is inserted into database.
|
||||
func Register(user models.User) (int64, error) {
|
||||
|
||||
o := GetOrmer()
|
||||
now := time.Now()
|
||||
salt := utils.GenerateRandomString()
|
||||
sql := `insert into harbor_user
|
||||
(username, password, password_version, realname, email, comment, salt, sysadmin_flag, creation_time, update_time)
|
||||
values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) RETURNING user_id`
|
||||
var userID int64
|
||||
err := o.Raw(sql, user.Username, utils.Encrypt(user.Password, salt, utils.SHA256), utils.SHA256, user.Realname, user.Email,
|
||||
user.Comment, salt, user.SysAdminFlag, now, now).QueryRow(&userID)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return userID, nil
|
||||
|
||||
}
|
||||
|
||||
// UserExists returns whether a user exists according username or Email.
|
||||
func UserExists(user models.User, target string) (bool, error) {
|
||||
|
||||
if user.Username == "" && user.Email == "" {
|
||||
return false, errors.New("user name and email are blank")
|
||||
}
|
||||
|
||||
o := GetOrmer()
|
||||
|
||||
sql := `select user_id from harbor_user where 1=1 `
|
||||
queryParam := make([]interface{}, 1)
|
||||
|
||||
switch target {
|
||||
case "username":
|
||||
sql += ` and username = ? `
|
||||
queryParam = append(queryParam, user.Username)
|
||||
case "email":
|
||||
sql += ` and email = ? `
|
||||
queryParam = append(queryParam, user.Email)
|
||||
}
|
||||
|
||||
var u []models.User
|
||||
n, err := o.Raw(sql, queryParam).QueryRows(&u)
|
||||
if err != nil {
|
||||
return false, err
|
||||
} else if n == 0 {
|
||||
return false, nil
|
||||
} else {
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
@ -69,14 +69,6 @@ var (
|
||||
Name: "proj_guest",
|
||||
Passwd: "Harbor12345",
|
||||
}
|
||||
projLimitedGuest = &usrInfo{
|
||||
Name: "proj_limited_guest",
|
||||
Passwd: "Harbor12345",
|
||||
}
|
||||
projAdmin4Robot = &usrInfo{
|
||||
Name: "proj_admin_robot",
|
||||
Passwd: "Harbor12345",
|
||||
}
|
||||
)
|
||||
|
||||
type testingRequest struct {
|
||||
@ -232,9 +224,10 @@ func TestMain(m *testing.M) {
|
||||
}
|
||||
|
||||
func prepare() error {
|
||||
ctx := orm.Context()
|
||||
// register nonSysAdmin
|
||||
var err error
|
||||
nonSysAdminID, err = dao.Register(models.User{
|
||||
nsID, err := user.Mgr.Create(ctx, &models.User{
|
||||
Username: nonSysAdmin.Name,
|
||||
Password: nonSysAdmin.Passwd,
|
||||
Email: nonSysAdmin.Name + "@test.com",
|
||||
@ -242,9 +235,11 @@ func prepare() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
nonSysAdminID = int64(nsID)
|
||||
|
||||
// register projAdmin and assign project admin role
|
||||
projAdminID, err = dao.Register(models.User{
|
||||
|
||||
paID, err := user.Mgr.Create(ctx, &models.User{
|
||||
Username: projAdmin.Name,
|
||||
Password: projAdmin.Passwd,
|
||||
Email: projAdmin.Name + "@test.com",
|
||||
@ -252,7 +247,7 @@ func prepare() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
ctx := orm.Context()
|
||||
projAdminID = int64(paID)
|
||||
if projAdminPMID, err = member.Mgr.AddProjectMember(ctx, memberModels.Member{
|
||||
ProjectID: 1,
|
||||
Role: common.RoleProjectAdmin,
|
||||
@ -262,26 +257,8 @@ func prepare() error {
|
||||
return err
|
||||
}
|
||||
|
||||
// register projAdminRobots and assign project admin role
|
||||
projAdminRobotID, err = dao.Register(models.User{
|
||||
Username: projAdmin4Robot.Name,
|
||||
Password: projAdmin4Robot.Passwd,
|
||||
Email: projAdmin4Robot.Name + "@test.com",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if projAdminRobotPMID, err = member.Mgr.AddProjectMember(ctx, memberModels.Member{
|
||||
ProjectID: 1,
|
||||
Role: common.RoleProjectAdmin,
|
||||
EntityID: int(projAdminRobotID),
|
||||
EntityType: common.UserMember,
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// register projDeveloper and assign project developer role
|
||||
projDeveloperID, err = dao.Register(models.User{
|
||||
pdID, err := user.Mgr.Create(ctx, &models.User{
|
||||
Username: projDeveloper.Name,
|
||||
Password: projDeveloper.Passwd,
|
||||
Email: projDeveloper.Name + "@test.com",
|
||||
@ -289,6 +266,7 @@ func prepare() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
projDeveloperID = int64(pdID)
|
||||
|
||||
if projDeveloperPMID, err = member.Mgr.AddProjectMember(ctx, memberModels.Member{
|
||||
ProjectID: 1,
|
||||
@ -300,7 +278,7 @@ func prepare() error {
|
||||
}
|
||||
|
||||
// register projGuest and assign project guest role
|
||||
projGuestID, err = dao.Register(models.User{
|
||||
pgID, err := user.Mgr.Create(ctx, &models.User{
|
||||
Username: projGuest.Name,
|
||||
Password: projGuest.Passwd,
|
||||
Email: projGuest.Name + "@test.com",
|
||||
@ -308,6 +286,7 @@ func prepare() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
projGuestID = int64(pgID)
|
||||
|
||||
if projGuestPMID, err = member.Mgr.AddProjectMember(ctx, memberModels.Member{
|
||||
ProjectID: 1,
|
||||
@ -317,24 +296,6 @@ func prepare() error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// register projLimitedGuest and assign project limit guest role
|
||||
projLimitedGuestID, err = dao.Register(models.User{
|
||||
Username: projLimitedGuest.Name,
|
||||
Password: projLimitedGuest.Passwd,
|
||||
Email: projLimitedGuest.Name + "@test.com",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if projLimitedGuestPMID, err = member.Mgr.AddProjectMember(ctx, memberModels.Member{
|
||||
ProjectID: 1,
|
||||
Role: common.RoleLimitedGuest,
|
||||
EntityID: int(projLimitedGuestID),
|
||||
EntityType: common.UserMember,
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@ package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/goharbor/harbor/src/lib/config"
|
||||
|
||||
o "github.com/astaxie/beego/orm"
|
||||
|
||||
@ -22,7 +22,9 @@ import (
|
||||
|
||||
"github.com/goharbor/harbor/src/lib/config"
|
||||
"github.com/goharbor/harbor/src/lib/orm"
|
||||
"github.com/goharbor/harbor/src/lib/q"
|
||||
"github.com/goharbor/harbor/src/pkg/ldap/model"
|
||||
"github.com/goharbor/harbor/src/pkg/user"
|
||||
ugModel "github.com/goharbor/harbor/src/pkg/usergroup/model"
|
||||
|
||||
goldap "github.com/go-ldap/ldap/v3"
|
||||
@ -255,12 +257,14 @@ func (l *Auth) OnBoardGroup(u *ugModel.UserGroup, altGroupName string) error {
|
||||
// PostAuthenticate -- If user exist in harbor DB, sync email address, if not exist, call OnBoardUser
|
||||
func (l *Auth) PostAuthenticate(u *models.User) error {
|
||||
|
||||
exist, err := dao.UserExists(*u, "username")
|
||||
ctx := orm.Context()
|
||||
query := q.New(q.KeyWords{"Username": u.Username})
|
||||
n, err := user.Mgr.Count(ctx, query)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if exist {
|
||||
if n > 0 {
|
||||
queryCondition := models.User{
|
||||
Username: u.Username,
|
||||
}
|
||||
|
||||
@ -17,8 +17,6 @@ package controllers
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"github.com/goharbor/harbor/src/lib/config"
|
||||
"github.com/goharbor/harbor/src/lib/orm"
|
||||
"html/template"
|
||||
"net"
|
||||
"net/http"
|
||||
@ -28,6 +26,7 @@ import (
|
||||
"strings"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
o "github.com/astaxie/beego/orm"
|
||||
"github.com/beego/i18n"
|
||||
"github.com/goharbor/harbor/src/common"
|
||||
"github.com/goharbor/harbor/src/common/dao"
|
||||
@ -38,7 +37,11 @@ import (
|
||||
"github.com/goharbor/harbor/src/core/api"
|
||||
"github.com/goharbor/harbor/src/core/auth"
|
||||
"github.com/goharbor/harbor/src/lib"
|
||||
"github.com/goharbor/harbor/src/lib/config"
|
||||
"github.com/goharbor/harbor/src/lib/log"
|
||||
"github.com/goharbor/harbor/src/lib/orm"
|
||||
"github.com/goharbor/harbor/src/lib/q"
|
||||
"github.com/goharbor/harbor/src/pkg/user"
|
||||
)
|
||||
|
||||
// CommonController handles request from UI that doesn't expect a page, such as /SwitchLanguage /logout ...
|
||||
@ -124,11 +127,12 @@ func (cc *CommonController) LogOut() {
|
||||
|
||||
// UserExists checks if user exists when user input value in sign in form.
|
||||
func (cc *CommonController) UserExists() {
|
||||
flag, err := config.SelfRegistration(orm.Context())
|
||||
ctx := orm.NewContext(cc.Ctx.Request.Context(), o.NewOrm())
|
||||
flag, err := config.SelfRegistration(ctx)
|
||||
if err != nil {
|
||||
log.Errorf("Failed to get the status of self registration flag, error: %v, disabling user existence check", err)
|
||||
}
|
||||
securityCtx, ok := security.FromContext(cc.Ctx.Request.Context())
|
||||
securityCtx, ok := security.FromContext(ctx)
|
||||
isAdmin := ok && securityCtx.IsSysAdmin()
|
||||
if !flag && !isAdmin {
|
||||
cc.CustomAbort(http.StatusPreconditionFailed, "self registration disabled, only sysadmin can check user existence")
|
||||
@ -137,20 +141,20 @@ func (cc *CommonController) UserExists() {
|
||||
target := cc.GetString("target")
|
||||
value := cc.GetString("value")
|
||||
|
||||
user := models.User{}
|
||||
var query *q.Query
|
||||
switch target {
|
||||
case "username":
|
||||
user.Username = value
|
||||
query = q.New(q.KeyWords{"Username": value})
|
||||
case "email":
|
||||
user.Email = value
|
||||
query = q.New(q.KeyWords{"Email": value})
|
||||
}
|
||||
|
||||
exist, err := dao.UserExists(user, target)
|
||||
n, err := user.Mgr.Count(ctx, query)
|
||||
if err != nil {
|
||||
log.Errorf("Error occurred in UserExists: %v", err)
|
||||
cc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
cc.Data["json"] = exist
|
||||
cc.Data["json"] = n > 0
|
||||
cc.ServeJSON()
|
||||
}
|
||||
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package exporter
|
||||
|
||||
import (
|
||||
"context"
|
||||
"strconv"
|
||||
"testing"
|
||||
"time"
|
||||
@ -20,6 +19,7 @@ import (
|
||||
memberModels "github.com/goharbor/harbor/src/pkg/member/models"
|
||||
qtypes "github.com/goharbor/harbor/src/pkg/quota/types"
|
||||
"github.com/goharbor/harbor/src/pkg/repository"
|
||||
"github.com/goharbor/harbor/src/pkg/user"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -39,23 +39,23 @@ var (
|
||||
|
||||
func setupTest(t *testing.T) {
|
||||
test.InitDatabaseFromEnv()
|
||||
ctx := orm.Context()
|
||||
|
||||
// register projAdmin and assign project admin role
|
||||
aliceID, err := dao.Register(alice)
|
||||
aliceID, err := user.Mgr.Create(ctx, &alice)
|
||||
if err != nil {
|
||||
t.Errorf("register user error %v", err)
|
||||
}
|
||||
bobID, err := dao.Register(bob)
|
||||
bobID, err := user.Mgr.Create(ctx, &bob)
|
||||
if err != nil {
|
||||
t.Errorf("register user error %v", err)
|
||||
}
|
||||
eveID, err := dao.Register(eve)
|
||||
eveID, err := user.Mgr.Create(ctx, &eve)
|
||||
if err != nil {
|
||||
t.Errorf("register user error %v", err)
|
||||
}
|
||||
|
||||
// Create Project
|
||||
ctx := orm.NewContext(context.Background(), dao.GetOrmer())
|
||||
proID1, err := proctl.Ctl.Create(ctx, &testPro1)
|
||||
if err != nil {
|
||||
t.Errorf("project creating %v", err)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user