Update for removing cookies about user info.

This commit is contained in:
kunw 2016-11-15 14:45:30 +08:00
parent c1c5ba8157
commit c9ab2d2eb7
22 changed files with 140 additions and 159 deletions

View File

@ -52,7 +52,7 @@ func Register(user models.User) (int64, error) {
func UserExists(user models.User, target string) (bool, error) {
if user.Username == "" && user.Email == "" {
return false, errors.New("User name and email are blank.")
return false, errors.New("user name and email are blank")
}
o := GetOrmer()

View File

@ -131,7 +131,7 @@ func ToggleUserAdminRole(userID, hasAdmin int) error {
// ChangeUserPassword ...
func ChangeUserPassword(u models.User, oldPassword ...string) (err error) {
if len(oldPassword) > 1 {
return errors.New("Wrong numbers of params.")
return errors.New("wrong numbers of params")
}
o := GetOrmer()
@ -153,7 +153,7 @@ func ChangeUserPassword(u models.User, oldPassword ...string) (err error) {
return err
}
if c == 0 {
return errors.New("No record has been modified, change password failed.")
return errors.New("no record has been modified, change password failed")
}
return nil
@ -171,7 +171,7 @@ func ResetUserPassword(u models.User) error {
return err
}
if count == 0 {
return errors.New("No record be changed, reset password failed.")
return errors.New("no record be changed, reset password failed")
}
return nil
}

View File

@ -64,7 +64,7 @@ func (sm *SM) EnterState(s string) (string, error) {
_, exist := targets[s]
_, isForced := sm.ForcedStates[s]
if !exist && !isForced {
return "", fmt.Errorf("Job id: %d, transition from %s to %s does not exist!", sm.JobID, sm.CurrentState, s)
return "", fmt.Errorf("job id: %d, transition from %s to %s does not exist", sm.JobID, sm.CurrentState, s)
}
exitHandler, ok := sm.Handlers[sm.CurrentState]
if ok {

View File

@ -1,9 +0,0 @@
package api
import (
"testing"
)
func TestMain(t *testing.T) {
}

View File

@ -16,18 +16,22 @@
package api
import (
"os"
"github.com/vmware/harbor/src/common/dao"
"github.com/vmware/harbor/src/common/models"
"os"
)
const (
//Prepare Test info
TestUserName = "testUser0001"
TestUserPwd = "testUser0001"
TestUserEmail = "testUser0001@mydomain.com"
TestProName = "testProject0001"
TestTargetName = "testTarget0001"
TestUserName = "testUser0001"
TestUserPwd = "testUser0001"
TestUserEmail = "testUser0001@mydomain.com"
TestProName = "testProject0001"
TestTargetName = "testTarget0001"
TestRepoName = "testRepo0001"
AdminName = "admin"
DefaultProjectName = "library"
)
func CommonAddUser() {
@ -104,3 +108,20 @@ func CommonDelTarget() {
func CommonPolicyEabled(policyID int, enabled int) {
_ = dao.UpdateRepPolicyEnablement(int64(policyID), enabled)
}
func CommonAddRepository() {
commonRepository := &models.RepoRecord{
RepositoryID: "1",
Name: TestRepoName,
OwnerName: AdminName,
OwnerID: 1,
ProjectName: DefaultProjectName,
ProjectID: 1,
PullCount: 1,
}
_ = dao.AddRepository(*commonRepository)
}
func CommonDelRepository() {
_ = dao.DeleteRepository(TestRepoName)
}

View File

@ -174,19 +174,20 @@ func (a testapi) ProjectsPost(prjUsr usrInfo, project apilib.ProjectReq) (int, e
return httpStatusCode, err
}
func (a testapi) StatisticGet(user usrInfo) (apilib.StatisticMap, error) {
func (a testapi) StatisticGet(user usrInfo) (int, apilib.StatisticMap, error) {
_sling := sling.New().Get(a.basePath)
// create path and map variables
path := "/api/statistics/"
fmt.Printf("project statistic path: %s\n", path)
_sling = _sling.Path(path)
var successPayload = new(apilib.StatisticMap)
code, body, err := request(_sling, jsonAcceptHeader, user)
if 200 == code && nil == err {
var successPayload apilib.StatisticMap
httpStatusCode, body, err := request(_sling, jsonAcceptHeader, user)
if err == nil && httpStatusCode == 200 {
err = json.Unmarshal(body, &successPayload)
}
return *successPayload, err
return httpStatusCode, successPayload, err
}
func (a testapi) LogGet(user usrInfo, startTime, endTime, lines string) (int, []apilib.AccessLog, error) {
@ -857,7 +858,7 @@ func updateInitPassword(userID int, password string) error {
return fmt.Errorf("Failed to get user, userID: %d %v", userID, err)
}
if user == nil {
return fmt.Errorf("User id: %d does not exist.", userID)
return fmt.Errorf("user id: %d does not exist", userID)
}
if user.Salt == "" {
user.Salt = utils.GenerateRandomString()

View File

@ -413,7 +413,7 @@ func validateProjectReq(req projectReq) error {
validProjectName := regexp.MustCompile(`^[a-z0-9](?:-*[a-z0-9])*(?:[._][a-z0-9](?:-*[a-z0-9])*)*$`)
legal := validProjectName.MatchString(pn)
if !legal {
return fmt.Errorf("Project name is not in lower case or contains illegal characters!")
return fmt.Errorf("project name is not in lower case or contains illegal characters")
}
return nil
}

View File

@ -2,14 +2,14 @@ package api
import (
"fmt"
"strconv"
"testing"
"github.com/stretchr/testify/assert"
"github.com/vmware/harbor/tests/apitests/apilib"
//"github.com/vmware/harbor/tests/apitests/apilib"
)
func TestStatisticGet(t *testing.T) {
fmt.Println("Testing Statistic API")
assert := assert.New(t)
@ -17,69 +17,60 @@ func TestStatisticGet(t *testing.T) {
//prepare for test
var myProCount, pubProCount, totalProCount int32
result, err := apiTest.StatisticGet(*admin)
var priMyProjectCount, priMyRepoCount int32
var priPublicProjectCount, priPublicRepoCount int32
var priTotalProjectCount, priTotalRepoCount int32
//case 1: case 1: user not login, expect fail to get status info.
fmt.Println("case 1: user not login, expect fail to get status info.")
httpStatusCode, result, err := apiTest.StatisticGet(*unknownUsr)
if err != nil {
t.Error("Error get statistic info.", err.Error())
t.Log(err)
} else {
assert.Equal(httpStatusCode, int(401), "Case 1: Get status info without login. (401)")
}
//case 2: admin successful login, expect get status info successful.
fmt.Println("case 2: admin successful login, expect get status info successful.")
httpStatusCode, result, err = apiTest.StatisticGet(*admin)
if err != nil {
t.Error("Error get statistic info.", err.Error())
t.Log(err)
} else {
assert.Equal(httpStatusCode, int(200), "Case 2: Get status info with admin login. (200)")
//fmt.Println("pri status data %+v", result)
priMyProjectCount = result.MyProjectCount
priMyRepoCount = result.MyRepoCount
priPublicProjectCount = result.PublicProjectCount
priPublicRepoCount = result.PublicRepoCount
priTotalProjectCount = result.TotalProjectCount
priTotalRepoCount = result.TotalRepoCount
}
//case 3: status info increased after add more project and repo.
fmt.Println("case 3: status info increased after add more project and repo.")
CommonAddProject()
CommonAddRepository()
httpStatusCode, result, err = apiTest.StatisticGet(*admin)
//fmt.Println("new status data %+v", result)
if err != nil {
t.Error("Error while get statistic information", err.Error())
t.Log(err)
} else {
myProCount = result.MyProjectCount
pubProCount = result.PublicProjectCount
totalProCount = result.TotalProjectCount
}
//post project
var project apilib.ProjectReq
project.ProjectName = "statistic_project"
project.Public = 1
//case 2: admin successful login, expect project creation success.
fmt.Println("case 2: admin successful login, expect project creation success.")
reply, err := apiTest.ProjectsPost(*admin, project)
if err != nil {
t.Error("Error while creat project", err.Error())
t.Log(err)
} else {
assert.Equal(reply, int(201), "Case 2: Project creation status should be 201")
}
//get and compare
result, err = apiTest.StatisticGet(*admin)
if err != nil {
t.Error("Error while get statistic information", err.Error())
t.Log(err)
} else {
assert.Equal(myProCount+1, result.MyProjectCount, "MyProjectCount should be equal")
assert.Equal(int32(2), result.MyRepoCount, "MyRepoCount should be equal")
assert.Equal(pubProCount+1, result.PublicProjectCount, "PublicProjectCount should be equal")
assert.Equal(int32(2), result.PublicRepoCount, "PublicRepoCount should be equal")
assert.Equal(totalProCount+1, result.TotalProjectCount, "TotalProCount should be equal")
assert.Equal(int32(2), result.TotalRepoCount, "TotalRepoCount should be equal")
assert.Equal(priMyProjectCount+1, result.MyProjectCount, "MyProjectCount should be +1")
assert.Equal(priMyRepoCount+1, result.MyRepoCount, "MyRepoCount should be +1")
assert.Equal(priPublicProjectCount, result.PublicProjectCount, "PublicProjectCount should be equal")
assert.Equal(priPublicRepoCount+1, result.PublicRepoCount, "PublicRepoCount should be +1")
assert.Equal(priTotalProjectCount+1, result.TotalProjectCount, "TotalProCount should be +1")
assert.Equal(priTotalRepoCount+1, result.TotalRepoCount, "TotalRepoCount should be +1")
}
//get the project
var projects []apilib.Project
var addProjectID int32
httpStatusCode, projects, err := apiTest.ProjectsGet(project.ProjectName, 1)
if err != nil {
t.Error("Error while search project by proName and isPublic", err.Error())
t.Log(err)
} else {
assert.Equal(int(200), httpStatusCode, "httpStatusCode should be 200")
addProjectID = projects[0].ProjectId
}
//delete the project
projectID := strconv.Itoa(int(addProjectID))
httpStatusCode, err = apiTest.ProjectsDelete(*admin, projectID)
if err != nil {
t.Error("Error while delete project", err.Error())
t.Log(err)
} else {
assert.Equal(int(200), httpStatusCode, "Case 1: Project creation status should be 200")
//t.Log(result)
}
fmt.Printf("\n")
//delete the project and repo
CommonDelProject()
CommonDelRepository()
}

View File

@ -323,13 +323,13 @@ func (ua *UserAPI) ToggleUserAdminRole() {
func validate(user models.User) error {
if isIllegalLength(user.Username, 1, 20) {
return fmt.Errorf("Username with illegal length.")
return fmt.Errorf("username with illegal length")
}
if isContainIllegalChar(user.Username, []string{",", "~", "#", "$", "%"}) {
return fmt.Errorf("Username contains illegal characters.")
return fmt.Errorf("username contains illegal characters")
}
if isIllegalLength(user.Password, 8, 20) {
return fmt.Errorf("Password with illegal length.")
return fmt.Errorf("password with illegal length")
}
if err := commonValidate(user); err != nil {
return err
@ -342,21 +342,21 @@ func commonValidate(user models.User) error {
if len(user.Email) > 0 {
if m, _ := regexp.MatchString(`^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$`, user.Email); !m {
return fmt.Errorf("Email with illegal format.")
return fmt.Errorf("email with illegal format")
}
} else {
return fmt.Errorf("Email can't be empty")
}
if isIllegalLength(user.Realname, 0, 20) {
return fmt.Errorf("Realname with illegal length.")
return fmt.Errorf("realname with illegal length")
}
if isContainIllegalChar(user.Realname, []string{",", "~", "#", "$", "%"}) {
return fmt.Errorf("Realname contains illegal characters.")
return fmt.Errorf("realname contains illegal characters")
}
if isIllegalLength(user.Comment, -1, 30) {
return fmt.Errorf("Comment with illegal length.")
return fmt.Errorf("comment with illegal length")
}
return nil

View File

@ -48,7 +48,7 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
}
ldapURL := os.Getenv("LDAP_URL")
if ldapURL == "" {
return nil, errors.New("Can not get any available LDAP_URL.")
return nil, errors.New("can not get any available LDAP_URL")
}
log.Debug("ldapURL:", ldapURL)
ldap, err := openldap.Initialize(ldapURL)
@ -59,7 +59,7 @@ func (l *Auth) Authenticate(m models.AuthModel) (*models.User, error) {
ldapBaseDn := os.Getenv("LDAP_BASE_DN")
if ldapBaseDn == "" {
return nil, errors.New("Can not get any available LDAP_BASE_DN.")
return nil, errors.New("can not get any available LDAP_BASE_DN")
}
log.Debug("baseDn:", ldapBaseDn)

View File

@ -9,6 +9,9 @@ type AccountSettingController struct {
func (asc *AccountSettingController) Get() {
var isAdminForLdap bool
sessionUserID, ok := asc.GetSession("userId").(int)
if !ok {
asc.Redirect("/", 302)
}
if ok && sessionUserID == 1 {
isAdminForLdap = true
}

View File

@ -9,6 +9,9 @@ type ChangePasswordController struct {
func (cpc *ChangePasswordController) Get() {
var isAdminForLdap bool
sessionUserID, ok := cpc.GetSession("userId").(int)
if !ok {
cpc.Redirect("/", 302)
}
if ok && sessionUserID == 1 {
isAdminForLdap = true
}

View File

@ -112,12 +112,12 @@ func TestMain(t *testing.T) {
r, _ = http.NewRequest("GET", "/account_setting", nil)
w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(200), w.Code, "'/account_setting' httpStatusCode should be 200")
assert.Equal(int(302), w.Code, "'/account_setting' httpStatusCode should be 302")
r, _ = http.NewRequest("GET", "/change_password", nil)
w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(200), w.Code, "'/change_password' httpStatusCode should be 200")
assert.Equal(int(302), w.Code, "'/change_password' httpStatusCode should be 302")
r, _ = http.NewRequest("GET", "/admin_option", nil)
w = httptest.NewRecorder()

View File

@ -43,7 +43,7 @@ func updateInitPassword(userID int, password string) error {
return fmt.Errorf("Failed to get user, userID: %d %v", userID, err)
}
if user == nil {
return fmt.Errorf("User id: %d does not exist.", userID)
return fmt.Errorf("user id: %d does not exist", userID)
}
if user.Salt == "" {
salt := utils.GenerateRandomString()

View File

@ -18,39 +18,22 @@
angular
.module('harbor.app')
.factory('currentUser', currentUser)
.factory('currentProjectMember', currentProjectMember);
.factory('currentUser', currentUser);
currentUser.$inject = ['$cookies', '$timeout'];
currentUser.$inject = ['$rootScope'];
function currentUser($cookies, $timeout) {
function currentUser($rootScope) {
return {
set: function(user) {
$cookies.putObject('user', user, {'path': '/'});
$rootScope.user = user;
},
get: function() {
return $cookies.getObject('user');
return $rootScope.user;
},
unset: function() {
$cookies.remove('user', {'path': '/'});
delete $rootScope.user;
}
};
}
currentProjectMember.$inject = ['$cookies'];
function currentProjectMember($cookies) {
return {
set: function(member) {
$cookies.putObject('member', member, {'path': '/'});
},
get: function() {
return $cookies.getObject('member');
},
unset: function() {
$cookies.remove('member', {'path': '/'});
}
};
}
})();

View File

@ -17,7 +17,6 @@
angular
.module('harbor.app', [
'ngMessages',
'ngCookies',
'harbor.session',
'harbor.layout.element.height',
'harbor.layout.header',

View File

@ -35,13 +35,12 @@
vm.updateUser = updateUser;
vm.cancel = cancel;
$scope.user = currentUser.get();
if(!$scope.user) {
$window.location.href = '/';
return;
}
var userId = $scope.user.user_id;
$scope.$watch('user', function(current) {
if(current) {
$scope.user = current;
}
});
//Error message dialog handler for account setting.
$scope.$on('modalTitle', function(e, val) {
vm.modalTitle = val;
@ -61,7 +60,7 @@
$scope.$broadcast('showDialog', true);
}
});
function reset() {
$scope.form.$setUntouched();
$scope.form.$setPristine();
@ -77,10 +76,10 @@
vm.confirmOnly = true;
vm.action = vm.confirm;
if(user && angular.isDefined(user.username) && angular.isDefined(user.realname)) {
UpdateUserService(userId, user)
UpdateUserService($scope.user.user_id, user)
.success(updateUserSuccess)
.error(updateUserFailed);
currentUser.set(user);
currentUser.set($scope.user);
}
}

View File

@ -20,9 +20,9 @@
.module('harbor.layout.change.password')
.controller('ChangePasswordController', ChangePasswordController);
ChangePasswordController.$inject = ['ChangePasswordService', 'UpdateUserService', '$filter', 'trFilter', '$scope', '$window', 'currentUser'];
ChangePasswordController.$inject = ['ChangePasswordService', 'UpdateUserService', '$filter', 'trFilter', '$scope', '$window'];
function ChangePasswordController(ChangePasswordService, UpdateUserService, $filter, trFilter, $scope, $window, currentUser) {
function ChangePasswordController(ChangePasswordService, UpdateUserService, $filter, trFilter, $scope, $window) {
var vm = this;
vm.isOpen = false;
@ -36,14 +36,13 @@
vm.updatePassword = updatePassword;
vm.cancel = cancel;
$scope.user = currentUser.get();
if(!$scope.user) {
$window.location.href = '/';
return;
}
var userId = $scope.user.user_id;
//Error message dialog handler for account setting.
$scope.$watch('user', function(current) {
if(current) {
$scope.user = current;
}
});
//Error message dialog handler for changing password.
$scope.$on('modalTitle', function(e, val) {
vm.modalTitle = val;
});
@ -62,7 +61,7 @@
$scope.$broadcast('showDialog', true);
}
});
function reset() {
$scope.form.$setUntouched();
$scope.form.$setPristine();
@ -77,16 +76,16 @@
function updatePassword(user) {
if(user && angular.isDefined(user.oldPassword) && angular.isDefined(user.password)) {
vm.action = vm.confirm;
ChangePasswordService(userId, user.oldPassword, user.password)
ChangePasswordService($scope.user.user_id, user.oldPassword, user.password)
.success(changePasswordSuccess)
.error(changePasswordFailed);
}
}
function changePasswordSuccess(data, status) {
vm.modalTitle = $filter('tr')('change_password', []);
vm.modalMessage = $filter('tr')('successful_changed_password', []);
vm.confirmOnly = true;
$scope.$broadcast('showDialog', true);
}

View File

@ -25,7 +25,7 @@
function SignUpController($scope, SignUpService, $window, $filter, trFilter) {
var vm = this;
vm.user = {};
$scope.user = {};
vm.signUp = signUp;
vm.confirm = confirm;
@ -77,6 +77,7 @@
}
vm.modalTitle = title;
vm.modalMessage = message;
vm.confirmOnly = true;
$scope.$broadcast('showDialog', true);
}

View File

@ -40,7 +40,7 @@
}
function getCurrentUserFailed(e){
console.log('Failed to get current user:' + e);
console.log('Failed to get current user:' + e.statusText);
LogOutService()
.success(logOutSuccess)
.error(logOutFailed);

View File

@ -1,9 +0,0 @@
/*
AngularJS v1.5.3
(c) 2010-2016 Google, Inc. http://angularjs.org
License: MIT
*/
(function(p,c,n){'use strict';function l(b,a,g){var d=g.baseHref(),k=b[0];return function(b,e,f){var g,h;f=f||{};h=f.expires;g=c.isDefined(f.path)?f.path:d;c.isUndefined(e)&&(h="Thu, 01 Jan 1970 00:00:00 GMT",e="");c.isString(h)&&(h=new Date(h));e=encodeURIComponent(b)+"="+encodeURIComponent(e);e=e+(g?";path="+g:"")+(f.domain?";domain="+f.domain:"");e+=h?";expires="+h.toUTCString():"";e+=f.secure?";secure":"";f=e.length+1;4096<f&&a.warn("Cookie '"+b+"' possibly not set or overflowed because it was too large ("+
f+" > 4096 bytes)!");k.cookie=e}}c.module("ngCookies",["ng"]).provider("$cookies",[function(){var b=this.defaults={};this.$get=["$$cookieReader","$$cookieWriter",function(a,g){return{get:function(d){return a()[d]},getObject:function(d){return(d=this.get(d))?c.fromJson(d):d},getAll:function(){return a()},put:function(d,a,m){g(d,a,m?c.extend({},b,m):b)},putObject:function(d,b,a){this.put(d,c.toJson(b),a)},remove:function(a,k){g(a,n,k?c.extend({},b,k):b)}}}]}]);c.module("ngCookies").factory("$cookieStore",
["$cookies",function(b){return{get:function(a){return b.getObject(a)},put:function(a,c){b.putObject(a,c)},remove:function(a){b.remove(a)}}}]);l.$inject=["$document","$log","$browser"];c.module("ngCookies").provider("$$cookieWriter",function(){this.$get=l})})(window,window.angular);
//# sourceMappingURL=angular-cookies.min.js.map

View File

@ -39,7 +39,6 @@
<script src="/static/vendors/angularjs/angular.min.js"></script>
<script src="/static/vendors/angularjs/angular-messages.min.js"></script>
<script src="/static/vendors/angularjs/angular-cookies.min.js"></script>
<script src="/static/resources/js/harbor.module.js"></script>
<script src="/static/resources/js/harbor.config.js"></script>