mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-11 02:17:42 +01:00
readjust package structure
This commit is contained in:
Wenkai Yin
parent
5cd55220c8
commit
dc4f2ece72
@ -19,18 +19,18 @@ import (
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
)
|
||||
|
||||
// SecurityContext implements security.Context interface based on
|
||||
// auth context and project manager
|
||||
type SecurityContext struct {
|
||||
ctx *authcontext.AuthContext
|
||||
pm projectmanager.ProjectManager
|
||||
pm promgr.ProMgr
|
||||
}
|
||||
|
||||
// NewSecurityContext ...
|
||||
func NewSecurityContext(ctx *authcontext.AuthContext, pm projectmanager.ProjectManager) *SecurityContext {
|
||||
func NewSecurityContext(ctx *authcontext.AuthContext, pm promgr.ProMgr) *SecurityContext {
|
||||
return &SecurityContext{
|
||||
ctx: ctx,
|
||||
pm: pm,
|
||||
|
||||
@ -19,17 +19,17 @@ import (
|
||||
"github.com/vmware/harbor/src/common/dao"
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
)
|
||||
|
||||
// SecurityContext implements security.Context interface based on database
|
||||
type SecurityContext struct {
|
||||
user *models.User
|
||||
pm projectmanager.ProjectManager
|
||||
pm promgr.ProMgr
|
||||
}
|
||||
|
||||
// NewSecurityContext ...
|
||||
func NewSecurityContext(user *models.User, pm projectmanager.ProjectManager) *SecurityContext {
|
||||
func NewSecurityContext(user *models.User, pm promgr.ProMgr) *SecurityContext {
|
||||
return &SecurityContext{
|
||||
user: user,
|
||||
pm: pm,
|
||||
|
||||
@ -25,7 +25,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/dao"
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
||||
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -47,7 +47,7 @@ var (
|
||||
Email: "guestUser@vmware.com",
|
||||
}
|
||||
|
||||
pm = &db.ProjectManager{}
|
||||
pm = &local.ProjectManager{}
|
||||
)
|
||||
|
||||
func TestMain(m *testing.M) {
|
||||
|
||||
@ -21,7 +21,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/security"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/filter"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
)
|
||||
|
||||
// BaseController ...
|
||||
@ -31,7 +31,7 @@ type BaseController struct {
|
||||
SecurityCtx security.Context
|
||||
// ProjectMgr is the project manager which abstracts the operations
|
||||
// related to projects
|
||||
ProjectMgr projectmanager.ProjectManager
|
||||
ProjectMgr promgr.ProMgr
|
||||
}
|
||||
|
||||
const (
|
||||
|
||||
@ -33,7 +33,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/utils/registry"
|
||||
"github.com/vmware/harbor/src/common/utils/registry/auth"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
"github.com/vmware/harbor/src/ui/service/token"
|
||||
uiutils "github.com/vmware/harbor/src/ui/utils"
|
||||
)
|
||||
@ -166,7 +166,7 @@ func postReplicationAction(policyID int64, acton string) error {
|
||||
}
|
||||
|
||||
// SyncRegistry syncs the repositories of registry with database.
|
||||
func SyncRegistry(pm projectmanager.ProjectManager) error {
|
||||
func SyncRegistry(pm promgr.ProMgr) error {
|
||||
|
||||
log.Infof("Start syncing repositories from registry to DB... ")
|
||||
|
||||
@ -254,7 +254,7 @@ func catalog() ([]string, error) {
|
||||
}
|
||||
|
||||
func diffRepos(reposInRegistry []string, reposInDB []string,
|
||||
pm projectmanager.ProjectManager) ([]string, []string, error) {
|
||||
pm promgr.ProMgr) ([]string, []string, error) {
|
||||
var needsAdd []string
|
||||
var needsDel []string
|
||||
|
||||
@ -359,7 +359,7 @@ func diffRepos(reposInRegistry []string, reposInDB []string,
|
||||
return needsAdd, needsDel, nil
|
||||
}
|
||||
|
||||
func projectExists(pm projectmanager.ProjectManager, repository string) (bool, error) {
|
||||
func projectExists(pm promgr.ProMgr, repository string) (bool, error) {
|
||||
project, _ := utils.ParseRepository(repository)
|
||||
return pm.Exist(project)
|
||||
}
|
||||
|
||||
@ -29,9 +29,9 @@ import (
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
"github.com/vmware/harbor/src/common/secret"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -46,14 +46,14 @@ var (
|
||||
// AdminserverClient is a client for adminserver
|
||||
AdminserverClient client.Client
|
||||
// GlobalProjectMgr is initialized based on the deploy mode
|
||||
GlobalProjectMgr projectmanager.ProjectManager
|
||||
GlobalProjectMgr promgr.ProMgr
|
||||
mg *comcfg.Manager
|
||||
keyProvider comcfg.KeyProvider
|
||||
// AdmiralClient is initialized only under integration deploy mode
|
||||
// and can be passed to project manager as a parameter
|
||||
AdmiralClient *http.Client
|
||||
// TokenReader is used in integration mode to read token
|
||||
TokenReader pms.TokenReader
|
||||
TokenReader admiral.TokenReader
|
||||
)
|
||||
|
||||
// Init configurations
|
||||
@ -108,7 +108,7 @@ func initProjectManager() {
|
||||
if !WithAdmiral() {
|
||||
// standalone
|
||||
log.Info("initializing the project manager based on database...")
|
||||
GlobalProjectMgr = &db.ProjectManager{}
|
||||
GlobalProjectMgr = &local.ProjectManager{}
|
||||
return
|
||||
}
|
||||
|
||||
@ -128,10 +128,10 @@ func initProjectManager() {
|
||||
path = defaultTokenFilePath
|
||||
}
|
||||
log.Infof("service token file path: %s", path)
|
||||
TokenReader = &pms.FileTokenReader{
|
||||
TokenReader = &admiral.FileTokenReader{
|
||||
Path: path,
|
||||
}
|
||||
GlobalProjectMgr = pms.NewProjectManager(AdmiralClient,
|
||||
GlobalProjectMgr = admiral.NewProjectManager(AdmiralClient,
|
||||
AdmiralEndpoint(), TokenReader)
|
||||
}
|
||||
|
||||
|
||||
@ -25,15 +25,15 @@ import (
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
secstore "github.com/vmware/harbor/src/common/secret"
|
||||
"github.com/vmware/harbor/src/common/security"
|
||||
"github.com/vmware/harbor/src/common/security/admiral"
|
||||
admr "github.com/vmware/harbor/src/common/security/admiral"
|
||||
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
||||
"github.com/vmware/harbor/src/common/security/local"
|
||||
"github.com/vmware/harbor/src/common/security/secret"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/auth"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||
)
|
||||
|
||||
type key string
|
||||
@ -192,7 +192,7 @@ func (b *basicAuthReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
||||
log.Debug("using global project manager...")
|
||||
pm := config.GlobalProjectMgr
|
||||
log.Debug("creating admiral security context...")
|
||||
securCtx := admiral.NewSecurityContext(authCtx, pm)
|
||||
securCtx := admr.NewSecurityContext(authCtx, pm)
|
||||
|
||||
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
||||
return true
|
||||
@ -265,12 +265,12 @@ func (t *tokenReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
||||
}
|
||||
|
||||
log.Debug("creating PMS project manager...")
|
||||
pm := pms.NewProjectManager(config.AdmiralClient,
|
||||
config.AdmiralEndpoint(), &pms.RawTokenReader{
|
||||
pm := admiral.NewProjectManager(config.AdmiralClient,
|
||||
config.AdmiralEndpoint(), &admiral.RawTokenReader{
|
||||
Token: token,
|
||||
})
|
||||
log.Debug("creating admiral security context...")
|
||||
securCtx := admiral.NewSecurityContext(authContext, pm)
|
||||
securCtx := admr.NewSecurityContext(authContext, pm)
|
||||
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
||||
|
||||
return true
|
||||
@ -283,14 +283,14 @@ func (u *unauthorizedReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
||||
log.Debug("user information is nil")
|
||||
|
||||
var securCtx security.Context
|
||||
var pm projectmanager.ProjectManager
|
||||
var pm promgr.ProMgr
|
||||
if config.WithAdmiral() {
|
||||
// integration with admiral
|
||||
log.Debug("creating PMS project manager...")
|
||||
pm = pms.NewProjectManager(config.AdmiralClient,
|
||||
pm = admiral.NewProjectManager(config.AdmiralClient,
|
||||
config.AdmiralEndpoint(), nil)
|
||||
log.Debug("creating admiral security context...")
|
||||
securCtx = admiral.NewSecurityContext(nil, pm)
|
||||
securCtx = admr.NewSecurityContext(nil, pm)
|
||||
} else {
|
||||
// standalone
|
||||
log.Debug("using local database project manager")
|
||||
@ -302,7 +302,7 @@ func (u *unauthorizedReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func setSecurCtxAndPM(req *http.Request, ctx security.Context, pm projectmanager.ProjectManager) {
|
||||
func setSecurCtxAndPM(req *http.Request, ctx security.Context, pm promgr.ProMgr) {
|
||||
addToReqContext(req, securCtxKey, ctx)
|
||||
addToReqContext(req, pmKey, pm)
|
||||
}
|
||||
@ -331,7 +331,7 @@ func GetSecurityContext(req *http.Request) (security.Context, error) {
|
||||
}
|
||||
|
||||
// GetProjectManager tries to get project manager from request and returns it
|
||||
func GetProjectManager(req *http.Request) (projectmanager.ProjectManager, error) {
|
||||
func GetProjectManager(req *http.Request) (promgr.ProMgr, error) {
|
||||
if req == nil {
|
||||
return nil, fmt.Errorf("request is nil")
|
||||
}
|
||||
@ -341,7 +341,7 @@ func GetProjectManager(req *http.Request) (projectmanager.ProjectManager, error)
|
||||
return nil, fmt.Errorf("the project manager got from request is nil")
|
||||
}
|
||||
|
||||
p, ok := pm.(projectmanager.ProjectManager)
|
||||
p, ok := pm.(promgr.ProMgr)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("the variable got from request is not project manager type")
|
||||
}
|
||||
|
||||
@ -37,8 +37,8 @@ import (
|
||||
_ "github.com/vmware/harbor/src/ui/auth/db"
|
||||
_ "github.com/vmware/harbor/src/ui/auth/ldap"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
driver_local "github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||
)
|
||||
|
||||
func TestMain(m *testing.M) {
|
||||
@ -316,9 +316,9 @@ func TestGetProjectManager(t *testing.T) {
|
||||
req, err = http.NewRequest("", "", nil)
|
||||
assert.Nil(t, err)
|
||||
req = req.WithContext(context.WithValue(req.Context(),
|
||||
pmKey, &db.ProjectManager{}))
|
||||
pmKey, &driver_local.ProjectManager{}))
|
||||
pm, err = GetProjectManager(req)
|
||||
assert.Nil(t, err)
|
||||
_, ok := pm.(projectmanager.ProjectManager)
|
||||
_, ok := pm.(promgr.ProMgr)
|
||||
assert.True(t, ok)
|
||||
}
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pms
|
||||
package admiral
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pms
|
||||
package admiral
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pms
|
||||
package admiral
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package pms
|
||||
package admiral
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package db
|
||||
package local
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package db
|
||||
package local
|
||||
|
||||
import (
|
||||
"os"
|
||||
@ -12,15 +12,15 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package projectmanager
|
||||
package promgr
|
||||
|
||||
import (
|
||||
"github.com/vmware/harbor/src/common/models"
|
||||
)
|
||||
|
||||
// ProjectManager is the project mamager which abstracts the operations related
|
||||
// ProMgr is the project mamager which abstracts the operations related
|
||||
// to projects
|
||||
type ProjectManager interface {
|
||||
type ProMgr interface {
|
||||
Get(projectIDOrName interface{}) (*models.Project, error)
|
||||
IsPublic(projectIDOrName interface{}) (bool, error)
|
||||
Exist(projectIDOrName interface{}) (bool, error)
|
||||
@ -9,7 +9,7 @@ import (
|
||||
notarytest "github.com/vmware/harbor/src/common/utils/notary/test"
|
||||
utilstest "github.com/vmware/harbor/src/common/utils/test"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
||||
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
@ -148,8 +148,8 @@ func TestPMSPolicyChecker(t *testing.T) {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
pm := pms.NewProjectManager(http.DefaultClient,
|
||||
admiralEndpoint, &pms.RawTokenReader{
|
||||
pm := admiral.NewProjectManager(http.DefaultClient,
|
||||
admiralEndpoint, &admiral.RawTokenReader{
|
||||
Token: "token",
|
||||
})
|
||||
name := "project_for_test_get_sev_low"
|
||||
|
||||
@ -9,7 +9,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/common/utils/notary"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
uiutils "github.com/vmware/harbor/src/ui/utils"
|
||||
|
||||
"context"
|
||||
@ -88,7 +88,7 @@ func (ec envPolicyChecker) vulnerablePolicy(name string) (bool, models.Severity)
|
||||
}
|
||||
|
||||
type pmsPolicyChecker struct {
|
||||
pm projectmanager.ProjectManager
|
||||
pm promgr.ProMgr
|
||||
}
|
||||
|
||||
func (pc pmsPolicyChecker) contentTrustEnabled(name string) bool {
|
||||
@ -109,7 +109,7 @@ func (pc pmsPolicyChecker) vulnerablePolicy(name string) (bool, models.Severity)
|
||||
}
|
||||
|
||||
// newPMSPolicyChecker returns an instance of an pmsPolicyChecker
|
||||
func newPMSPolicyChecker(pm projectmanager.ProjectManager) policyChecker {
|
||||
func newPMSPolicyChecker(pm promgr.ProMgr) policyChecker {
|
||||
return &pmsPolicyChecker{
|
||||
pm: pm,
|
||||
}
|
||||
|
||||
@ -29,7 +29,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/security"
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
promgr "github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -81,7 +81,7 @@ func GetResourceActions(scopes []string) []*token.ResourceActions {
|
||||
|
||||
//filterAccess iterate a list of resource actions and try to use the filter that matches the resource type to filter the actions.
|
||||
func filterAccess(access []*token.ResourceActions, ctx security.Context,
|
||||
pm promgr.ProjectManager, filters map[string]accessFilter) error {
|
||||
pm promgr.ProMgr, filters map[string]accessFilter) error {
|
||||
var err error
|
||||
for _, a := range access {
|
||||
f, ok := filters[a.Type]
|
||||
|
||||
@ -26,7 +26,7 @@ import (
|
||||
"github.com/vmware/harbor/src/common/utils/log"
|
||||
"github.com/vmware/harbor/src/ui/config"
|
||||
"github.com/vmware/harbor/src/ui/filter"
|
||||
promgr "github.com/vmware/harbor/src/ui/projectmanager"
|
||||
"github.com/vmware/harbor/src/ui/promgr"
|
||||
)
|
||||
|
||||
var creatorMap map[string]Creator
|
||||
@ -127,13 +127,13 @@ func parseImg(s string) (*image, error) {
|
||||
|
||||
// An accessFilter will filter access based on userinfo
|
||||
type accessFilter interface {
|
||||
filter(ctx security.Context, pm promgr.ProjectManager, a *token.ResourceActions) error
|
||||
filter(ctx security.Context, pm promgr.ProMgr, a *token.ResourceActions) error
|
||||
}
|
||||
|
||||
type registryFilter struct {
|
||||
}
|
||||
|
||||
func (reg registryFilter) filter(ctx security.Context, pm promgr.ProjectManager,
|
||||
func (reg registryFilter) filter(ctx security.Context, pm promgr.ProMgr,
|
||||
a *token.ResourceActions) error {
|
||||
//Do not filter if the request is to access registry catalog
|
||||
if a.Name != "catalog" {
|
||||
@ -151,7 +151,7 @@ type repositoryFilter struct {
|
||||
parser imageParser
|
||||
}
|
||||
|
||||
func (rep repositoryFilter) filter(ctx security.Context, pm promgr.ProjectManager,
|
||||
func (rep repositoryFilter) filter(ctx security.Context, pm promgr.ProMgr,
|
||||
a *token.ResourceActions) error {
|
||||
//clear action list to assign to new acess element after perm check.
|
||||
img, err := rep.parser.parse(a.Name)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user