mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-25 17:11:24 +01:00
readjust package structure
This commit is contained in:
parent
5cd55220c8
commit
dc4f2ece72
@ -19,18 +19,18 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SecurityContext implements security.Context interface based on
|
// SecurityContext implements security.Context interface based on
|
||||||
// auth context and project manager
|
// auth context and project manager
|
||||||
type SecurityContext struct {
|
type SecurityContext struct {
|
||||||
ctx *authcontext.AuthContext
|
ctx *authcontext.AuthContext
|
||||||
pm projectmanager.ProjectManager
|
pm promgr.ProMgr
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewSecurityContext ...
|
// NewSecurityContext ...
|
||||||
func NewSecurityContext(ctx *authcontext.AuthContext, pm projectmanager.ProjectManager) *SecurityContext {
|
func NewSecurityContext(ctx *authcontext.AuthContext, pm promgr.ProMgr) *SecurityContext {
|
||||||
return &SecurityContext{
|
return &SecurityContext{
|
||||||
ctx: ctx,
|
ctx: ctx,
|
||||||
pm: pm,
|
pm: pm,
|
||||||
|
@ -19,17 +19,17 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/dao"
|
"github.com/vmware/harbor/src/common/dao"
|
||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SecurityContext implements security.Context interface based on database
|
// SecurityContext implements security.Context interface based on database
|
||||||
type SecurityContext struct {
|
type SecurityContext struct {
|
||||||
user *models.User
|
user *models.User
|
||||||
pm projectmanager.ProjectManager
|
pm promgr.ProMgr
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewSecurityContext ...
|
// NewSecurityContext ...
|
||||||
func NewSecurityContext(user *models.User, pm projectmanager.ProjectManager) *SecurityContext {
|
func NewSecurityContext(user *models.User, pm promgr.ProMgr) *SecurityContext {
|
||||||
return &SecurityContext{
|
return &SecurityContext{
|
||||||
user: user,
|
user: user,
|
||||||
pm: pm,
|
pm: pm,
|
||||||
|
@ -25,7 +25,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/dao"
|
"github.com/vmware/harbor/src/common/dao"
|
||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -47,7 +47,7 @@ var (
|
|||||||
Email: "guestUser@vmware.com",
|
Email: "guestUser@vmware.com",
|
||||||
}
|
}
|
||||||
|
|
||||||
pm = &db.ProjectManager{}
|
pm = &local.ProjectManager{}
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestMain(m *testing.M) {
|
func TestMain(m *testing.M) {
|
||||||
|
@ -21,7 +21,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/security"
|
"github.com/vmware/harbor/src/common/security"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/filter"
|
"github.com/vmware/harbor/src/ui/filter"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// BaseController ...
|
// BaseController ...
|
||||||
@ -31,7 +31,7 @@ type BaseController struct {
|
|||||||
SecurityCtx security.Context
|
SecurityCtx security.Context
|
||||||
// ProjectMgr is the project manager which abstracts the operations
|
// ProjectMgr is the project manager which abstracts the operations
|
||||||
// related to projects
|
// related to projects
|
||||||
ProjectMgr projectmanager.ProjectManager
|
ProjectMgr promgr.ProMgr
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -33,7 +33,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/utils/registry"
|
"github.com/vmware/harbor/src/common/utils/registry"
|
||||||
"github.com/vmware/harbor/src/common/utils/registry/auth"
|
"github.com/vmware/harbor/src/common/utils/registry/auth"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
"github.com/vmware/harbor/src/ui/service/token"
|
"github.com/vmware/harbor/src/ui/service/token"
|
||||||
uiutils "github.com/vmware/harbor/src/ui/utils"
|
uiutils "github.com/vmware/harbor/src/ui/utils"
|
||||||
)
|
)
|
||||||
@ -166,7 +166,7 @@ func postReplicationAction(policyID int64, acton string) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// SyncRegistry syncs the repositories of registry with database.
|
// SyncRegistry syncs the repositories of registry with database.
|
||||||
func SyncRegistry(pm projectmanager.ProjectManager) error {
|
func SyncRegistry(pm promgr.ProMgr) error {
|
||||||
|
|
||||||
log.Infof("Start syncing repositories from registry to DB... ")
|
log.Infof("Start syncing repositories from registry to DB... ")
|
||||||
|
|
||||||
@ -254,7 +254,7 @@ func catalog() ([]string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func diffRepos(reposInRegistry []string, reposInDB []string,
|
func diffRepos(reposInRegistry []string, reposInDB []string,
|
||||||
pm projectmanager.ProjectManager) ([]string, []string, error) {
|
pm promgr.ProMgr) ([]string, []string, error) {
|
||||||
var needsAdd []string
|
var needsAdd []string
|
||||||
var needsDel []string
|
var needsDel []string
|
||||||
|
|
||||||
@ -359,7 +359,7 @@ func diffRepos(reposInRegistry []string, reposInDB []string,
|
|||||||
return needsAdd, needsDel, nil
|
return needsAdd, needsDel, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func projectExists(pm projectmanager.ProjectManager, repository string) (bool, error) {
|
func projectExists(pm promgr.ProMgr, repository string) (bool, error) {
|
||||||
project, _ := utils.ParseRepository(repository)
|
project, _ := utils.ParseRepository(repository)
|
||||||
return pm.Exist(project)
|
return pm.Exist(project)
|
||||||
}
|
}
|
||||||
|
@ -29,9 +29,9 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
"github.com/vmware/harbor/src/common/secret"
|
"github.com/vmware/harbor/src/common/secret"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -46,14 +46,14 @@ var (
|
|||||||
// AdminserverClient is a client for adminserver
|
// AdminserverClient is a client for adminserver
|
||||||
AdminserverClient client.Client
|
AdminserverClient client.Client
|
||||||
// GlobalProjectMgr is initialized based on the deploy mode
|
// GlobalProjectMgr is initialized based on the deploy mode
|
||||||
GlobalProjectMgr projectmanager.ProjectManager
|
GlobalProjectMgr promgr.ProMgr
|
||||||
mg *comcfg.Manager
|
mg *comcfg.Manager
|
||||||
keyProvider comcfg.KeyProvider
|
keyProvider comcfg.KeyProvider
|
||||||
// AdmiralClient is initialized only under integration deploy mode
|
// AdmiralClient is initialized only under integration deploy mode
|
||||||
// and can be passed to project manager as a parameter
|
// and can be passed to project manager as a parameter
|
||||||
AdmiralClient *http.Client
|
AdmiralClient *http.Client
|
||||||
// TokenReader is used in integration mode to read token
|
// TokenReader is used in integration mode to read token
|
||||||
TokenReader pms.TokenReader
|
TokenReader admiral.TokenReader
|
||||||
)
|
)
|
||||||
|
|
||||||
// Init configurations
|
// Init configurations
|
||||||
@ -108,7 +108,7 @@ func initProjectManager() {
|
|||||||
if !WithAdmiral() {
|
if !WithAdmiral() {
|
||||||
// standalone
|
// standalone
|
||||||
log.Info("initializing the project manager based on database...")
|
log.Info("initializing the project manager based on database...")
|
||||||
GlobalProjectMgr = &db.ProjectManager{}
|
GlobalProjectMgr = &local.ProjectManager{}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -128,10 +128,10 @@ func initProjectManager() {
|
|||||||
path = defaultTokenFilePath
|
path = defaultTokenFilePath
|
||||||
}
|
}
|
||||||
log.Infof("service token file path: %s", path)
|
log.Infof("service token file path: %s", path)
|
||||||
TokenReader = &pms.FileTokenReader{
|
TokenReader = &admiral.FileTokenReader{
|
||||||
Path: path,
|
Path: path,
|
||||||
}
|
}
|
||||||
GlobalProjectMgr = pms.NewProjectManager(AdmiralClient,
|
GlobalProjectMgr = admiral.NewProjectManager(AdmiralClient,
|
||||||
AdmiralEndpoint(), TokenReader)
|
AdmiralEndpoint(), TokenReader)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -25,15 +25,15 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
secstore "github.com/vmware/harbor/src/common/secret"
|
secstore "github.com/vmware/harbor/src/common/secret"
|
||||||
"github.com/vmware/harbor/src/common/security"
|
"github.com/vmware/harbor/src/common/security"
|
||||||
"github.com/vmware/harbor/src/common/security/admiral"
|
admr "github.com/vmware/harbor/src/common/security/admiral"
|
||||||
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
"github.com/vmware/harbor/src/common/security/admiral/authcontext"
|
||||||
"github.com/vmware/harbor/src/common/security/local"
|
"github.com/vmware/harbor/src/common/security/local"
|
||||||
"github.com/vmware/harbor/src/common/security/secret"
|
"github.com/vmware/harbor/src/common/security/secret"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/auth"
|
"github.com/vmware/harbor/src/ui/auth"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||||
)
|
)
|
||||||
|
|
||||||
type key string
|
type key string
|
||||||
@ -192,7 +192,7 @@ func (b *basicAuthReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
|||||||
log.Debug("using global project manager...")
|
log.Debug("using global project manager...")
|
||||||
pm := config.GlobalProjectMgr
|
pm := config.GlobalProjectMgr
|
||||||
log.Debug("creating admiral security context...")
|
log.Debug("creating admiral security context...")
|
||||||
securCtx := admiral.NewSecurityContext(authCtx, pm)
|
securCtx := admr.NewSecurityContext(authCtx, pm)
|
||||||
|
|
||||||
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
||||||
return true
|
return true
|
||||||
@ -265,12 +265,12 @@ func (t *tokenReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
log.Debug("creating PMS project manager...")
|
log.Debug("creating PMS project manager...")
|
||||||
pm := pms.NewProjectManager(config.AdmiralClient,
|
pm := admiral.NewProjectManager(config.AdmiralClient,
|
||||||
config.AdmiralEndpoint(), &pms.RawTokenReader{
|
config.AdmiralEndpoint(), &admiral.RawTokenReader{
|
||||||
Token: token,
|
Token: token,
|
||||||
})
|
})
|
||||||
log.Debug("creating admiral security context...")
|
log.Debug("creating admiral security context...")
|
||||||
securCtx := admiral.NewSecurityContext(authContext, pm)
|
securCtx := admr.NewSecurityContext(authContext, pm)
|
||||||
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
setSecurCtxAndPM(ctx.Request, securCtx, pm)
|
||||||
|
|
||||||
return true
|
return true
|
||||||
@ -283,14 +283,14 @@ func (u *unauthorizedReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
|||||||
log.Debug("user information is nil")
|
log.Debug("user information is nil")
|
||||||
|
|
||||||
var securCtx security.Context
|
var securCtx security.Context
|
||||||
var pm projectmanager.ProjectManager
|
var pm promgr.ProMgr
|
||||||
if config.WithAdmiral() {
|
if config.WithAdmiral() {
|
||||||
// integration with admiral
|
// integration with admiral
|
||||||
log.Debug("creating PMS project manager...")
|
log.Debug("creating PMS project manager...")
|
||||||
pm = pms.NewProjectManager(config.AdmiralClient,
|
pm = admiral.NewProjectManager(config.AdmiralClient,
|
||||||
config.AdmiralEndpoint(), nil)
|
config.AdmiralEndpoint(), nil)
|
||||||
log.Debug("creating admiral security context...")
|
log.Debug("creating admiral security context...")
|
||||||
securCtx = admiral.NewSecurityContext(nil, pm)
|
securCtx = admr.NewSecurityContext(nil, pm)
|
||||||
} else {
|
} else {
|
||||||
// standalone
|
// standalone
|
||||||
log.Debug("using local database project manager")
|
log.Debug("using local database project manager")
|
||||||
@ -302,7 +302,7 @@ func (u *unauthorizedReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func setSecurCtxAndPM(req *http.Request, ctx security.Context, pm projectmanager.ProjectManager) {
|
func setSecurCtxAndPM(req *http.Request, ctx security.Context, pm promgr.ProMgr) {
|
||||||
addToReqContext(req, securCtxKey, ctx)
|
addToReqContext(req, securCtxKey, ctx)
|
||||||
addToReqContext(req, pmKey, pm)
|
addToReqContext(req, pmKey, pm)
|
||||||
}
|
}
|
||||||
@ -331,7 +331,7 @@ func GetSecurityContext(req *http.Request) (security.Context, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// GetProjectManager tries to get project manager from request and returns it
|
// GetProjectManager tries to get project manager from request and returns it
|
||||||
func GetProjectManager(req *http.Request) (projectmanager.ProjectManager, error) {
|
func GetProjectManager(req *http.Request) (promgr.ProMgr, error) {
|
||||||
if req == nil {
|
if req == nil {
|
||||||
return nil, fmt.Errorf("request is nil")
|
return nil, fmt.Errorf("request is nil")
|
||||||
}
|
}
|
||||||
@ -341,7 +341,7 @@ func GetProjectManager(req *http.Request) (projectmanager.ProjectManager, error)
|
|||||||
return nil, fmt.Errorf("the project manager got from request is nil")
|
return nil, fmt.Errorf("the project manager got from request is nil")
|
||||||
}
|
}
|
||||||
|
|
||||||
p, ok := pm.(projectmanager.ProjectManager)
|
p, ok := pm.(promgr.ProMgr)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, fmt.Errorf("the variable got from request is not project manager type")
|
return nil, fmt.Errorf("the variable got from request is not project manager type")
|
||||||
}
|
}
|
||||||
|
@ -37,8 +37,8 @@ import (
|
|||||||
_ "github.com/vmware/harbor/src/ui/auth/db"
|
_ "github.com/vmware/harbor/src/ui/auth/db"
|
||||||
_ "github.com/vmware/harbor/src/ui/auth/ldap"
|
_ "github.com/vmware/harbor/src/ui/auth/ldap"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/db"
|
driver_local "github.com/vmware/harbor/src/ui/promgr/pmsdriver/local"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestMain(m *testing.M) {
|
func TestMain(m *testing.M) {
|
||||||
@ -316,9 +316,9 @@ func TestGetProjectManager(t *testing.T) {
|
|||||||
req, err = http.NewRequest("", "", nil)
|
req, err = http.NewRequest("", "", nil)
|
||||||
assert.Nil(t, err)
|
assert.Nil(t, err)
|
||||||
req = req.WithContext(context.WithValue(req.Context(),
|
req = req.WithContext(context.WithValue(req.Context(),
|
||||||
pmKey, &db.ProjectManager{}))
|
pmKey, &driver_local.ProjectManager{}))
|
||||||
pm, err = GetProjectManager(req)
|
pm, err = GetProjectManager(req)
|
||||||
assert.Nil(t, err)
|
assert.Nil(t, err)
|
||||||
_, ok := pm.(projectmanager.ProjectManager)
|
_, ok := pm.(promgr.ProMgr)
|
||||||
assert.True(t, ok)
|
assert.True(t, ok)
|
||||||
}
|
}
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package pms
|
package admiral
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package pms
|
package admiral
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package pms
|
package admiral
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package pms
|
package admiral
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package db
|
package local
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
@ -12,7 +12,7 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package db
|
package local
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os"
|
"os"
|
@ -12,15 +12,15 @@
|
|||||||
// See the License for the specific language governing permissions and
|
// See the License for the specific language governing permissions and
|
||||||
// limitations under the License.
|
// limitations under the License.
|
||||||
|
|
||||||
package projectmanager
|
package promgr
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ProjectManager is the project mamager which abstracts the operations related
|
// ProMgr is the project mamager which abstracts the operations related
|
||||||
// to projects
|
// to projects
|
||||||
type ProjectManager interface {
|
type ProMgr interface {
|
||||||
Get(projectIDOrName interface{}) (*models.Project, error)
|
Get(projectIDOrName interface{}) (*models.Project, error)
|
||||||
IsPublic(projectIDOrName interface{}) (bool, error)
|
IsPublic(projectIDOrName interface{}) (bool, error)
|
||||||
Exist(projectIDOrName interface{}) (bool, error)
|
Exist(projectIDOrName interface{}) (bool, error)
|
@ -9,7 +9,7 @@ import (
|
|||||||
notarytest "github.com/vmware/harbor/src/common/utils/notary/test"
|
notarytest "github.com/vmware/harbor/src/common/utils/notary/test"
|
||||||
utilstest "github.com/vmware/harbor/src/common/utils/test"
|
utilstest "github.com/vmware/harbor/src/common/utils/test"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager/pms"
|
"github.com/vmware/harbor/src/ui/promgr/pmsdriver/admiral"
|
||||||
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
@ -148,8 +148,8 @@ func TestPMSPolicyChecker(t *testing.T) {
|
|||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
pm := pms.NewProjectManager(http.DefaultClient,
|
pm := admiral.NewProjectManager(http.DefaultClient,
|
||||||
admiralEndpoint, &pms.RawTokenReader{
|
admiralEndpoint, &admiral.RawTokenReader{
|
||||||
Token: "token",
|
Token: "token",
|
||||||
})
|
})
|
||||||
name := "project_for_test_get_sev_low"
|
name := "project_for_test_get_sev_low"
|
||||||
|
@ -9,7 +9,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/common/utils/notary"
|
"github.com/vmware/harbor/src/common/utils/notary"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
uiutils "github.com/vmware/harbor/src/ui/utils"
|
uiutils "github.com/vmware/harbor/src/ui/utils"
|
||||||
|
|
||||||
"context"
|
"context"
|
||||||
@ -88,7 +88,7 @@ func (ec envPolicyChecker) vulnerablePolicy(name string) (bool, models.Severity)
|
|||||||
}
|
}
|
||||||
|
|
||||||
type pmsPolicyChecker struct {
|
type pmsPolicyChecker struct {
|
||||||
pm projectmanager.ProjectManager
|
pm promgr.ProMgr
|
||||||
}
|
}
|
||||||
|
|
||||||
func (pc pmsPolicyChecker) contentTrustEnabled(name string) bool {
|
func (pc pmsPolicyChecker) contentTrustEnabled(name string) bool {
|
||||||
@ -109,7 +109,7 @@ func (pc pmsPolicyChecker) vulnerablePolicy(name string) (bool, models.Severity)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// newPMSPolicyChecker returns an instance of an pmsPolicyChecker
|
// newPMSPolicyChecker returns an instance of an pmsPolicyChecker
|
||||||
func newPMSPolicyChecker(pm projectmanager.ProjectManager) policyChecker {
|
func newPMSPolicyChecker(pm promgr.ProMgr) policyChecker {
|
||||||
return &pmsPolicyChecker{
|
return &pmsPolicyChecker{
|
||||||
pm: pm,
|
pm: pm,
|
||||||
}
|
}
|
||||||
|
@ -29,7 +29,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/security"
|
"github.com/vmware/harbor/src/common/security"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
promgr "github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -81,7 +81,7 @@ func GetResourceActions(scopes []string) []*token.ResourceActions {
|
|||||||
|
|
||||||
//filterAccess iterate a list of resource actions and try to use the filter that matches the resource type to filter the actions.
|
//filterAccess iterate a list of resource actions and try to use the filter that matches the resource type to filter the actions.
|
||||||
func filterAccess(access []*token.ResourceActions, ctx security.Context,
|
func filterAccess(access []*token.ResourceActions, ctx security.Context,
|
||||||
pm promgr.ProjectManager, filters map[string]accessFilter) error {
|
pm promgr.ProMgr, filters map[string]accessFilter) error {
|
||||||
var err error
|
var err error
|
||||||
for _, a := range access {
|
for _, a := range access {
|
||||||
f, ok := filters[a.Type]
|
f, ok := filters[a.Type]
|
||||||
|
@ -26,7 +26,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
"github.com/vmware/harbor/src/ui/config"
|
"github.com/vmware/harbor/src/ui/config"
|
||||||
"github.com/vmware/harbor/src/ui/filter"
|
"github.com/vmware/harbor/src/ui/filter"
|
||||||
promgr "github.com/vmware/harbor/src/ui/projectmanager"
|
"github.com/vmware/harbor/src/ui/promgr"
|
||||||
)
|
)
|
||||||
|
|
||||||
var creatorMap map[string]Creator
|
var creatorMap map[string]Creator
|
||||||
@ -127,13 +127,13 @@ func parseImg(s string) (*image, error) {
|
|||||||
|
|
||||||
// An accessFilter will filter access based on userinfo
|
// An accessFilter will filter access based on userinfo
|
||||||
type accessFilter interface {
|
type accessFilter interface {
|
||||||
filter(ctx security.Context, pm promgr.ProjectManager, a *token.ResourceActions) error
|
filter(ctx security.Context, pm promgr.ProMgr, a *token.ResourceActions) error
|
||||||
}
|
}
|
||||||
|
|
||||||
type registryFilter struct {
|
type registryFilter struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (reg registryFilter) filter(ctx security.Context, pm promgr.ProjectManager,
|
func (reg registryFilter) filter(ctx security.Context, pm promgr.ProMgr,
|
||||||
a *token.ResourceActions) error {
|
a *token.ResourceActions) error {
|
||||||
//Do not filter if the request is to access registry catalog
|
//Do not filter if the request is to access registry catalog
|
||||||
if a.Name != "catalog" {
|
if a.Name != "catalog" {
|
||||||
@ -151,7 +151,7 @@ type repositoryFilter struct {
|
|||||||
parser imageParser
|
parser imageParser
|
||||||
}
|
}
|
||||||
|
|
||||||
func (rep repositoryFilter) filter(ctx security.Context, pm promgr.ProjectManager,
|
func (rep repositoryFilter) filter(ctx security.Context, pm promgr.ProMgr,
|
||||||
a *token.ResourceActions) error {
|
a *token.ResourceActions) error {
|
||||||
//clear action list to assign to new acess element after perm check.
|
//clear action list to assign to new acess element after perm check.
|
||||||
img, err := rep.parser.parse(a.Name)
|
img, err := rep.parser.parse(a.Name)
|
||||||
|
Loading…
Reference in New Issue
Block a user