Enable API logs test case (#11142)

1, enable user view log api test case 2, update project logs api permission check 3, use project ctl instead in permission check base method Signed-off-by: wang yan <wangyan@vmware.com>
2024-11-22 18:25:56 +01:00 · 2020-03-19 14:56:37 +08:00 · 2020-03-19 14:56:37 +08:00 · dc6eec8a73
commit dc6eec8a73
parent 32f226901f
6 changed files with 49 additions and 19 deletions
--- a/src/server/v2.0/handler/base.go
+++ b/src/server/v2.0/handler/base.go
@ -26,11 +26,11 @@ import (
 	"strconv"

 	"github.com/go-openapi/runtime/middleware"
+	"github.com/goharbor/harbor/src/api/project"
 	"github.com/goharbor/harbor/src/common/rbac"
 	"github.com/goharbor/harbor/src/common/security"
 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/common/utils/log"
-	"github.com/goharbor/harbor/src/pkg/project"
 	errs "github.com/goharbor/harbor/src/server/error"
 )

@ -66,8 +66,7 @@ func (b *BaseAPI) HasProjectPermission(ctx context.Context, projectIDOrName inte
 	}

 	if projectName != "" {
-		// TODO: use the project controller to replace the project manager
-		p, err := project.Mgr.Get(projectName)
+		p, err := project.Ctl.GetByName(ctx, projectName)
 		if err != nil {
 			log.Errorf("failed to get project %s: %v", projectName, err)
 			return false
--- a/src/server/v2.0/handler/project.go
+++ b/src/server/v2.0/handler/project.go
@ -24,7 +24,7 @@ type projectAPI struct {
 }

 func (a *projectAPI) GetLogs(ctx context.Context, params operation.GetLogsParams) middleware.Responder {
-	if err := a.RequireProjectAccess(ctx, params.ProjectName, rbac.ActionRead, rbac.ResourceLog); err != nil {
+	if err := a.RequireProjectAccess(ctx, params.ProjectName, rbac.ActionList, rbac.ResourceLog); err != nil {
 		return a.SendError(ctx, err)
 	}
 	pro, err := a.proCtl.GetByName(ctx, params.ProjectName)
--- a/tests/apitests/python/library/base.py
+++ b/tests/apitests/python/library/base.py
@ -36,6 +36,7 @@ def _create_client(server, credential, debug, api_type="products"):
        cfg.proxy = proxy
    return {
        "products":   swagger_client.ProductsApi(swagger_client.ApiClient(cfg)),
+        "projectv2":  v2_swagger_client.ProjectApi(v2_swagger_client.ApiClient(cfg)),
        "artifact":   v2_swagger_client.ArtifactApi(v2_swagger_client.ApiClient(cfg)),
        "repository": v2_swagger_client.RepositoryApi(v2_swagger_client.ApiClient(cfg)),
        "scan": v2_swagger_client.ScanApi(v2_swagger_client.ApiClient(cfg)),
--- a/tests/apitests/python/library/projectV2.py
+++ b/tests/apitests/python/library/projectV2.py
@ -0,0 +1,28 @@
+# -*- coding: utf-8 -*-
+
+import time
+import base
+import v2_swagger_client
+from v2_swagger_client.rest import ApiException
+
+class ProjectV2(base.Base, object):
+    def __init__(self):
+        super(ProjectV2,self).__init__(api_type = "projectv2")
+
+    def get_project_log(self, project_name, expect_status_code = 200, **kwargs):
+        client = self._get_client(**kwargs)
+        body, status_code, _ = client.get_logs_with_http_info(project_name)
+        base._assert_status_code(expect_status_code, status_code)
+        return body
+
+    def filter_project_logs(self, project_name, operator, resource, resource_type, operation, **kwargs):
+        access_logs = self.get_project_log(project_name, **kwargs)
+        count = 0
+        for each_access_log in list(access_logs):
+            if each_access_log.username == operator and \
+                    each_access_log.resource_type == resource_type and \
+                    each_access_log.resource == resource and \
+                    each_access_log.operation == operation:
+                count = count + 1
+        return count
+
--- a/tests/apitests/python/test_user_view_logs.py
+++ b/tests/apitests/python/test_user_view_logs.py
@ -6,6 +6,7 @@ from testutils import ADMIN_CLIENT
 from testutils import TEARDOWN
 from testutils import TestResult
 from library.user import User
+from library.projectV2 import ProjectV2
 from library.project import Project
 from library.repository import Repository
 from library.repository import push_image_to_project
@ -26,6 +27,9 @@ class TestProjects(unittest.TestCase):
        repo = Repository()
        self.repo= repo

+        projectv2 = ProjectV2()
+        self.projectv2= projectv2
+
    @classmethod
    def tearDown(self):
        self.test_result.get_final_result()
@ -66,29 +70,30 @@ class TestProjects(unittest.TestCase):
        TestProjects.project_user_view_logs_id, project_user_view_logs_name = self.project.create_project(metadata = {"public": "false"}, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)

        #2.2 In project(PA), there should be 1 'create' log record;
-        tag = "N/A"
        operation = "create"
-        log_count = self.project.filter_project_logs(TestProjects.project_user_view_logs_id, user_user_view_logs_name, project_user_view_logs_name, tag, operation, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
+        log_count = self.projectv2.filter_project_logs(project_user_view_logs_name, user_user_view_logs_name, project_user_view_logs_name, "project", operation, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
        if log_count != 1:
-            self.test_result.add_test_result("Failed to get log with user:{}, repository:{}, tag:{} and operation:{}".format(user_user_view_logs_name, project_user_view_logs_name, tag, operation))
+            self.test_result.add_test_result("1 - Failed to get log with user:{}, resource:{}, resource_type:{} and operation:{}".
+                                             format(user_user_view_logs_name, project_user_view_logs_name, "project", operation))

        #3.1 Push a new image(IA) in project(PA) by admin;
        repo_name, tag = push_image_to_project(project_user_view_logs_name, harbor_server, admin_name, admin_password, "tomcat", "latest")

        #3.2 In project(PA), there should be 1 'push' log record;
-        operation = "push"
-        log_count = self.project.filter_project_logs(TestProjects.project_user_view_logs_id, admin_name, repo_name, tag, "push", **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
+        operation = "create"
+        log_count = self.projectv2.filter_project_logs(project_user_view_logs_name,  admin_name, r'{}:{}'.format(repo_name, tag), "artifact", operation, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
        if log_count != 1:
-            self.test_result.add_test_result("Failed to get log with user:{}, repository:{}, tag:{} and operation:{}".format(user_user_view_logs_name, project_user_view_logs_name, tag, operation))
-
+            self.test_result.add_test_result("2 - Failed to get log with user:{}, resource:{}, resource_type:{} and operation:{}".
+                                             format(user_user_view_logs_name, project_user_view_logs_name, "artifact", operation))
        #4.1 Delete repository(RA) by user(UA);
-        self.repo.delete_repoitory(repo_name, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
+        self.repo.delete_repoitory(project_user_view_logs_name, repo_name.split('/')[1], **TestProjects.USER_USER_VIEW_LOGS_CLIENT)

        #4.2 In project(PA), there should be 1 'delete' log record;
        operation = "delete"
-        log_count = self.project.filter_project_logs(TestProjects.project_user_view_logs_id, user_user_view_logs_name, repo_name, tag, "delete", **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
+        log_count = self.projectv2.filter_project_logs(project_user_view_logs_name, user_user_view_logs_name, repo_name, "repository", operation, **TestProjects.USER_USER_VIEW_LOGS_CLIENT)
        if log_count != 1:
-            self.test_result.add_test_result("Failed to get log with user:{}, repository:{}, tag:{} and operation:{}".format(user_user_view_logs_name, project_user_view_logs_name, tag, operation))
+            self.test_result.add_test_result("5 - Failed to get log with user:{}, resource:{}, resource_type:{} and operation:{}".
+                                             format(user_user_view_logs_name, project_user_view_logs_name, "repository", operation))

 if __name__ == '__main__':
    unittest.main()
--- a/tests/robot-cases/Group0-BAT/API_DB.robot
+++ b/tests/robot-cases/Group0-BAT/API_DB.robot
@ -37,11 +37,8 @@ Test Case - Manage Project Member
    Harbor API Test  ./tests/apitests/python/test_manage_project_member.py
 Test Case - Project Level Policy Content Trust
    Harbor API Test  ./tests/apitests/python/test_project_level_policy_content_trust.py
-# TODO uncomment this after we move the accesslog away from registry notificaiton
-# TODO potentially #10602 may also fix this.
-# User View Logs still in failure state - danfeng@3/11 2020.
-# Test Case - User View Logs
-#    Harbor API Test  ./tests/apitests/python/test_user_view_logs.py
+Test Case - User View Logs
+    Harbor API Test  ./tests/apitests/python/test_user_view_logs.py
 Test Case - List Helm Charts
    Harbor API Test  ./tests/apitests/python/test_list_helm_charts.py
 Test Case - Assign Sys Admin