Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-02-17 04:11:24 +01:00
Code Issues Projects Releases Wiki Activity

fix: requires authn for apis of project scanner (#14880)

Browse Source 
Closes #14863

Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
He Weiwei 2021-05-14 11:27:23 +08:00 committed by GitHub
parent 7e6235bd3b
commit eed91dab45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/server/v2.0/handler/project.go
View File

@ -17,13 +17,10 @@ package handler
import ( import (
"context" "context"
"fmt" "fmt"
"github.com/goharbor/harbor/src/lib/config"
"strconv" "strconv"
"strings" "strings"
"sync" "sync"
"github.com/goharbor/harbor/src/pkg/member"
"github.com/go-openapi/runtime/middleware" "github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/strfmt" "github.com/go-openapi/strfmt"
"github.com/goharbor/harbor/src/common" "github.com/goharbor/harbor/src/common"
@ -39,11 +36,13 @@ import (
"github.com/goharbor/harbor/src/controller/scanner" "github.com/goharbor/harbor/src/controller/scanner"
"github.com/goharbor/harbor/src/core/api" "github.com/goharbor/harbor/src/core/api"
"github.com/goharbor/harbor/src/lib" "github.com/goharbor/harbor/src/lib"
"github.com/goharbor/harbor/src/lib/config"
"github.com/goharbor/harbor/src/lib/errors" "github.com/goharbor/harbor/src/lib/errors"
"github.com/goharbor/harbor/src/lib/log" "github.com/goharbor/harbor/src/lib/log"
"github.com/goharbor/harbor/src/lib/orm" "github.com/goharbor/harbor/src/lib/orm"
"github.com/goharbor/harbor/src/lib/q" "github.com/goharbor/harbor/src/lib/q"
"github.com/goharbor/harbor/src/pkg/audit" "github.com/goharbor/harbor/src/pkg/audit"
"github.com/goharbor/harbor/src/pkg/member"
"github.com/goharbor/harbor/src/pkg/project/metadata" "github.com/goharbor/harbor/src/pkg/project/metadata"
"github.com/goharbor/harbor/src/pkg/quota/types" "github.com/goharbor/harbor/src/pkg/quota/types"
"github.com/goharbor/harbor/src/pkg/retention/policy" "github.com/goharbor/harbor/src/pkg/retention/policy"
@ -509,6 +508,10 @@ func (a *projectAPI) UpdateProject(ctx context.Context, params operation.UpdateP
} }
func (a *projectAPI) GetScannerOfProject(ctx context.Context, params operation.GetScannerOfProjectParams) middleware.Responder { func (a *projectAPI) GetScannerOfProject(ctx context.Context, params operation.GetScannerOfProjectParams) middleware.Responder {
if err := a.RequireAuthenticated(ctx); err != nil {
return a.SendError(ctx, err)
}
projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName) projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName)
if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionRead, rbac.ResourceScanner); err != nil { if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionRead, rbac.ResourceScanner); err != nil {
return a.SendError(ctx, err) return a.SendError(ctx, err)
@ -528,6 +531,10 @@ func (a *projectAPI) GetScannerOfProject(ctx context.Context, params operation.G
} }
func (a *projectAPI) ListScannerCandidatesOfProject(ctx context.Context, params operation.ListScannerCandidatesOfProjectParams) middleware.Responder { func (a *projectAPI) ListScannerCandidatesOfProject(ctx context.Context, params operation.ListScannerCandidatesOfProjectParams) middleware.Responder {
if err := a.RequireAuthenticated(ctx); err != nil {
return a.SendError(ctx, err)
}
projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName) projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName)
if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionCreate, rbac.ResourceScanner); err != nil { if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionCreate, rbac.ResourceScanner); err != nil {
return a.SendError(ctx, err) return a.SendError(ctx, err)
@ -560,6 +567,10 @@ func (a *projectAPI) ListScannerCandidatesOfProject(ctx context.Context, params
} }
func (a *projectAPI) SetScannerOfProject(ctx context.Context, params operation.SetScannerOfProjectParams) middleware.Responder { func (a *projectAPI) SetScannerOfProject(ctx context.Context, params operation.SetScannerOfProjectParams) middleware.Responder {
if err := a.RequireAuthenticated(ctx); err != nil {
return a.SendError(ctx, err)
}
projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName) projectNameOrID := parseProjectNameOrID(params.ProjectNameOrID, params.XIsResourceName)
if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionCreate, rbac.ResourceScanner); err != nil { if err := a.RequireProjectAccess(ctx, projectNameOrID, rbac.ActionCreate, rbac.ResourceScanner); err != nil {
return a.SendError(ctx, err) return a.SendError(ctx, err)