From f4f45353049066784b3354788a687cfafa791413 Mon Sep 17 00:00:00 2001
From: wang yan <wangyan@vmware.com>
Date: Tue, 29 Jan 2019 16:22:50 +0800
Subject: [PATCH] Fix action and resouce of RBAC change

Signed-off-by: wang yan <wangyan@vmware.com>
---
 src/common/security/robot/context.go      | 7 +++----
 src/common/security/robot/context_test.go | 6 +++---
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/src/common/security/robot/context.go b/src/common/security/robot/context.go
index 9e73dc5570..3b48b91bc0 100644
--- a/src/common/security/robot/context.go
+++ b/src/common/security/robot/context.go
@@ -17,7 +17,6 @@ package robot
 import (
 	"github.com/goharbor/harbor/src/common/models"
 	"github.com/goharbor/harbor/src/common/rbac"
-	"github.com/goharbor/harbor/src/common/rbac/project"
 	"github.com/goharbor/harbor/src/core/promgr"
 )
 
@@ -64,19 +63,19 @@ func (s *SecurityContext) IsSolutionUser() bool {
 // HasReadPerm returns whether the user has read permission to the project
 func (s *SecurityContext) HasReadPerm(projectIDOrName interface{}) bool {
 	isPublicProject, _ := s.pm.IsPublic(projectIDOrName)
-	return s.Can(project.ActionPull, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(project.ResourceImage))
+	return s.Can(rbac.ActionPull, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(rbac.ResourceRepository))
 }
 
 // HasWritePerm returns whether the user has write permission to the project
 func (s *SecurityContext) HasWritePerm(projectIDOrName interface{}) bool {
 	isPublicProject, _ := s.pm.IsPublic(projectIDOrName)
-	return s.Can(project.ActionPush, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(project.ResourceImage))
+	return s.Can(rbac.ActionPush, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(rbac.ResourceRepository))
 }
 
 // HasAllPerm returns whether the user has all permissions to the project
 func (s *SecurityContext) HasAllPerm(projectIDOrName interface{}) bool {
 	isPublicProject, _ := s.pm.IsPublic(projectIDOrName)
-	return s.Can(project.ActionPushPull, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(project.ResourceImage))
+	return s.Can(rbac.ActionPushPull, rbac.NewProjectNamespace(projectIDOrName, isPublicProject).Resource(rbac.ResourceRepository))
 }
 
 // GetMyProjects no implementation
diff --git a/src/common/security/robot/context_test.go b/src/common/security/robot/context_test.go
index 3a729efaab..df7869a904 100644
--- a/src/common/security/robot/context_test.go
+++ b/src/common/security/robot/context_test.go
@@ -136,7 +136,7 @@ func TestIsSolutionUser(t *testing.T) {
 func TestHasReadPerm(t *testing.T) {
 
 	rbacPolicy := &rbac.Policy{
-		Resource: "/project/testrobot/image",
+		Resource: "/project/testrobot/repository",
 		Action:   "pull",
 	}
 	policies := []*rbac.Policy{}
@@ -153,7 +153,7 @@ func TestHasReadPerm(t *testing.T) {
 func TestHasWritePerm(t *testing.T) {
 
 	rbacPolicy := &rbac.Policy{
-		Resource: "/project/testrobot/image",
+		Resource: "/project/testrobot/repository",
 		Action:   "push",
 	}
 	policies := []*rbac.Policy{}
@@ -169,7 +169,7 @@ func TestHasWritePerm(t *testing.T) {
 
 func TestHasAllPerm(t *testing.T) {
 	rbacPolicy := &rbac.Policy{
-		Resource: "/project/testrobot/image",
+		Resource: "/project/testrobot/repository",
 		Action:   "push+pull",
 	}
 	policies := []*rbac.Policy{}