Seperate the HasAdminRole(In DB) with the privileges from external auth, and use user.HasAdminPrivilege to check
Signed-off-by: stonezdj <stonezdj@gmail.com>
1, the commit is for internal robot to bypass policy check, like vul and signature checking.
2, add a bool attribute into registry token, decode it in the harbor core and add the status into request context.
3, add a bool attribut for robot API controller, but API will not use it.y
Signed-off-by: wang yan <wangyan@vmware.com>
1, add API controller for robot account, make it callable internally
2, add Manager to handler dao releate operation
Signed-off-by: wang yan <wangyan@vmware.com>
* Support master role for project member create and update apis
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Fix description for role_id in swagger.yaml
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Add Can method to securty.Context interface
Signed-off-by: He Weiwei <hweiwei@vmware.com>
* Improve mockSecurityContext Can method
Signed-off-by: He Weiwei <hweiwei@vmware.com>
There are two different types to represent http error in the current code. This commit updates the codes to keep only one.
Signed-off-by: Wenkai Yin <yinw@vmware.com>
This commit adds the job to scan all images on registry.
It also makes necessary change to Secret based security context, to
job service has higher permission to call the API of core service.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
1. Update the nginx.conf
2. Update Makefile
3. Update docker-compose
4. Update image name
5. Rename folder ui to core
6. Change the harbor-ui's package name to core
7. Remove unused static file on harbor-core
8. Remove unused code for harbor-portal
Signed-off-by: Qian Deng <dengq@vmware.com>
The project list will contain all public projects, user is a member of this project, or user is in the group which is a member of this projects.
Change the behaviour of user roles, if the user is not a member of this project, then return the user's groups role of current project
1) Remove the previous /api/projects/?:project_id/members/:userid
2) Move the /api/projects/:project_id/projectmembers/?:pmid to
/api/projects/:project_id/members/?:pmid
3) Change the project member maintain ui to call new REST API
