This commit remove some funcs from package `common/dao/user` that can be
covered by the manager in `pkg/user`.
Ideally all funcs should be replaced but the dependency relationships
are tricky for some of them I'll push other commit to clean them up.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* Refactor labl api
move to the new program model
Signed-off-by: wang yan <wangyan@vmware.com>
* continue resolve review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
Add pkg/member/dao
Add pkg/member/models
Add pkg/member/manager
Add controller/member
Remove the old project member API
Signed-off-by: stonezdj <stonezdj@gmail.com>
This commit moves the legacy apis related to users to new model.
Some funcs under common/dao are left b/c they are used by other module,
which should also be shifted to leverage managers.
We'll handle them separately.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Improve the performance of replication by introducing a new API to check whether the blob can be mounted directly
Signed-off-by: Wenkai Yin <yinw@vmware.com>
Changes include:
1. Move core/config to controller/config
2. Change the job_service and gcreadonly to depends on lib/config instead of core/config
3. Move the config related dao, manager and driver to pkg/config
4. Adjust the invocation of the config API, most of then should provide a context parameter, when accessing system config, you can call it with background context, when accessing user config, the context should provide orm.Context
Signed-off-by: stonezdj <stonezdj@gmail.com>
This commit adds the attribute "http_authproxy_admin_usernames", which
is string that contains usernames separated by comma, when a user logs
in and the username in the tokenreview status matches the setting of
this attribute, the user will have administrator permission.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit updates the API POST /api/v2.0/system/oidc/ping to new
programming model, in which the code will be generated by go-swagger.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit provide a better way to transform the value to string when
they are loaded from the driver.
Fixes#14074
However the way the config driver loaded config values and configstore
stores it back and forth seems repetitive and should be optimized.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This patch enabled Harbor to receive the username from the /userinfo endpoint
instead of only from the ID Token.
Closes#14037
Signed-off-by: Sven Haardiek <sven@haardiek.de>
1. Remove the duplicate CVE records in the report/summary for the image
index.
2. Add scanner field in the scan overview for the API.
Closes#13913
Signed-off-by: He Weiwei <hweiwei@vmware.com>
1, introduce & define the system resources.
2, replace the IsSysAdmin judge method.
3, give the robot the system access capability.
Signed-off-by: Wang Yan <wangyan@vmware.com>
This commit directly maps the actoin permission in security context to
the scope generated by the token service in harbor-core.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit add a handler to handle the request to
"/c/authproxy/redirect". Harbor is configured to authenticate against
an authproxy, if a request with query string `?token=xxxx`
is sent to this URI, the handler will do tokenreview according to the
setting of authproxy and simulate a `login` workflow based on the result
of token review.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* fix robot account update issue
enable the update method to support both v1 & v2 robot update
Signed-off-by: Wang Yan <wangyan@vmware.com>
* resolve review comments
Signed-off-by: Wang Yan <wangyan@vmware.com>
This commit adds admin_groups into the configuration of http_auth
settings, it's a string in the form of "group1, group2". If the token
review result shows the user is in one of the groups in the setting he
will have the administrator role in Harbor.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
author Wang Yan <wangyan@vmware.com> 1605849192 +0800
committer Wang Yan <wangyan@vmware.com> 1606361046 +0800
update code per review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* refactor: remove core/promgr pkg
Remove `core/promgr` package and use `controller/project` instead of it.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
1. Add configs in prepare
2. Add models and config items in Core
3. Encapdulate getting metric in commom package
4. Add a middleware for global request to collect 3 metrics
Signed-off-by: DQ <dengq@vmware.com>
During the harbor core initialization if the database takes longer to
be ready there is a risk of deadlock when checking for the TCP connection
with the database.
The `TestTCPConn` function uses unbuffered channels to check when the
connection succeeds/timeouts. The timeout check is executed in parallel
with the connection check (this runs in a gorountine). The deadlock happens
when the goroutine execution takes longer than the function timeout
(hence setting `cancel <- 1`) and the DialTimeout call succeeds (hence
setting `success <- 1`). At this point both threads are waiting for the
channels values to be read.
This is reproducible mostly on slow systems where initializing the
database takes longer and finishes during the 5th time of the
`DialTimeout` call where it eventually exceeds the TestTCPConn timeout.
This fix sets the `success` and `cancel` channels as buffered
(non-blocking).
Signed-off-by: Flávio Ramalho <framalho@suse.com>
Add oidc_admin_group to configuration, and make sure a token with the
group name in group claim has the admin authority.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Use `project.Controller` instead of `promgr.ProjectManager` in security
implementations because we will remove `promgr` package later.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Search LDAP group with groupDN+filter, then match baseDN
Create a default filter when ldap group filter is empty
Fixes#13156
Signed-off-by: stonezdj <stonezdj@gmail.com>
Correct ldap search filter is enclosed with '(' and ')'
Search ldap group with the ldap group base DN instead of group DN
Fixes#12613 LDAP Group Filter and Group Base DN have no affect
Signed-off-by: stonezdj <stonezdj@gmail.com>
We know the user id when query projects by member, so use the user id
as entity_id directly in project_member, no need to join harbor_user
table.
Closes#12968
Signed-off-by: He Weiwei <hweiwei@vmware.com>
1, remove the pkg dependency on v2.0/server/models
2, remove the controller dependency on v2.0/server/models
Signed-off-by: wang yan <wangyan@vmware.com>
1, order label by creation time.
2, order webhook policy by creation time.
3, order replication policy by creation time.
Signed-off-by: wang yan <wangyan@vmware.com>
Fixes#11885
This part will not by default be packaged into release.
A README.md will be added in another commit.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Add the read only job as a back up plan, user still can use it but just with API, and specify the parameter read_only:true
Signed-off-by: wang yan <wangyan@vmware.com>
* add debugging env for GC time window
For debugging, the tester/users wants to run GC to delete the removed artifact immediately instead of waitting for two hours, add the env(GC_BLOB_TIME_WINDOW) to meet this.
Signed-off-by: wang yan <wangyan@vmware.com>
* Raise an internal error if username claim is not found, instead of just logging a warning
* Don't remove userInfoKey for session on error when it is not required
* Rename "OIDC Username Claim" to just "Username claim"
Signed-off-by: Alvaro Iradier <airadier@gmail.com>
- Add an option in the UI to enable or disable the automatic user onboarding
- Add an option to specify the claim name where the username is retrieved from.
Signed-off-by: Alvaro Iradier <airadier@gmail.com>
To fetch vulnerability database updated time of the Clair had moved to
the Clair adapter so removes the initialization of clair db in the core.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit rename the var name, text appearance, and swagger of "master" role
to "maintainer" role.
It only covers backend code.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
1, add two more attributes, update_time and status
2, add delete and fresh update time method in blob mgr & ctr.
Signed-off-by: wang yan <wangyan@vmware.com>
* move send error to source lib
Move the sendError into library in case the cycle dependency as regsitry and core are now the consumers.
Signed-off-by: wang yan <wangyan@vmware.com>
Use GenerateRandomStringWithLength function to generate secret for harbor_proxyservice
Add harbor-proxyservice secret used by proxy service
Signed-off-by: stonezdj <stonezdj@gmail.com>
Fixes#9704
As we do want to unify error handling, so just decreprates pkg errors, use lib/errors instead for Harbor internal used errors model.
1, The lib/errors can cover all of funcs of pkg/errors, and also it has code attribute to define the http return value.
2, lib/errors can give a OCI standard error format, like {"errors":[{"code":"UNAUTHORIZED","message":"unauthorized"}]}
If you'd like to use pkg/errors, use lib/errors instead. If it cannot meet your request, enhance it.
Signed-off-by: wang yan <wangyan@vmware.com>
1. Remove `common/quota` package.
2. Remove functions about quota in `common/dao` package.
3. Move `Quota` and `QuotaUsage` models from `common/models` to
`pkg/quota/dao`.
4. Add `Count` and `List` methods to `quota.Controller`.
5. Use `quota.Controller` to implement quota APIs.
Signed-off-by: He Weiwei <hweiwei@vmware.com>
Fixes#11241
1, remove count quota from quota manager
2, remove count in DB scheme
3, remove UI relates on quota
4, update UT, API test and UI UT.
Signed-off-by: wang yan <wangyan@vmware.com>
Docker CLI fails if it's not logged in upon seeing "basic" realm challenging while pinging the "/v2" endpoint. (#11266)
Some CLI will send HEAD to artifact endpoint before pushing (#11188)(#11271)
To fix such problems, this commit re-introduce the token auth flow to the CLIs.
For a HEAD request to "/v2/xxx" with no "Authoirzation" header, the v2_auth middleware populates the
"Www-Authenticate" header to redirect it to token endpoint with proper
requested scope.
It also adds security context to based on the content of the JWT which has the claims of the registry.
So a request from CLI carrying a token signed by the "/service/token" will have proper permissions.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
Fixes#11225
As registry changes to basic auth, the push action lost the pull permission.
Add it in the robot security context.
Signed-off-by: wang yan <wangyan@vmware.com>
In Harbor 2.0, the replication isn't supported between instances with different versions, this commit returns the 404 error when trying to get the registry info whose version is different with the current one
Signed-off-by: Wenkai Yin <yinw@vmware.com>
Fixes#11016
1. src/pkg/q->src/internal/q
2. src/internal->src/lib (internal is a reserved package name of golang)
3. src/api->src/controller
Signed-off-by: Wenkai Yin <yinw@vmware.com>
* replication webhook support
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>
* replication webhook support with ut fixed
Signed-off-by: guanxiatao <guanxiatao@corp.netease.com>