Commit Graph

3486 Commits

Author SHA1 Message Date
Daniel Jiang
cfff4d6d59 populate group list when doing token review
This commit fixes #9869
It has some refactor to make sure the group is populated when user is
authenticated via tokenreview workflow.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-11-29 20:09:32 +08:00
Daniel Jiang
798059aed5
Merge pull request #10013 from heww/permission-checking-improvement
perf(rbac): add permission evaluator to improve performance
2019-11-29 11:23:56 +08:00
sshijun
ac6545c784 Fix tag-retention ui bug and disable scan button
Signed-off-by: sshijun <sshijun@vmware.com>
2019-11-28 17:53:27 +08:00
He Weiwei
8738e61a42 perf(rbac): add permission evaluator to improve performance
1. Introduce Evaluator interface which do the permission checking.
2. Do permission checking in security context by `Evaluator`.
3. Cache the regexp in keyMatch for casbin.
4. Cache rbac evaluator in namespace evaluator to improve performance.

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-28 05:16:26 +00:00
Yogi_Wang
096c7189c2 Reslove the token expired
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-27 15:08:10 +08:00
Yogi_Wang
c0b3c9f9c5 Modify the style of language and modify variable name
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-25 10:26:08 +08:00
Bastian Hofmann
c0343db0e1 Fix broken about dialog on sign in page
Signed-off-by: Bastian Hofmann <bashofmann@gmail.com>
2019-11-22 16:27:37 +08:00
Will Sun
96b22948dd
Merge pull request #9948 from AllForNothing/filter
Fix filter bug for registries and labels datagrid
2019-11-22 10:05:28 +08:00
He Weiwei
fec76c3d57
fix(limited-guest): fix limited guest info missing in summary page (#9957)
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-22 10:03:02 +08:00
Yogi_Wang
5b6e1d9f88 Fix ui issue about the third round test
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-21 14:56:53 +08:00
sshijun
3777bbab39 Fix filter bug for registries and labels datagrid
Signed-off-by: sshijun <sshijun@vmware.com>
2019-11-21 10:53:24 +08:00
Will Sun
f3f481dd12
Merge pull request #9938 from jwangyangls/fix-retag-issue
FIx the tag list is not refreshed when the target refills the current repository when the retag is operated.
2019-11-20 16:34:31 +08:00
Yogi_Wang
aa925876c3 FIx the tag list is not refreshed when the target refills the current repository when the retag is operated.
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-20 13:20:57 +08:00
jwangyangls
cd8a8105e3
Merge pull request #9921 from jwangyangls/fix-select-words
Fix version info in about dialog can not select and copy
2019-11-20 10:02:47 +08:00
Daniel Jiang
4e1bac4b82
Merge pull request #9820 from reasonerjt/oidc-cli-secret-group
Populate user groups during OIDC CLI secret verification
2019-11-19 03:03:38 -08:00
Yogi_Wang
6416aa4025 Fix version info in about dialog can not select and copy
fix 9854
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-19 16:39:43 +08:00
Daniel Jiang
70a2930330
Merge pull request #9919 from wy65701436/fix-9880
add empter result to list immutable rules
2019-11-19 00:01:41 -08:00
Daniel Jiang
64af09d52b Populate user groups during OIDC CLI secret verification
This commit refactors the flow to populate user info and verify CLI
secret in OIDC authentication.

It will call the `userinfo` backend of OIDC backend and fallback to
using the ID token if userinfo is not supported by the backend.

It also makes sure the token will be persisted if it's refreshed during
this procedure.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-11-18 23:53:05 -08:00
wang yan
e854c4fa1b add empter result to list immutable rules
Fix #9880

Signed-off-by: wang yan <wangyan@vmware.com>
2019-11-19 15:27:01 +08:00
Wang Yan
bc0ff095c3
Merge pull request #9899 from heww/fix-9767
fix(scanner): process scenario reinstall without clair flag
2019-11-19 13:17:28 +08:00
Wang Yan
eab974419c
Merge pull request #9825 from stonezdj/bug_9681
Avoid to create duplicated immutable tag rules in the same project
2019-11-18 17:26:22 +08:00
jwangyangls
a1ccc0242b
Merge pull request #9881 from jwangyangls/fix-datagrid-text-overflow
Fix datagrid text overflow issue
2019-11-18 17:21:41 +08:00
He Weiwei
0c068d81f5
feat(vuln-severity): map negligible to none to match CVSS v3 ratings (#9885)
BREAKING CHANGE: the value negligible of severity in project metadata will change to none in the responses of project APIs

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-18 14:36:51 +08:00
He Weiwei
8b740ace8a
fix(i18n): fix missing i18n for limited guest in group (#9903)
Closes #9768

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-18 10:40:35 +08:00
He Weiwei
0246ca7aa4 fix(scanner): process scenario reinstall without clair flag
1. Fix name conflict when install internal clair adapter.
2. Remove all internal adapters when reinstall harbor without --with-clair flag

Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-15 09:47:30 +00:00
Wang Yan
6e03c8a54e
Merge pull request #9896 from heww/owner-check-for-project-member-robot-account
fix(robot,project-member): check owner of member, robot when update, …
2019-11-15 16:53:22 +08:00
Yogi_Wang
0de882ffa6 Fix datagrid text overflow issue --1.10new feature change
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-15 15:44:12 +08:00
Yogi_Wang
1ccbc3b52b Fix datagrid text overflow issue
solve the problem of overlapping the line due to newly created inline characters
(should used for 1.9.x)
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-15 15:22:16 +08:00
stonezdj
15898f2069 Avoid to create duplicated immutable tag rules in the same project
Fix #9681, add constraint on immutable_tag_rule and catch the error

Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-11-15 14:46:23 +08:00
Will Sun
d4c5d93264
Merge pull request #9884 from AllForNothing/database
Add vulnerability database update time and scanner name
2019-11-15 13:39:32 +08:00
sshijun
8f3beb3e31 Add vulnerability database update time and scanner name
Signed-off-by: sshijun <sshijun@vmware.com>
2019-11-15 11:38:16 +08:00
Wang Yan
88773436c9
Merge pull request #9865 from wy65701436/quota-event
add quota exceed event imple
2019-11-15 11:37:19 +08:00
Wang Yan
7b12ed14a1
Merge pull request #9852 from stonezdj/remove_tedious_msg
Change log level to avoid tedious error in log
2019-11-15 10:42:28 +08:00
jwangyangls
01ca8a7a36
Merge pull request #9864 from jwangyangls/fix-webhook-modal
Fix webhook testing-error bug
2019-11-14 19:11:40 +08:00
Wang Yan
4bec9bbfc6
Merge pull request #9875 from wy65701436/middleware-policy-checker
enable policy checker in response handler
2019-11-14 18:31:50 +08:00
wang yan
a39e1a2a34 enable policy checker in response handler
Signed-off-by: wang yan <wangyan@vmware.com>
2019-11-14 15:39:29 +08:00
He Weiwei
5bd1cfdbf2 fix(robot,project-member): check owner of member, robot when update, delete
Signed-off-by: He Weiwei <hweiwei@vmware.com>
2019-11-14 07:00:44 +00:00
Wang Yan
29be93725d
Merge pull request #9860 from reasonerjt/authproxy-case-sensitive-master
Authproxy case sensitive master
2019-11-14 14:03:53 +08:00
Daniel Jiang
6f0b4a139a
Merge pull request #9838 from stonezdj/fix_review
Fix review comments on PR9749
2019-11-14 13:12:56 +08:00
Wang Yan
10850a06d8
Merge pull request #9859 from ywk253100/191113_subresource_1.10
Refine the implementation of replication execution API
2019-11-14 11:30:10 +08:00
wang yan
f8390c5ec1 add quota exceed event imple
Signed-off-by: wang yan <wangyan@vmware.com>
2019-11-14 10:27:18 +08:00
stonezdj(Daojun Zhang)
e52c7c2304
Merge pull request #9862 from stonezdj/191112_subresource
Refactor immutable tag rule
2019-11-14 10:19:24 +08:00
Yogi_Wang
71a5d24633 Fix webhook testing-error bug
Signed-off-by: Yogi_Wang <yawang@vmware.com>
2019-11-14 10:05:52 +08:00
Will Sun
b4039eb256
Merge pull request #9857 from AllForNothing/error-handle
Modify the way to handle 409 error
2019-11-13 19:20:41 +08:00
Will Sun
591eb6f658
Merge pull request #9851 from AllForNothing/disable
Fix bug: disabled radio is still clickable
2019-11-13 19:20:23 +08:00
Will Sun
87de8f1de0
Merge pull request #9850 from jwangyangls/add-scanner-nightly-case
Modify scan now nightly case
2019-11-13 19:20:08 +08:00
stonezdj
a3c298e9fd Refactor immutable tag rule
Change implementation
Fix some nil pointer issue

Signed-off-by: stonezdj <stonezdj@gmail.com>
2019-11-13 19:09:31 +08:00
sshijun
1371d53a97 Modify the way to handle 409 error
Signed-off-by: sshijun <sshijun@vmware.com>
2019-11-13 16:24:09 +08:00
sshijun
2b295b2d6e Fix bug: disabled radio is still clickable
Signed-off-by: sshijun <sshijun@vmware.com>
2019-11-13 16:14:35 +08:00
Daniel Jiang
8933ab8074 Add configuration "case sensitive" to HTTP auth proxy
This commit make case sensitivity configurable when the authentication
backend is auth proxy.
When the "http_authproxy_case_sensitive" is set to false, the name of
user/group will be converted to lower-case when onboarded to Harbor, so
as long as the authentication is successful there's no difference regardless
upper or lower case is used.  It will be mapped to one entry in Harbor's
User/Group table.
Similar to auth_mode, there is limitation that once there are users
onboarded to Harbor's DB this attribute is not configurable.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2019-11-13 15:00:05 +08:00