Beispiel #1
0
// Prepare validates the URL and parms
func (ua *UserAPI) Prepare() {

	ua.AuthMode = config.AuthMode()

	ua.SelfRegistration = config.SelfRegistration()

	if ua.Ctx.Input.IsPost() {
		sessionUserID := ua.GetSession("userId")
		_, _, ok := ua.Ctx.Request.BasicAuth()
		if sessionUserID == nil && !ok {
			return
		}
	}

	ua.currentUserID = ua.ValidateUser()
	id := ua.Ctx.Input.Param(":id")
	if id == "current" {
		ua.userID = ua.currentUserID
	} else if len(id) > 0 {
		var err error
		ua.userID, err = strconv.Atoi(id)
		if err != nil {
			log.Errorf("Invalid user id, error: %v", err)
			ua.CustomAbort(http.StatusBadRequest, "Invalid user Id")
		}
		userQuery := models.User{UserID: ua.userID}
		u, err := dao.GetUser(userQuery)
		if err != nil {
			log.Errorf("Error occurred in GetUser, error: %v", err)
			ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
		}
		if u == nil {
			log.Errorf("User with Id: %d does not exist", ua.userID)
			ua.CustomAbort(http.StatusNotFound, "")
		}
	}

	var err error
	ua.IsAdmin, err = dao.IsAdminRole(ua.currentUserID)
	if err != nil {
		log.Errorf("Error occurred in IsAdminRole:%v", err)
		ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
	}

}
Beispiel #2
0
// Delete ...
func (ua *UserAPI) Delete() {
	if !ua.IsAdmin {
		log.Warningf("current user, id: %d does not have admin role, can not remove user", ua.currentUserID)
		ua.RenderError(http.StatusForbidden, "User does not have admin role")
		return
	}

	if config.AuthMode() == "ldap_auth" {
		ua.CustomAbort(http.StatusForbidden, "user can not be deleted in LDAP authentication mode")
	}

	if ua.currentUserID == ua.userID {
		ua.CustomAbort(http.StatusForbidden, "can not delete yourself")
	}

	var err error
	err = dao.DeleteUser(ua.userID)
	if err != nil {
		log.Errorf("Failed to delete data from database, error: %v", err)
		ua.RenderError(http.StatusInternalServerError, "Failed to delete User")
		return
	}
}
Beispiel #3
0
// Login authenticates user credentials based on setting.
func Login(m models.AuthModel) (*models.User, error) {

	var authMode = config.AuthMode()
	if authMode == "" || m.Principal == "admin" {
		authMode = "db_auth"
	}
	log.Debug("Current AUTH_MODE is ", authMode)

	authenticator, ok := registry[authMode]
	if !ok {
		return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode)
	}
	if lock.IsLocked(m.Principal) {
		log.Debugf("%s is locked due to login failure, login failed", m.Principal)
		return nil, nil
	}
	user, err := authenticator.Authenticate(m)
	if user == nil && err == nil {
		log.Debugf("Login failed, locking %s, and sleep for %v", m.Principal, frozenTime)
		lock.Lock(m.Principal)
		time.Sleep(frozenTime)
	}
	return user, err
}
Beispiel #4
0
// Prepare extracts the language information from request and populate data for rendering templates.
func (b *BaseController) Prepare() {

	var lang string
	var langHasChanged bool

	var showDownloadCert bool

	langRequest := b.GetString("lang")
	if langRequest != "" {
		lang = langRequest
		langHasChanged = true
	} else {
		langCookie, err := b.Ctx.Request.Cookie("language")
		if err != nil {
			log.Errorf("Error occurred in Request.Cookie: %v", err)
		}
		if langCookie != nil {
			lang = langCookie.Value
		} else {
			al := b.Ctx.Request.Header.Get("Accept-Language")
			if len(al) > 4 {
				al = al[:5] // Only compare first 5 letters.
				if i18n.IsExist(al) {
					lang = al
				}
			}
			langHasChanged = true
		}
	}

	if langHasChanged {
		if _, exist := supportLanguages[lang]; !exist { //Check if support the request language.
			lang = defaultLang //Set default language if not supported.
		}
		cookies := &http.Cookie{
			Name:     "language",
			Value:    lang,
			HttpOnly: true,
			Path:     "/",
		}
		http.SetCookie(b.Ctx.ResponseWriter, cookies)
	}

	curLang := langType{
		Lang: lang,
	}

	restLangs := make([]*langType, 0, len(langTypes)-1)
	for _, v := range langTypes {
		if lang != v.Lang {
			restLangs = append(restLangs, v)
		} else {
			curLang.Name = v.Name
		}
	}

	// Set language properties.
	b.Lang = lang
	b.Data["Lang"] = curLang.Lang
	b.Data["CurLang"] = curLang.Name
	b.Data["RestLangs"] = restLangs

	authMode := config.AuthMode()
	if authMode == "" {
		authMode = "db_auth"
	}
	b.AuthMode = authMode
	b.Data["AuthMode"] = b.AuthMode

	useCompressedJS := os.Getenv("USE_COMPRESSED_JS")
	if useCompressedJS == "on" {
		b.UseCompressedJS = true
	}

	m, err := filepath.Glob(filepath.Join("static", "resources", "js", "harbor.app.min.*.js"))
	if err != nil || len(m) == 0 {
		b.UseCompressedJS = false
	}

	b.SelfRegistration = config.SelfRegistration()

	b.Data["SelfRegistration"] = config.SelfRegistration()

	sessionUserID := b.GetSession("userId")
	if sessionUserID != nil {
		isAdmin, err := dao.IsAdminRole(sessionUserID.(int))
		if err != nil {
			log.Errorf("Error occurred in IsAdminRole: %v", err)
		}
		if isAdmin {
			if _, err := os.Stat(defaultRootCert); !os.IsNotExist(err) {
				showDownloadCert = true
			}
		}
	}
	b.Data["ShowDownloadCert"] = showDownloadCert
}