// Prepare validates the URL and parms
func (ua *UserAPI) Prepare() {
ua.AuthMode = config.AuthMode()
ua.SelfRegistration = config.SelfRegistration()
if ua.Ctx.Input.IsPost() {
sessionUserID := ua.GetSession("userId")
_, _, ok := ua.Ctx.Request.BasicAuth()
if sessionUserID == nil && !ok {
return
}
}
ua.currentUserID = ua.ValidateUser()
id := ua.Ctx.Input.Param(":id")
if id == "current" {
ua.userID = ua.currentUserID
} else if len(id) > 0 {
var err error
ua.userID, err = strconv.Atoi(id)
if err != nil {
log.Errorf("Invalid user id, error: %v", err)
ua.CustomAbort(http.StatusBadRequest, "Invalid user Id")
}
userQuery := models.User{UserID: ua.userID}
u, err := dao.GetUser(userQuery)
if err != nil {
log.Errorf("Error occurred in GetUser, error: %v", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if u == nil {
log.Errorf("User with Id: %d does not exist", ua.userID)
ua.CustomAbort(http.StatusNotFound, "")
}
}
var err error
ua.IsAdmin, err = dao.IsAdminRole(ua.currentUserID)
if err != nil {
log.Errorf("Error occurred in IsAdminRole:%v", err)
ua.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
}
// Delete ...
func (ua *UserAPI) Delete() {
if !ua.IsAdmin {
log.Warningf("current user, id: %d does not have admin role, can not remove user", ua.currentUserID)
ua.RenderError(http.StatusForbidden, "User does not have admin role")
return
}
if config.AuthMode() == "ldap_auth" {
ua.CustomAbort(http.StatusForbidden, "user can not be deleted in LDAP authentication mode")
}
if ua.currentUserID == ua.userID {
ua.CustomAbort(http.StatusForbidden, "can not delete yourself")
}
var err error
err = dao.DeleteUser(ua.userID)
if err != nil {
log.Errorf("Failed to delete data from database, error: %v", err)
ua.RenderError(http.StatusInternalServerError, "Failed to delete User")
return
}
}
// Login authenticates user credentials based on setting.
func Login(m models.AuthModel) (*models.User, error) {
var authMode = config.AuthMode()
if authMode == "" || m.Principal == "admin" {
authMode = "db_auth"
}
log.Debug("Current AUTH_MODE is ", authMode)
authenticator, ok := registry[authMode]
if !ok {
return nil, fmt.Errorf("Unrecognized auth_mode: %s", authMode)
}
if lock.IsLocked(m.Principal) {
log.Debugf("%s is locked due to login failure, login failed", m.Principal)
return nil, nil
}
user, err := authenticator.Authenticate(m)
if user == nil && err == nil {
log.Debugf("Login failed, locking %s, and sleep for %v", m.Principal, frozenTime)
lock.Lock(m.Principal)
time.Sleep(frozenTime)
}
return user, err
}
// Prepare extracts the language information from request and populate data for rendering templates.
func (b *BaseController) Prepare() {
var lang string
var langHasChanged bool
var showDownloadCert bool
langRequest := b.GetString("lang")
if langRequest != "" {
lang = langRequest
langHasChanged = true
} else {
langCookie, err := b.Ctx.Request.Cookie("language")
if err != nil {
log.Errorf("Error occurred in Request.Cookie: %v", err)
}
if langCookie != nil {
lang = langCookie.Value
} else {
al := b.Ctx.Request.Header.Get("Accept-Language")
if len(al) > 4 {
al = al[:5] // Only compare first 5 letters.
if i18n.IsExist(al) {
lang = al
}
}
langHasChanged = true
}
}
if langHasChanged {
if _, exist := supportLanguages[lang]; !exist { //Check if support the request language.
lang = defaultLang //Set default language if not supported.
}
cookies := &http.Cookie{
Name: "language",
Value: lang,
HttpOnly: true,
Path: "/",
}
http.SetCookie(b.Ctx.ResponseWriter, cookies)
}
curLang := langType{
Lang: lang,
}
restLangs := make([]*langType, 0, len(langTypes)-1)
for _, v := range langTypes {
if lang != v.Lang {
restLangs = append(restLangs, v)
} else {
curLang.Name = v.Name
}
}
// Set language properties.
b.Lang = lang
b.Data["Lang"] = curLang.Lang
b.Data["CurLang"] = curLang.Name
b.Data["RestLangs"] = restLangs
authMode := config.AuthMode()
if authMode == "" {
authMode = "db_auth"
}
b.AuthMode = authMode
b.Data["AuthMode"] = b.AuthMode
useCompressedJS := os.Getenv("USE_COMPRESSED_JS")
if useCompressedJS == "on" {
b.UseCompressedJS = true
}
m, err := filepath.Glob(filepath.Join("static", "resources", "js", "harbor.app.min.*.js"))
if err != nil || len(m) == 0 {
b.UseCompressedJS = false
}
b.SelfRegistration = config.SelfRegistration()
b.Data["SelfRegistration"] = config.SelfRegistration()
sessionUserID := b.GetSession("userId")
if sessionUserID != nil {
isAdmin, err := dao.IsAdminRole(sessionUserID.(int))
if err != nil {
log.Errorf("Error occurred in IsAdminRole: %v", err)
}
if isAdmin {
if _, err := os.Stat(defaultRootCert); !os.IsNotExist(err) {
showDownloadCert = true
}
}
}
b.Data["ShowDownloadCert"] = showDownloadCert
}
