示例#1
0
func isProjectAdmin(userID int, pid int64) bool {
	isSysAdmin, err := dao.IsAdminRole(userID)
	if err != nil {
		log.Errorf("Error occurred in IsAdminRole, returning false, error: %v", err)
		return false
	}

	if isSysAdmin {
		return true
	}

	rolelist, err := dao.GetUserProjectRoles(userID, pid)
	if err != nil {
		log.Errorf("Error occurred in GetUserProjectRoles, returning false, error: %v", err)
		return false
	}

	hasProjectAdminRole := false
	for _, role := range rolelist {
		if role.RoleID == models.PROJECTADMIN {
			hasProjectAdminRole = true
			break
		}
	}

	return hasProjectAdminRole
}
示例#2
0
文件: utils.go 项目: vmware/harbor
//sysadmin has all privileges to all projects
func listRoles(userID int, projectID int64) ([]models.Role, error) {
	roles := make([]models.Role, 0, 1)
	isSysAdmin, err := dao.IsAdminRole(userID)
	if err != nil {
		log.Errorf("failed to determine whether the user %d is system admin: %v", userID, err)
		return roles, err
	}
	if isSysAdmin {
		role, err := dao.GetRoleByID(models.PROJECTADMIN)
		if err != nil {
			log.Errorf("failed to get role %d: %v", models.PROJECTADMIN, err)
			return roles, err
		}
		roles = append(roles, *role)
		return roles, nil
	}

	rs, err := dao.GetUserProjectRoles(userID, projectID)
	if err != nil {
		log.Errorf("failed to get user %d 's roles for project %d: %v", userID, projectID, err)
		return roles, err
	}
	roles = append(roles, rs...)
	return roles, nil
}
示例#3
0
// Post ...
func (pma *ProjectMemberAPI) Post() {
	currentUserID := pma.currentUserID
	projectID := pma.project.ProjectID
	if !hasProjectAdminRole(currentUserID, projectID) {
		log.Warningf("Current user, id: %d does not have project admin role for project, id:", currentUserID, projectID)
		pma.RenderError(http.StatusForbidden, "")
		return
	}

	var req memberReq
	pma.DecodeJSONReq(&req)
	username := req.Username
	userID := checkUserExists(username)
	if userID <= 0 {
		log.Warningf("User does not exist, user name: %s", username)
		pma.RenderError(http.StatusNotFound, "User does not exist")
		return
	}
	rolelist, err := dao.GetUserProjectRoles(userID, projectID)
	if err != nil {
		log.Errorf("Error occurred in GetUserProjectRoles, error: %v", err)
		pma.CustomAbort(http.StatusInternalServerError, "Internal error.")
	}
	if len(rolelist) > 0 {
		log.Warningf("user is already added to project, user id: %d, project id: %d", userID, projectID)
		pma.RenderError(http.StatusConflict, "user is ready in project")
		return
	}

	if len(req.Roles) <= 0 || len(req.Roles) > 1 {
		pma.CustomAbort(http.StatusBadRequest, "only one role is supported")
	}

	rid := req.Roles[0]
	if !(rid == models.PROJECTADMIN ||
		rid == models.DEVELOPER ||
		rid == models.GUEST) {
		pma.CustomAbort(http.StatusBadRequest, "invalid role")
	}

	err = dao.AddProjectMember(projectID, userID, rid)
	if err != nil {
		log.Errorf("Failed to update DB to add project user role, project id: %d, user id: %d, role id: %d", projectID, userID, rid)
		pma.RenderError(http.StatusInternalServerError, "Failed to update data in database")
		return
	}
}
示例#4
0
// Put ...
func (pma *ProjectMemberAPI) Put() {
	currentUserID := pma.currentUserID
	pid := pma.project.ProjectID
	if !hasProjectAdminRole(currentUserID, pid) {
		log.Warningf("Current user, id: %d does not have project admin role for project, id:", currentUserID, pid)
		pma.RenderError(http.StatusForbidden, "")
		return
	}

	mid := pma.memberID

	var req memberReq
	pma.DecodeJSONReq(&req)
	roleList, err := dao.GetUserProjectRoles(mid, pid)
	if len(roleList) == 0 {
		log.Warningf("User is not in project, user id: %d, project id: %d", mid, pid)
		pma.RenderError(http.StatusNotFound, "user not exist in project")
		return
	}
	//TODO: delete and insert should in one transaction
	//delete user project role record for the given user
	err = dao.DeleteProjectMember(pid, mid)
	if err != nil {
		log.Errorf("Failed to delete project roles for user, user id: %d, project id: %d, error: %v", mid, pid, err)
		pma.RenderError(http.StatusInternalServerError, "Failed to update data in DB")
		return
	}
	//insert roles in request
	for _, rid := range req.Roles {
		err = dao.AddProjectMember(pid, mid, int(rid))
		if err != nil {
			log.Errorf("Failed to update DB to add project user role, project id: %d, user id: %d, role id: %d", pid, mid, rid)
			pma.RenderError(http.StatusInternalServerError, "Failed to update data in database")
			return
		}
	}
}
示例#5
0
// List ...
func (p *ProjectAPI) List() {
	var total int64
	var public int
	var err error

	page, pageSize := p.GetPaginationParams()

	var projectList []models.Project
	projectName := p.GetString("project_name")

	isPublic := p.GetString("is_public")
	if len(isPublic) > 0 {
		public, err = strconv.Atoi(isPublic)
		if err != nil {
			log.Errorf("Error parsing public property: %v, error: %v", isPublic, err)
			p.CustomAbort(http.StatusBadRequest, "invalid project Id")
		}
	}
	isAdmin := false
	if public == 1 {
		total, err = dao.GetTotalOfProjects(projectName, 1)
		if err != nil {
			log.Errorf("failed to get total of projects: %v", err)
			p.CustomAbort(http.StatusInternalServerError, "")
		}
		projectList, err = dao.GetProjects(projectName, 1, pageSize, pageSize*(page-1))
		if err != nil {
			log.Errorf("failed to get projects: %v", err)
			p.CustomAbort(http.StatusInternalServerError, "")
		}
	} else {
		//if the request is not for public projects, user must login or provide credential
		p.userID = p.ValidateUser()
		isAdmin, err = dao.IsAdminRole(p.userID)
		if err != nil {
			log.Errorf("Error occured in check admin, error: %v", err)
			p.CustomAbort(http.StatusInternalServerError, "Internal error.")
		}
		if isAdmin {
			total, err = dao.GetTotalOfProjects(projectName)
			if err != nil {
				log.Errorf("failed to get total of projects: %v", err)
				p.CustomAbort(http.StatusInternalServerError, "")
			}
			projectList, err = dao.GetProjects(projectName, pageSize, pageSize*(page-1))
			if err != nil {
				log.Errorf("failed to get projects: %v", err)
				p.CustomAbort(http.StatusInternalServerError, "")
			}
		} else {
			total, err = dao.GetTotalOfUserRelevantProjects(p.userID, projectName)
			if err != nil {
				log.Errorf("failed to get total of projects: %v", err)
				p.CustomAbort(http.StatusInternalServerError, "")
			}
			projectList, err = dao.GetUserRelevantProjects(p.userID, projectName, pageSize, pageSize*(page-1))
			if err != nil {
				log.Errorf("failed to get projects: %v", err)
				p.CustomAbort(http.StatusInternalServerError, "")
			}
		}
	}

	for i := 0; i < len(projectList); i++ {
		if public != 1 {
			if isAdmin {
				projectList[i].Role = models.PROJECTADMIN
			} else {
				roles, err := dao.GetUserProjectRoles(p.userID, projectList[i].ProjectID)
				if err != nil {
					log.Errorf("failed to get user's project role: %v", err)
					p.CustomAbort(http.StatusInternalServerError, "")
				}
				projectList[i].Role = roles[0].RoleID
			}
			if projectList[i].Role == models.PROJECTADMIN {
				projectList[i].Togglable = true
			}
		}

		repos, err := dao.GetRepositoryByProjectName(projectList[i].Name)
		if err != nil {
			log.Errorf("failed to get repositories of project %s: %v", projectList[i].Name, err)
			p.CustomAbort(http.StatusInternalServerError, "")
		}

		projectList[i].RepoCount = len(repos)
	}

	p.SetPaginationHeader(total, page, pageSize)
	p.Data["json"] = projectList
	p.ServeJSON()
}