Commit 3e81bd7f authored by wang yan's avatar wang yan
Browse files

add visible attribute to robot account



The commit is to make robot controller could create invisible robot account for internal use
Signed-off-by: default avatarwang yan <wangyan@vmware.com>
parent d7375992
......@@ -6,4 +6,6 @@ CREATE TABLE immutable_tag_rule
tag_filter text,
enabled boolean default true NOT NULL,
creation_time timestamp default CURRENT_TIMESTAMP
)
\ No newline at end of file
);
ALTER TABLE robot ADD COLUMN visible boolean DEFAULT true NOT NULL;
\ No newline at end of file
......@@ -20,6 +20,7 @@ import (
"github.com/goharbor/harbor/src/common/models"
"github.com/goharbor/harbor/src/common/rbac"
"github.com/goharbor/harbor/src/common/rbac/project"
"github.com/goharbor/harbor/src/pkg/q"
"github.com/goharbor/harbor/src/pkg/robot"
"github.com/goharbor/harbor/src/pkg/robot/model"
"github.com/pkg/errors"
......@@ -106,6 +107,7 @@ func (r *RobotAPI) Post() {
r.SendBadRequestError(err)
return
}
robotReq.Visible = true
if err := validateRobotReq(r.project, &robotReq); err != nil {
r.SendBadRequestError(err)
......@@ -141,7 +143,13 @@ func (r *RobotAPI) List() {
return
}
robots, err := r.ctr.ListRobotAccount(r.project.ProjectID)
keywords := make(map[string]interface{})
keywords["ProjectID"] = r.robot.ProjectID
keywords["Visible"] = true
query := &q.Query{
Keywords: keywords,
}
robots, err := r.ctr.ListRobotAccount(query)
if err != nil {
r.SendInternalServerError(errors.Wrap(err, "robot API: list"))
return
......@@ -179,6 +187,10 @@ func (r *RobotAPI) Get() {
r.SendNotFoundError(fmt.Errorf("robot API: robot %d not found", id))
return
}
if !robot.Visible {
r.SendForbiddenError(fmt.Errorf("robot API: robot %d is invisible", id))
return
}
r.Data["json"] = robot
r.ServeJSON()
......
......@@ -6,6 +6,7 @@ import (
"github.com/goharbor/harbor/src/common/token"
"github.com/goharbor/harbor/src/common/utils/log"
"github.com/goharbor/harbor/src/core/config"
"github.com/goharbor/harbor/src/pkg/q"
"github.com/goharbor/harbor/src/pkg/robot/model"
"github.com/pkg/errors"
"time"
......@@ -31,7 +32,7 @@ type Controller interface {
UpdateRobotAccount(r *model.Robot) error
// ListRobotAccount ...
ListRobotAccount(pid int64) ([]*model.Robot, error)
ListRobotAccount(query *q.Query) ([]*model.Robot, error)
}
// DefaultAPIController ...
......@@ -66,6 +67,7 @@ func (d *DefaultAPIController) CreateRobotAccount(robotReq *model.RobotCreate) (
Description: robotReq.Description,
ProjectID: robotReq.ProjectID,
ExpiresAt: expiresAt,
Visible: robotReq.Visible,
}
id, err := d.manager.CreateRobotAccount(robot)
if err != nil {
......@@ -110,6 +112,6 @@ func (d *DefaultAPIController) UpdateRobotAccount(r *model.Robot) error {
}
// ListRobotAccount ...
func (d *DefaultAPIController) ListRobotAccount(pid int64) ([]*model.Robot, error) {
return d.manager.ListRobotAccount(pid)
func (d *DefaultAPIController) ListRobotAccount(query *q.Query) ([]*model.Robot, error) {
return d.manager.ListRobotAccount(query)
}
......@@ -5,6 +5,7 @@ import (
"github.com/goharbor/harbor/src/common/rbac"
"github.com/goharbor/harbor/src/common/utils/test"
core_cfg "github.com/goharbor/harbor/src/core/config"
"github.com/goharbor/harbor/src/pkg/q"
"github.com/goharbor/harbor/src/pkg/robot/model"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
......@@ -79,7 +80,12 @@ func (s *ControllerTestSuite) TestRobotAccount() {
r2, _ := s.ctr.CreateRobotAccount(robot2)
s.robotID = r2.ID
robots, err := s.ctr.ListRobotAccount(int64(1))
keywords := make(map[string]interface{})
keywords["ProjectID"] = int64(1)
query := &q.Query{
Keywords: keywords,
}
robots, err := s.ctr.ListRobotAccount(query)
s.require.Nil(err)
s.require.Equal(len(robots), 2)
s.require.Equal(robots[1].Name, common.RobotPrefix+"robot2")
......@@ -87,7 +93,7 @@ func (s *ControllerTestSuite) TestRobotAccount() {
err = s.ctr.DeleteRobotAccount(robot.ID)
s.require.Nil(err)
robots, err = s.ctr.ListRobotAccount(int64(1))
robots, err = s.ctr.ListRobotAccount(query)
s.require.Equal(len(robots), 1)
}
......
......@@ -26,7 +26,7 @@ type Manager interface {
UpdateRobotAccount(m *model.Robot) error
// ListRobotAccount ...
ListRobotAccount(pid int64) ([]*model.Robot, error)
ListRobotAccount(query *q.Query) ([]*model.Robot, error)
}
type defaultRobotManager struct {
......@@ -61,11 +61,6 @@ func (drm *defaultRobotManager) UpdateRobotAccount(r *model.Robot) error {
}
// ListRobotAccount ...
func (drm *defaultRobotManager) ListRobotAccount(pid int64) ([]*model.Robot, error) {
keywords := make(map[string]interface{})
keywords["ProjectID"] = pid
query := q.Query{
Keywords: keywords,
}
return drm.dao.ListRobotAccounts(&query)
func (drm *defaultRobotManager) ListRobotAccount(query *q.Query) ([]*model.Robot, error) {
return drm.dao.ListRobotAccounts(query)
}
......@@ -132,7 +132,12 @@ func (m *managerTestingSuite) ListRobotAccount() {
ExpiresAt: 54321,
}}, nil)
rs, err := Mgr.ListRobotAccount(int64(1))
keywords := make(map[string]interface{})
keywords["ProjectID"] = int64(1)
query := &q.Query{
Keywords: keywords,
}
rs, err := Mgr.ListRobotAccount(query)
m.mockRobotDao.AssertCalled(m.t, "ListRobotAccount", mock.Anything)
m.require.Nil(err)
m.assert.Equal(len(rs), 2)
......
......@@ -24,6 +24,7 @@ type Robot struct {
ProjectID int64 `orm:"column(project_id)" json:"project_id"`
ExpiresAt int64 `orm:"column(expiresat)" json:"expires_at"`
Disabled bool `orm:"column(disabled)" json:"disabled"`
Visible bool `orm:"column(visible)" json:"visible"`
CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"`
UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"`
}
......@@ -48,6 +49,7 @@ type RobotCreate struct {
ProjectID int64 `json:"pid"`
Description string `json:"description"`
Disabled bool `json:"disabled"`
Visible bool `json:"visible"`
Access []*rbac.Policy `json:"access"`
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment