upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-21 02:49:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15019 from reasonerjt/v2auth-enhancement-v2.1

Browse Source 
[Cherrypick v2.1] Make v2auth more strict
This commit is contained in:
Wenkai Yin(尹文开) 2021-06-01 09:14:32 +08:00 committed by GitHub
commit 31c637b10f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/server/middleware/v2auth/auth.go
View File

@ -16,8 +16,6 @@ package v2auth
import (
"fmt"
"github.com/goharbor/harbor/src/lib"
lib_http "github.com/goharbor/harbor/src/lib/http"
"net/http"
"net/url"
"strings"
@ -28,7 +26,9 @@ import (
"github.com/goharbor/harbor/src/core/config"
"github.com/goharbor/harbor/src/core/promgr"
"github.com/goharbor/harbor/src/core/service/token"
"github.com/goharbor/harbor/src/lib"
"github.com/goharbor/harbor/src/lib/errors"
lib_http "github.com/goharbor/harbor/src/lib/http"
"github.com/goharbor/harbor/src/lib/log"
)
@ -46,6 +46,9 @@ func (rc *reqChecker) check(req *http.Request) (string, error) {
return "", fmt.Errorf("the security context got from request is nil")
}
al := accessList(req)
if len(al) == 0 {
return "", fmt.Errorf("un-recognized request: %s %s", req.Method, req.URL.Path)
}
for _, a := range al {
if a.target == login && !securityCtx.IsAuthenticated() {