mirror of
https://github.com/goharbor/harbor
synced 2024-09-20 21:15:30 +00:00
Add 'Deprecated' info for the chart
info returned by getting /charts include 'Deprecated' field amend error message in the access checking logic
This commit is contained in:
parent
bc6d7b69e7
commit
ecd8cc712d
|
@ -47,6 +47,7 @@ type ChartInfo struct {
|
||||||
Created time.Time
|
Created time.Time
|
||||||
Icon string
|
Icon string
|
||||||
Home string
|
Home string
|
||||||
|
Deprecated bool
|
||||||
}
|
}
|
||||||
|
|
||||||
//ChartOperator is designed to process the contents of
|
//ChartOperator is designed to process the contents of
|
||||||
|
@ -129,6 +130,7 @@ func (cho *ChartOperator) GetChartList(content []byte) ([]*ChartInfo, error) {
|
||||||
chartInfo.Created = oVersion.Created
|
chartInfo.Created = oVersion.Created
|
||||||
chartInfo.Home = lVersion.Home
|
chartInfo.Home = lVersion.Home
|
||||||
chartInfo.Icon = lVersion.Icon
|
chartInfo.Icon = lVersion.Icon
|
||||||
|
chartInfo.Deprecated = lVersion.Deprecated
|
||||||
chartList = append(chartList, chartInfo)
|
chartList = append(chartList, chartInfo)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -296,19 +296,19 @@ func (cra *ChartRepositoryAPI) requireAccess(namespace string, accessLevel uint)
|
||||||
//Should be system admin role
|
//Should be system admin role
|
||||||
case accessLevelSystem:
|
case accessLevelSystem:
|
||||||
if !cra.SecurityCtx.IsSysAdmin() {
|
if !cra.SecurityCtx.IsSysAdmin() {
|
||||||
err = fmt.Errorf("system admin role is required but user '%s' is not", cra.SecurityCtx.GetUsername())
|
err = errors.New("permission denied: system admin role is required")
|
||||||
}
|
}
|
||||||
case accessLevelAll:
|
case accessLevelAll:
|
||||||
if !cra.SecurityCtx.HasAllPerm(namespace) {
|
if !cra.SecurityCtx.HasAllPerm(namespace) {
|
||||||
err = fmt.Errorf("project admin role is required but user '%s' does not have", cra.SecurityCtx.GetUsername())
|
err = errors.New("permission denied: project admin or higher role is required")
|
||||||
}
|
}
|
||||||
case accessLevelWrite:
|
case accessLevelWrite:
|
||||||
if !cra.SecurityCtx.HasWritePerm(namespace) {
|
if !cra.SecurityCtx.HasWritePerm(namespace) {
|
||||||
err = fmt.Errorf("developer role is required but user '%s' does not have", cra.SecurityCtx.GetUsername())
|
err = errors.New("permission denied: developer or higher role is required")
|
||||||
}
|
}
|
||||||
case accessLevelRead:
|
case accessLevelRead:
|
||||||
if !cra.SecurityCtx.HasReadPerm(namespace) {
|
if !cra.SecurityCtx.HasReadPerm(namespace) {
|
||||||
err = fmt.Errorf("at least a guest role is required for user '%s'", cra.SecurityCtx.GetUsername())
|
err = errors.New("permission denied: guest or higher role is required")
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
//access rejected for invalid scope
|
//access rejected for invalid scope
|
||||||
|
|
Loading…
Reference in New Issue
Block a user