graphql: Apply authorization on /_search endpoint

github/zot

mirror of https://github.com/project-zot/zot.git synced 2026-06-15 20:07:55 +08:00

- AccessControlContext now resides in a separate package from where it can be imported,
along with the contextKey that will be used to set and retrieve this context value.

- AccessControlContext has a new field called Username, that will be of use for future
implementations in graphQL resolvers.

- GlobalSearch resolver now uses this context to filter repos available to the logged user.

- moved logic for uploading images in tests so that it can be used in every package

- tests were added for multiple request scenarios, when zot-server requires authz
on specific repos

- added tests with injected errors for extended coverage

- added tests for status code error injection utilities

Closes https://github.com/project-zot/zot/issues/615

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>

This commit is contained in:

Alex Stan

2022-08-16 11:57:09 +03:00

committed by

Andrei Aaron

parent 5450139ba1

commit 49e8167dbe

15 changed files with 763 additions and 165 deletions

									
										examples/config-tls.json
									
		+2
		-2
	
												View File
												
				@@ -8,8 +8,8 @@

				    "port": "8080",

				    "realm": "zot",

				    "tls": {

				      "cert": "test/data/server.cert",

				      "key": "test/data/server.key"

				      "cert": "../../test/data/server.cert",

				      "key": "../../test/data/server.key"

				    }

				  },

				  "log": {