mirror of
https://github.com/project-zot/zot.git
synced 2026-06-16 04:17:55 +08:00
feat(repodb): add user related information to repodb (#1317)
Initial code was contributed by Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com> Moved implementation from a separate db to repodb by Andrei Aaron <aaaron@luxoft.com> Not done yet: - run/test dynamodb implementation, only boltdb was tested - add additional coverage for existing functionality - add web-based APIs to toggle the stars/bookmarks on/off Initially graphql mutation was discussed for the missing API but we decided REST endpoints would be better suited for configuration feat(userdb): complete functionality for userdb integration - dynamodb rollback changes to user starred repos in case increasing the total star count fails - dynamodb increment/decrement repostars in repometa when user stars/unstars a repo - dynamodb check anonymous user permissions are working as intendend - common test handle anonymous users - RepoMeta2RepoSummary set IsStarred and IsBookmarked feat(userdb): rest api calls for toggling stars/bookmarks on/off test(userdb): blackbox tests test(userdb): move preferences tests in a different file with specific build tags feat(repodb): add is-starred and is-bookmarked fields to repo-meta - removed duplicated logic for determining if a repo is starred/bookmarked Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com> Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
LaurentiuNiculae
+8
-9
@@ -240,11 +240,6 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
|
||||
return
|
||||
}
|
||||
|
||||
/* we want to bypass auth/authz for mgmt in case of authFail() authzFail()
|
||||
unauthenticated users should have access to this route, but we also need to know if the user is an admin
|
||||
*/
|
||||
isMgmtRequested := request.RequestURI == constants.FullMgmtPrefix
|
||||
|
||||
acCtrlr := NewAccessController(ctlr.Config)
|
||||
|
||||
var identity string
|
||||
@@ -279,10 +274,9 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
|
||||
|
||||
ctx := acCtrlr.getContext(identity, request)
|
||||
|
||||
// for extensions we only need to know if the user is admin and what repos he can read, so run next()
|
||||
if request.RequestURI == fmt.Sprintf("%s%s", constants.RoutePrefix, constants.ExtCatalogPrefix) ||
|
||||
strings.Contains(request.RequestURI, constants.FullSearchPrefix) ||
|
||||
isMgmtRequested {
|
||||
// for extensions, we only need to know the username, whether the user is an admin, and what repositories
|
||||
// they can read. So, run next()
|
||||
if isExtensionURI(request.RequestURI) {
|
||||
next.ServeHTTP(response, request.WithContext(ctx)) //nolint:contextcheck
|
||||
|
||||
return
|
||||
@@ -321,6 +315,11 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
|
||||
}
|
||||
}
|
||||
|
||||
func isExtensionURI(requestURI string) bool {
|
||||
return strings.Contains(requestURI, constants.ExtPrefix) ||
|
||||
requestURI == fmt.Sprintf("%s%s", constants.RoutePrefix, constants.ExtCatalogPrefix)
|
||||
}
|
||||
|
||||
func authzFail(w http.ResponseWriter, realm string, delay int) {
|
||||
time.Sleep(time.Duration(delay) * time.Second)
|
||||
w.Header().Set("WWW-Authenticate", realm)
|
||||
|
||||
@@ -5,8 +5,11 @@ const (
|
||||
ExtCatalogPrefix = "/_catalog"
|
||||
ExtOciDiscoverPrefix = "/_oci/ext/discover"
|
||||
// zot specific extensions.
|
||||
ExtSearchPrefix = "/_zot/ext/search"
|
||||
FullSearchPrefix = RoutePrefix + ExtSearchPrefix
|
||||
ExtMgmtPrefix = "/_zot/ext/mgmt"
|
||||
FullMgmtPrefix = RoutePrefix + ExtMgmtPrefix
|
||||
ExtPrefix = "/_zot/ext"
|
||||
ExtSearchPrefix = ExtPrefix + "/search"
|
||||
FullSearchPrefix = RoutePrefix + ExtSearchPrefix
|
||||
ExtMgmtPrefix = ExtPrefix + "/mgmt"
|
||||
FullMgmtPrefix = RoutePrefix + ExtMgmtPrefix
|
||||
ExtUserPreferencesPrefix = ExtPrefix + "/userprefs"
|
||||
FullUserPreferencesPrefix = RoutePrefix + ExtUserPreferencesPrefix
|
||||
)
|
||||
|
||||
@@ -158,6 +158,7 @@ func TestCreateCacheDatabaseDriver(t *testing.T) {
|
||||
"repoMetaTablename": "RepoMetadataTable",
|
||||
"manifestDataTablename": "ManifestDataTable",
|
||||
"artifactDataTablename": "ArtifactDataTable",
|
||||
"userDataTablename": "ZotUserDataTable",
|
||||
"versionTablename": "Version",
|
||||
}
|
||||
|
||||
@@ -173,6 +174,7 @@ func TestCreateCacheDatabaseDriver(t *testing.T) {
|
||||
"repoMetaTablename": "RepoMetadataTable",
|
||||
"manifestDataTablename": "ManifestDataTable",
|
||||
"artifactDataTablename": "ArtifactDataTable",
|
||||
"userDataTablename": "ZotUserDataTable",
|
||||
"versionTablename": "Version",
|
||||
}
|
||||
|
||||
@@ -187,6 +189,7 @@ func TestCreateCacheDatabaseDriver(t *testing.T) {
|
||||
"repoMetaTablename": "RepoMetadataTable",
|
||||
"manifestDataTablename": "ManifestDataTable",
|
||||
"artifactDataTablename": "ArtifactDataTable",
|
||||
"userDataTablename": "ZotUserDataTable",
|
||||
"versionTablename": "Version",
|
||||
}
|
||||
|
||||
@@ -220,6 +223,7 @@ func TestCreateRepoDBDriver(t *testing.T) {
|
||||
"repometatablename": "RepoMetadataTable",
|
||||
"manifestdatatablename": "ManifestDataTable",
|
||||
"artifactDataTablename": "ArtifactDataTable",
|
||||
"userdatatablename": "UserDatatable",
|
||||
}
|
||||
|
||||
testFunc := func() { _, _ = repodbfactory.New(conf.Storage.StorageConfig, log) }
|
||||
@@ -233,6 +237,7 @@ func TestCreateRepoDBDriver(t *testing.T) {
|
||||
"repometatablename": "RepoMetadataTable",
|
||||
"manifestdatatablename": "ManifestDataTable",
|
||||
"artifactDataTablename": "ArtifactDataTable",
|
||||
"userDataTablename": "ZotUserDataTable",
|
||||
"versiontablename": 1,
|
||||
}
|
||||
|
||||
@@ -248,6 +253,7 @@ func TestCreateRepoDBDriver(t *testing.T) {
|
||||
"manifestdatatablename": "ManifestDataTable",
|
||||
"indexdatatablename": "IndexDataTable",
|
||||
"artifactdatatablename": "ArtifactDataTable",
|
||||
"userdatatablename": "ZotUserDataTable",
|
||||
"versiontablename": "1",
|
||||
}
|
||||
|
||||
|
||||
@@ -127,6 +127,8 @@ func (rh *RouteHandler) SetupRoutes() {
|
||||
// extended build
|
||||
ext.SetupMetricsRoutes(rh.c.Config, rh.c.Router, rh.c.StoreController, AuthHandler(rh.c), rh.c.Log)
|
||||
ext.SetupSearchRoutes(rh.c.Config, prefixedRouter, rh.c.StoreController, rh.c.RepoDB, rh.c.CveInfo, rh.c.Log)
|
||||
ext.SetupUserPreferencesRoutes(rh.c.Config, prefixedRouter, rh.c.StoreController, rh.c.RepoDB, rh.c.CveInfo,
|
||||
rh.c.Log)
|
||||
ext.SetupUIRoutes(rh.c.Config, rh.c.Router, rh.c.StoreController, rh.c.Log)
|
||||
ext.SetupMgmtRoutes(rh.c.Config, prefixedRouter, rh.c.Log)
|
||||
gqlPlayground.SetupGQLPlaygroundRoutes(rh.c.Config, prefixedRouter, rh.c.StoreController, rh.c.Log)
|
||||
|
||||
Reference in New Issue
Block a user