github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 20:38:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(repodb): add user related information to repodb (#1317)

Browse Source 
Initial code was contributed by Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
Moved implementation from a separate db to repodb by Andrei Aaron <aaaron@luxoft.com>

Not done yet:
- run/test dynamodb implementation, only boltdb was tested
- add additional coverage for existing functionality
- add web-based APIs to toggle the stars/bookmarks on/off

Initially graphql mutation was discussed for the missing API but
we decided REST endpoints would be better suited for configuration



feat(userdb): complete functionality for userdb integration

- dynamodb rollback changes to user starred repos in case increasing the total star count fails
- dynamodb increment/decrement repostars in repometa when user stars/unstars a repo
- dynamodb check anonymous user permissions are working as intendend
- common test handle anonymous users
- RepoMeta2RepoSummary set IsStarred and IsBookmarked



feat(userdb): rest api calls for toggling stars/bookmarks on/off



test(userdb): blackbox tests



test(userdb): move preferences tests in a different file with specific build tags



feat(repodb): add is-starred and is-bookmarked fields to repo-meta

- removed duplicated logic for determining if a repo is starred/bookmarked

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
LaurentiuNiculae
2023-04-24 21:13:15 +03:00
committed by GitHub
parent ef51fd692d
commit 9cc990d7ca
50 changed files with 4357 additions and 648 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/authz.go
+8 -9
View File
@@ -240,11 +240,6 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
return
}
/* we want to bypass auth/authz for mgmt in case of authFail() authzFail()
unauthenticated users should have access to this route, but we also need to know if the user is an admin
*/
isMgmtRequested := request.RequestURI == constants.FullMgmtPrefix
acCtrlr := NewAccessController(ctlr.Config)
var identity string
@@ -279,10 +274,9 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
ctx := acCtrlr.getContext(identity, request)
// for extensions we only need to know if the user is admin and what repos he can read, so run next()
if request.RequestURI == fmt.Sprintf("%s%s", constants.RoutePrefix, constants.ExtCatalogPrefix) ||
strings.Contains(request.RequestURI, constants.FullSearchPrefix) ||
isMgmtRequested {
// for extensions, we only need to know the username, whether the user is an admin, and what repositories
// they can read. So, run next()
if isExtensionURI(request.RequestURI) {
next.ServeHTTP(response, request.WithContext(ctx)) //nolint:contextcheck
return
@@ -321,6 +315,11 @@ func AuthzHandler(ctlr *Controller) mux.MiddlewareFunc {
}
}
func isExtensionURI(requestURI string) bool {
return strings.Contains(requestURI, constants.ExtPrefix) ||
requestURI == fmt.Sprintf("%s%s", constants.RoutePrefix, constants.ExtCatalogPrefix)
}
func authzFail(w http.ResponseWriter, realm string, delay int) {
time.Sleep(time.Duration(delay) * time.Second)
w.Header().Set("WWW-Authenticate", realm)