github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-17 12:58:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(ui): let UI delete manifests if current user has permissions to do so (#2132)

Browse Source 
- added a new field 'IsDeletable' for graphql ImageSummary struct.
- apply cors on DeleteManifest route

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
This commit is contained in:
peusebiu
2023-12-13 19:06:08 +02:00
committed by GitHub
parent 86b0a226f3
commit dbb1c3519f
8 changed files with 118 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/requestcontext/user_access_control.go
+8 -4
View File
@@ -246,10 +246,14 @@ func RepoIsUserAvailable(ctx context.Context, repoName string) (bool, error) {
return false, err
}
// no authn/authz enabled on server
if uac == nil {
return true, nil
return uac.Can(constants.ReadPermission, repoName), nil
}
func CanDelete(ctx context.Context, repoName string) (bool, error) {
uac, err := UserAcFromContext(ctx)
if err != nil {
return false, err
}
return uac.Can("read", repoName), nil
return uac.Can(constants.DeletePermission, repoName), nil
}