Enable configuration on disable anonymous user #10825
Conversation
|
IMO, it would be a better design if we add more level of control in project's public policy |
@reasonerjt Daniel, thanks for your comments, and can you be more specific? ye |
|
Add anonymous check in the search API |
|
@steven-zou how will you merge this PR? I don't want to change every time you make a upgrade. Again, it should be the valid cyber security requirements if running Harbor in enterprise, specially when the enterprise Harbor service is internet facing. |
|
@steven-zou I updated the codes to work with harbor v2.0.1, could you pls help review it again? Thanks |
| @@ -121,6 +121,7 @@ var ( | |||
|
|
|||
| {Name: common.ProjectCreationRestriction, Scope: UserScope, Group: BasicGroup, EnvKey: "PROJECT_CREATION_RESTRICTION", DefaultValue: common.ProCrtRestrEveryone, ItemType: &ProjectCreationRestrictionType{}, Editable: false}, | |||
| {Name: common.ReadOnly, Scope: UserScope, Group: BasicGroup, EnvKey: "READ_ONLY", DefaultValue: "false", ItemType: &BoolType{}, Editable: false}, | |||
| {Name: common.DisableAnonymous, Scope: UserScope, Group: BasicGroup, EnvKey: "DISABLE_ANONYMOUS", DefaultValue: "false", ItemType: &BoolType{}, Editable: false}, | |||
There was a problem hiding this comment.
To make it straightforward, can we use AllowAnonymousUser and default value is true?
There was a problem hiding this comment.
Do you mean allow sounds more positive than disable? ;-) I am ok with the change; and for now, the default value of DisableAnonymous is false.
There was a problem hiding this comment.
I think we should keep consistent with the previous experience, allow anonymous. With this feature, the user can disable it via configuration.
|
I just did the rebase to pass DCO. |
This is the proposed change on the issue #10760
The administrator will be able to configure the Harbor instance to enable/disable the anonymous user with the UI like below:
Welcome for comments and feedback.
Thanks
ye