Merge pull request #3370 from ywk253100/170928_pro_policy

Implement project level policy in standalone harbor
goharbor · Oct 19, 2017 · 56d0d64 · 56d0d64
2 parents 0383c3f + 535d209
commit 56d0d64
Show file tree

Hide file tree

Showing 35 changed files with 529 additions and 578 deletions.
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
@@ -167,37 +167,10 @@ paths:
           description: User need to log in first.
         '500':
           description: Internal errors.
-    delete:
-      summary: Delete project by projectID
-      description: |
-        This endpoint is aimed to delete project by project ID.
-      parameters:
-        - name: project_id
-          in: path
-          description: Project ID of project which will be deleted.
-          required: true
-          type: integer
-          format: int64
-      tags:
-        - Products
-      responses:
-        '200':
-          description: Project is deleted successfully.
-        '400':
-          description: Invalid project id.
-        '403':
-          description: User need to log in first.
-        '404':
-          description: Project does not exist.
-        '412':
-          description: 'Project contains policies, can not be deleted.'
-        '500':
-          description: Internal errors.
-  '/projects/{project_id}/publicity':
     put:
       summary: Update properties for a selected project.
       description: |
-        This endpoint is aimed to toggle a project publicity status.
+        This endpoint is aimed to update  the properties of a project.
       parameters:
         - name: project_id
           in: path
@@ -215,7 +188,7 @@ paths:
         - Products
       responses:
         '200':
-          description: Updated project publicity status successfully.
+          description: Updated project properties successfully.
         '400':
           description: Illegal format of provided ID value.
         '401':
@@ -226,6 +199,32 @@ paths:
           description: Project ID does not exist.
         '500':
           description: Unexpected internal errors.
+    delete:
+      summary: Delete project by projectID
+      description: |
+        This endpoint is aimed to delete project by project ID.
+      parameters:
+        - name: project_id
+          in: path
+          description: Project ID of project which will be deleted.
+          required: true
+          type: integer
+          format: int64
+      tags:
+        - Products
+      responses:
+        '200':
+          description: Project is deleted successfully.
+        '400':
+          description: Invalid project id.
+        '403':
+          description: User need to log in first.
+        '404':
+          description: Project does not exist.
+        '412':
+          description: 'Project contains policies, can not be deleted.'
+        '500':
+          description: Internal errors.
   '/projects/{project_id}/logs':
     get:
       summary: Get access logs accompany with a relevant project.
@@ -2016,10 +2015,6 @@ definitions:
       owner_name:
         type: string
         description: The owner name of the project.
-      public:
-        type: integer
-        format: int
-        description: The public status of the project.
       Togglable:
         type: boolean
         description: >-
@@ -2031,6 +2026,18 @@ definitions:
       repo_count:
         type: integer
         description: The number of the repositories under this project.
+      metadata:
+        type: object
+        description: The metadata of the project.
+        items:
+          $ref: '#/definitions/ProjectMetadata'
+  ProjectMetadata:
+    type: object
+    properties:
+      public:
+        type: integer
+        format: int
+        description: The public status of the project.
       enable_content_trust:
         type: boolean
         description: >-

diff --git a/make/common/db/registry.sql b/make/common/db/registry.sql
@@ -73,14 +73,13 @@ create table project (
  creation_time timestamp,
  update_time timestamp,
  deleted tinyint (1) DEFAULT 0 NOT NULL,
- public tinyint (1) DEFAULT 0 NOT NULL,
  primary key (project_id),
  FOREIGN KEY (owner_id) REFERENCES user(user_id),
  UNIQUE (name)
 );
 
-insert into project (owner_id, name, creation_time, update_time, public) values 
-(1, 'library', NOW(), NOW(), 1);
+insert into project (owner_id, name, creation_time, update_time) values 
+(1, 'library', NOW(), NOW());
 
 create table project_member (
  project_id int NOT NULL,

diff --git a/make/common/db/registry_sqlite.sql b/make/common/db/registry_sqlite.sql
@@ -71,13 +71,12 @@ create table project (
  creation_time timestamp,
  update_time timestamp,
  deleted tinyint (1) DEFAULT 0 NOT NULL,
- public tinyint (1) DEFAULT 0 NOT NULL,
  FOREIGN KEY (owner_id) REFERENCES user(user_id),
  UNIQUE (name)
 );
 
-insert into project (owner_id, name, creation_time, update_time, public) values 
-(1, 'library', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 1);
+insert into project (owner_id, name, creation_time, update_time) values 
+(1, 'library', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);
 
 create table project_member (
  project_id int NOT NULL,

diff --git a/src/common/dao/dao_test.go b/src/common/dao/dao_test.go
@@ -420,19 +420,6 @@ func TestChangeUserPasswordWithIncorrectOldPassword(t *testing.T) {
 	}
 }
 
-func TestQueryRelevantProjectsWhenNoProjectAdded(t *testing.T) {
-	projects, err := GetHasReadPermProjects(currentUser.Username)
-	if err != nil {
-		t.Errorf("Error occurred in QueryRelevantProjects: %v", err)
-	}
-	if len(projects) != 1 {
-		t.Errorf("Expected only one project in DB, but actual: %d", len(projects))
-	}
-	if projects[0].Name != "library" {
-		t.Errorf("There name of the project does not match, expected: %s, actual: %s", "library", projects[0].Name)
-	}
-}
-
 func TestAddProject(t *testing.T) {
 
 	project := models.Project{
@@ -657,43 +644,6 @@ func TestGetUserByProject(t *testing.T) {
 
 }
 
-func TestToggleProjectPublicity(t *testing.T) {
-	err := ToggleProjectPublicity(currentProject.ProjectID, publicityOn)
-	if err != nil {
-		t.Errorf("Error occurred in ToggleProjectPublicity: %v", err)
-	}
-
-	currentProject, err = GetProjectByName(projectName)
-	if err != nil {
-		t.Errorf("Error occurred in GetProjectByName: %v", err)
-	}
-	if currentProject.Public != publicityOn {
-		t.Errorf("project, id: %d, its publicity is not on", currentProject.ProjectID)
-	}
-	err = ToggleProjectPublicity(currentProject.ProjectID, publicityOff)
-	if err != nil {
-		t.Errorf("Error occurred in ToggleProjectPublicity: %v", err)
-	}
-
-	currentProject, err = GetProjectByName(projectName)
-	if err != nil {
-		t.Errorf("Error occurred in GetProjectByName: %v", err)
-	}
-
-	if currentProject.Public != publicityOff {
-		t.Errorf("project, id: %d, its publicity is not off", currentProject.ProjectID)
-	}
-
-}
-
-/*
-func TestIsProjectPublic(t *testing.T) {
-
-	if isPublic := IsProjectPublic(projectName); isPublic {
-		t.Errorf("project, id: %d, its publicity is not false after turning off", currentProject.ProjectID)
-	}
-}
-*/
 func TestGetUserProjectRoles(t *testing.T) {
 	r, err := GetUserProjectRoles(currentUser.UserID, currentProject.ProjectID)
 	if err != nil {
@@ -710,17 +660,6 @@ func TestGetUserProjectRoles(t *testing.T) {
 	}
 }
 
-/*
-func TestProjectPermission(t *testing.T) {
-	roleCode, err := GetPermission(currentUser.Username, currentProject.Name)
-	if err != nil {
-		t.Errorf("Error occurred in GetPermission: %v", err)
-	}
-	if roleCode != "MDRWS" {
-		t.Errorf("The expected role code is MDRWS,but actual: %s", roleCode)
-	}
-}
-*/
 func TestGetTotalOfProjects(t *testing.T) {
 	total, err := GetTotalOfProjects(nil)
 	if err != nil {
@@ -745,22 +684,6 @@ func TestGetProjects(t *testing.T) {
 	}
 }
 
-func TestGetPublicProjects(t *testing.T) {
-	value := true
-	projects, err := GetProjects(&models.ProjectQueryParam{
-		Public: &value,
-	})
-	if err != nil {
-		t.Errorf("Error occurred in getProjects: %v", err)
-	}
-	if len(projects) != 1 {
-		t.Errorf("Expected length of projects is 1, but actual: %d, the projects: %+v", len(projects), projects)
-	}
-	if projects[0].Name != "library" {
-		t.Errorf("Expected project name in the list: %s, actual: %s", "library", projects[0].Name)
-	}
-}
-
 func TestAddProjectMember(t *testing.T) {
 	err := AddProjectMember(currentProject.ProjectID, 1, models.DEVELOPER)
 	if err != nil {

diff --git a/src/common/dao/pro_meta.go b/src/common/dao/pro_meta.go
@@ -91,3 +91,12 @@ func paramPlaceholder(n int) string {
 	}
 	return strings.Join(placeholders, ",")
 }
+
+// ListProjectMetadata ...
+func ListProjectMetadata(name, value string) ([]*models.ProjectMetadata, error) {
+	sql := `select * from project_metadata 
+				where name = ? and value = ? and deleted = 0`
+	metadatas := []*models.ProjectMetadata{}
+	_, err := GetOrmer().Raw(sql, name, value).QueryRows(&metadatas)
+	return metadatas, err
+}
diff --git a/src/common/dao/pro_meta_test.go b/src/common/dao/pro_meta_test.go
@@ -64,6 +64,12 @@ func TestProMetaDaoMethods(t *testing.T) {
 	assert.Equal(t, value1, m[name1].Value)
 	assert.Equal(t, value2, m[name2].Value)
 
+	// test list
+	metas, err = ListProjectMetadata(name1, value1)
+	require.Nil(t, err)
+	assert.Equal(t, 1, len(metas))
+	assert.Equal(t, int64(1), metas[0].ProjectID)
+
 	// test update
 	newValue1 := "new_value1"
 	meta1.Value = newValue1