feat(ui): let UI delete manifests if current user has permissions to …

…do so - RepoMeta now contains a new bool field which tells UI if the user has delete permission on that specific repo - apply cors on DeleteManifest route Signed-off-by: Petu Eusebiu <[email protected]>
project-zot · Dec 11, 2023 · 60306d4 · 60306d4
1 parent 79e1402
commit 60306d4
Show file tree

Hide file tree

Showing 13 changed files with 275 additions and 169 deletions.
diff --git a/examples/config-ui.json b/examples/config-ui.json
@@ -5,7 +5,7 @@
   },
   "http": {
     "address": "0.0.0.0",
-    "port": "8080"
+    "port": "5000"
   },
   "log": {
     "level": "debug"

diff --git a/pkg/api/routes.go b/pkg/api/routes.go
@@ -134,14 +134,14 @@ func (rh *RouteHandler) SetupRoutes() {
 			getUIHeadersHandler(rh.c.Config, http.MethodGet, http.MethodOptions)(
 				applyCORSHeaders(rh.ListTags))).Methods(http.MethodGet, http.MethodOptions)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/manifests/{reference}", zreg.NameRegexp.String()),
-			getUIHeadersHandler(rh.c.Config, http.MethodHead, http.MethodGet, http.MethodOptions)(
+			getUIHeadersHandler(rh.c.Config, http.MethodHead, http.MethodGet, http.MethodDelete, http.MethodOptions)(
 				applyCORSHeaders(rh.CheckManifest))).Methods(http.MethodHead, http.MethodOptions)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/manifests/{reference}", zreg.NameRegexp.String()),
 			applyCORSHeaders(rh.GetManifest)).Methods(http.MethodGet)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/manifests/{reference}", zreg.NameRegexp.String()),
 			rh.UpdateManifest).Methods(http.MethodPut)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/manifests/{reference}", zreg.NameRegexp.String()),
-			rh.DeleteManifest).Methods(http.MethodDelete)
+			applyCORSHeaders(rh.DeleteManifest)).Methods(http.MethodDelete)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/blobs/{digest}", zreg.NameRegexp.String()),
 			rh.CheckBlob).Methods(http.MethodHead)
 		prefixedDistSpecRouter.HandleFunc(fmt.Sprintf("/{name:%s}/blobs/{digest}", zreg.NameRegexp.String()),

diff --git a/pkg/extensions/search/convert/metadb.go b/pkg/extensions/search/convert/metadb.go
@@ -332,6 +332,7 @@ func RepoMeta2RepoSummary(ctx context.Context, repoMeta mTypes.RepoMeta,
 		repoIsUserStarred        = repoMeta.IsStarred    // value specific to the current user
 		repoIsUserBookMarked     = repoMeta.IsBookmarked // value specific to the current user
 		repoSize                 = repoMeta.Size
+		hasDeletePermission      = repoMeta.HasDeletePermission
 	)
 
 	if repoLastUpdatedTimestamp == nil {
@@ -343,17 +344,18 @@ func RepoMeta2RepoSummary(ctx context.Context, repoMeta mTypes.RepoMeta,
 	_ = err
 
 	return &gql_generated.RepoSummary{
-		Name:          &repoName,
-		LastUpdated:   repoLastUpdatedTimestamp,
-		Size:          ref(strconv.FormatInt(repoSize, 10)),
-		Platforms:     getGqlPlatforms(repoPlatforms),
-		Vendors:       getGqlVendors(repoVendors),
-		NewestImage:   imageSummary,
-		DownloadCount: &repoDownloadCount,
-		StarCount:     &repoStarCount,
-		IsBookmarked:  &repoIsUserBookMarked,
-		IsStarred:     &repoIsUserStarred,
-		Rank:          ref(repoMeta.Rank),
+		Name:                &repoName,
+		LastUpdated:         repoLastUpdatedTimestamp,
+		Size:                ref(strconv.FormatInt(repoSize, 10)),
+		Platforms:           getGqlPlatforms(repoPlatforms),
+		Vendors:             getGqlVendors(repoVendors),
+		NewestImage:         imageSummary,
+		DownloadCount:       &repoDownloadCount,
+		StarCount:           &repoStarCount,
+		IsBookmarked:        &repoIsUserBookMarked,
+		IsStarred:           &repoIsUserStarred,
+		Rank:                ref(repoMeta.Rank),
+		HasDeletePermission: &hasDeletePermission,
 	}
 }
 

diff --git a/pkg/extensions/search/gql_generated/generated.go b/pkg/extensions/search/gql_generated/generated.go
diff --git a/pkg/extensions/search/gql_generated/models_gen.go b/pkg/extensions/search/gql_generated/models_gen.go
diff --git a/pkg/extensions/search/schema.graphql b/pkg/extensions/search/schema.graphql
@@ -323,6 +323,10 @@ type RepoSummary {
     Rank represents how good the match was between the queried repo name and this repo summary.
     """
     Rank: Int
+    """
+    True if current user has delete permission on tags in this repo.
+    """
+    HasDeletePermission: Boolean
 }
 
 """

diff --git a/pkg/meta/boltdb/boltdb.go b/pkg/meta/boltdb/boltdb.go
@@ -750,8 +750,10 @@ func (bdw *BoltDB) GetRepoMeta(ctx context.Context, repo string) (mTypes.RepoMet
 		}
 
 		delete(protoRepoMeta.Tags, "")
+
 		protoRepoMeta.IsBookmarked = zcommon.Contains(userBookmarks, repo)
 		protoRepoMeta.IsStarred = zcommon.Contains(userStars, repo)
+		protoRepoMeta.HasDeletePermission = getUserHasDeletePerm(ctx, repo)
 
 		return nil
 	})
@@ -1581,6 +1583,15 @@ func (bdw *BoltDB) PatchDB() error {
 	return nil
 }
 
+func getUserHasDeletePerm(ctx context.Context, repo string) bool {
+	userAc, err := reqCtx.UserAcFromContext(ctx)
+	if err != nil {
+		return false
+	}
+
+	return userAc.Can(constants.ReadPermission, repo)
+}
+
 func getUserStars(ctx context.Context, transaction *bbolt.Tx) []string {
 	userAc, err := reqCtx.UserAcFromContext(ctx)
 	if err != nil {

diff --git a/pkg/meta/convert/convert.go b/pkg/meta/convert/convert.go
@@ -442,20 +442,21 @@ func GetRepoMeta(protoRepoMeta *proto_go.RepoMeta) mTypes.RepoMeta {
 	}
 
 	return mTypes.RepoMeta{
-		Name:             protoRepoMeta.Name,
-		Tags:             GetTags(protoRepoMeta.Tags),
-		Rank:             int(protoRepoMeta.Rank),
-		Size:             int64(protoRepoMeta.Size),
-		Platforms:        GetPlatforms(protoRepoMeta.Platforms),
-		Vendors:          protoRepoMeta.Vendors,
-		IsStarred:        protoRepoMeta.IsStarred,
-		IsBookmarked:     protoRepoMeta.IsBookmarked,
-		StarCount:        int(protoRepoMeta.Stars),
-		DownloadCount:    int(repoDownloads),
-		LastUpdatedImage: GetLastUpdatedImage(protoRepoMeta.LastUpdatedImage),
-		Statistics:       GetStatisticsMap(protoRepoMeta.Statistics),
-		Signatures:       GetSignatures(protoRepoMeta.Signatures),
-		Referrers:        GetReferrers(protoRepoMeta.Referrers),
+		Name:                protoRepoMeta.Name,
+		Tags:                GetTags(protoRepoMeta.Tags),
+		Rank:                int(protoRepoMeta.Rank),
+		Size:                int64(protoRepoMeta.Size),
+		Platforms:           GetPlatforms(protoRepoMeta.Platforms),
+		Vendors:             protoRepoMeta.Vendors,
+		IsStarred:           protoRepoMeta.IsStarred,
+		IsBookmarked:        protoRepoMeta.IsBookmarked,
+		StarCount:           int(protoRepoMeta.Stars),
+		DownloadCount:       int(repoDownloads),
+		LastUpdatedImage:    GetLastUpdatedImage(protoRepoMeta.LastUpdatedImage),
+		Statistics:          GetStatisticsMap(protoRepoMeta.Statistics),
+		Signatures:          GetSignatures(protoRepoMeta.Signatures),
+		Referrers:           GetReferrers(protoRepoMeta.Referrers),
+		HasDeletePermission: protoRepoMeta.HasDeletePermission,
 	}
 }
 

diff --git a/pkg/meta/dynamodb/dynamodb.go b/pkg/meta/dynamodb/dynamodb.go
@@ -840,6 +840,7 @@ func (dwr *DynamoDB) GetRepoMeta(ctx context.Context, repo string) (mTypes.RepoM
 
 	protoRepoMeta.IsBookmarked = zcommon.Contains(userBookmarks, repo)
 	protoRepoMeta.IsStarred = zcommon.Contains(userStars, repo)
+	protoRepoMeta.HasDeletePermission = getUserHasDeletePerm(ctx, repo)
 
 	return mConvert.GetRepoMeta(protoRepoMeta), nil
 }
@@ -1477,6 +1478,15 @@ func getUserBookmarks(ctx context.Context, dwr *DynamoDB) []string {
 	return bookmarkedRepos
 }
 
+func getUserHasDeletePerm(ctx context.Context, repo string) bool {
+	userAc, err := reqCtx.UserAcFromContext(ctx)
+	if err != nil {
+		return false
+	}
+
+	return userAc.Can(constants.ReadPermission, repo)
+}
+
 func (dwr *DynamoDB) ToggleBookmarkRepo(ctx context.Context, repo string) (
 	mTypes.ToggleState, error,
 ) {

diff --git a/pkg/meta/meta_test.go b/pkg/meta/meta_test.go
@@ -537,6 +537,7 @@ func RunMetaDBTests(t *testing.T, metaDB mTypes.MetaDB, preparationFuncs ...func
 			So(err, ShouldBeNil)
 			So(repoMeta.Name, ShouldResemble, "repo")
 			So(repoMeta.Tags, ShouldContainKey, "tag")
+			So(repoMeta.HasDeletePermission, ShouldBeFalse)
 		})
 
 		Convey("Test SetRepoReference", func() {