ziggi/mstore
1
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Wiki Activity

working commit

Browse Source
This commit is contained in:
Олег Бородин
2026-02-07 11:24:30 +02:00
parent f76881a765
commit 90905ace89
6 changed files with 102 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/handler/authmw.go
+5
View File
@@ -36,9 +36,14 @@ func (hand *Handler) CheckAccess(rctx *router.Context) (bool, error) {
var res bool
authHeader := rctx.GetHeader("Authorization")
if authHeader != "" {
hand.logg.Debugf("Authorization header is %s", authHeader)
username, password, err := auxhttp.ParseBasicAuth(authHeader)
if err != nil {
return res, err
}
hand.logg.Debugf("Authorization username is %s:%s", username, password)
}
res = true
app/handler/blob.go
-7
View File
@@ -22,15 +22,8 @@ func (hand *Handler) BlobExists(rctx *router.Context) {
name, _ := rctx.GetSubpath("name")
digest, _ := rctx.GetSubpath("digest")
auth := rctx.GetHeader("Authorization")
hand.DumpHeaders("BlobExists", rctx)
if auth == "" {
rctx.SetHeader("WWW-Authenticate", `Basic realm="mstore"`)
rctx.SetStatus(http.StatusUnauthorized)
return
}
params := &operator.BlobExistsParams{
Name: name,
Digest: digest,
app/handler/version.go
+8 -1
View File
@@ -10,6 +10,8 @@
package handler
import (
"net/http"
"mstore/app/operator"
"mstore/app/router"
)
@@ -19,7 +21,12 @@ func (hand *Handler) GetVersion(rctx *router.Context) {
params := &operator.GetVersionParams{}
hand.DumpHeaders("GetVersion", rctx)
authorization := rctx.GetHeader("Authorization")
if authorization == "" {
rctx.SetHeader("WWW-Authenticate", `Basic realm="mstore"`)
rctx.SetStatus(http.StatusUnauthorized)
return
}
ctx := rctx.GetContext()
_, code, err := hand.oper.GetVersion(ctx, params)
if err != nil {
app/maindb/grant.go
+77
View File
@@ -0,0 +1,77 @@
package maindb
import (
"context"
"mstore/app/descr"
)
func (db *Database) InsertGrant(ctx context.Context, grant *descr.Grant) error {
var err error
request := `INSERT INTO grants(id, account_id, operation, created_at)
VALUES ($1, $2, $3, $4)`
_, err = db.db.Exec(request, grant.ID, grant.AccountID, grant.Operation, grant.CreatedAt)
if err != nil {
return err
}
return err
}
func (db *Database) ListGrantsByAccountID(ctx context.Context, accountID int64) ([]descr.Grant, error) {
var err error
request := `SELECT * FROM grants WHERE account_id = $1`
res := make([]descr.Grant, 0)
err = db.db.Select(&res, request, accountID)
if err != nil {
return res, err
}
return res, err
}
func (db *Database) ListGrants(ctx context.Context) ([]descr.Grant, error) {
var err error
request := `SELECT * FROM grants`
res := make([]descr.Grant, 0)
err = db.db.Select(&res, request)
if err != nil {
return res, err
}
return res, err
}
func (db *Database) GetGrant(ctx context.Context, accountID int64, operation string) (bool, *descr.Grant, error) {
var err error
res := &descr.Grant{}
request := `SELECT * FROM grants WHERE account_id = $1 AND operation = $2 LIMIT 1`
dbRes := make([]descr.Grant, 0)
err = db.db.Select(&dbRes, request, accountID, operation)
if err != nil {
return false, res, err
}
if len(dbRes) == 0 {
return false, res, err
}
res = &dbRes[0]
return true, res, err
}
func (db *Database) DeleteGrantByAccountID(ctx context.Context, grantID int64, operation string) error {
var err error
request := `DELETE FROM grants WHERE account_id = $1 AND operation = $2`
_, err = db.db.Exec(request, grantID, operation)
if err != nil {
return err
}
return err
}
func (db *Database) DeleteAllGrantsForAccountID(ctx context.Context, grantID int64) error {
var err error
request := `DELETE FROM grants WHERE account_id = $1`
_, err = db.db.Exec(request, grantID)
if err != nil {
return err
}
return err
}
app/maindb/schema.go
+8 -9
View File
@@ -22,7 +22,7 @@ const schema = `
created_by VARCHAR(255) NOT NULL,
updated_by VARCHAR(255) NOT NULL
);
CREATE UNIQUE INDEX IF NOT EXISTS file_index
CREATE UNIQUE INDEX IF NOT EXISTS files_index
ON files(collection, name);
--- DROP TABLE IF EXISTS manifests;
@@ -38,7 +38,7 @@ const schema = `
created_by VARCHAR(255) NOT NULL,
updated_by VARCHAR(255) NOT NULL
);
CREATE UNIQUE INDEX IF NOT EXISTS manifest_index
CREATE UNIQUE INDEX IF NOT EXISTS manifests_index
ON manifests(name, reference);
CREATE TABLE IF NOT EXISTS blobs (
@@ -57,7 +57,7 @@ const schema = `
ON blobs(name, reference, digest);
--- DROP TABLE IF EXISTS accounts;
CREATE TABLE IF NOT EXISTS account (
CREATE TABLE IF NOT EXISTS accounts (
id INT NOT NULL,
username TEXT NOT NULL,
passhash TEXT NOT NULL,
@@ -65,22 +65,21 @@ const schema = `
updated_at TEXT NOT NULL,
disabled BOOL
);
CREATE UNIQUE INDEX IF NOT EXISTS account_index01
CREATE UNIQUE INDEX IF NOT EXISTS accounts_index01
ON accounts(id);
CREATE UNIQUE INDEX IF NOT EXISTS account_index02
CREATE UNIQUE INDEX IF NOT EXISTS accounts_index02
ON accounts(username);
--- DROP TABLE IF EXISTS grants;
CREATE TABLE IF NOT EXISTS grant (
CREATE TABLE IF NOT EXISTS grants (
id INT NOT NULL,
account_id INT NOT NULL,
operation TEXT NOT NULL,
created_at TEXT NOT NULL
);
CREATE INDEX IF NOT EXISTS grant_index01
CREATE INDEX IF NOT EXISTS grants_index01
ON grants(account_id);
CREATE UNIQUE INDEX IF NOT EXISTS grant_index02
CREATE UNIQUE INDEX IF NOT EXISTS grants_index02
ON grants(account_id, operation);
`
app/service/service.go
+1 -1
View File
@@ -68,7 +68,7 @@ func (svc *Service) Build() error {
svc.rout.Use(router.NewRecoveryMiddleware(svc.logg.Errorf))
svc.rout.Use(router.NewLoggingMiddleware(svc.logg.Infof))
svc.rout.Use(router.NewCorsMiddleware())
svc.rout.Use(svc.hand.AuthMiddleware())
svc.rout.Use(svc.hand.AuthMiddleware)
svc.rout.Get("/v3/api/service/hello", svc.hand.SendHello)