update robot creator database scheme (#20918)

Signed-off-by: wang yan <wangyan@vmware.com>
goharbor · Sep 14, 2024 · 438d4c0 · 438d4c0
1 parent c5d2672
commit 438d4c0
Show file tree

Hide file tree

Showing 9 changed files with 37 additions and 14 deletions.
diff --git a/api/v2.0/swagger.yaml b/api/v2.0/swagger.yaml
@@ -7846,9 +7846,12 @@ definitions:
         type: array
         items:
           $ref: '#/definitions/RobotPermission'
-      creator:
+      creator_type:
         type: string
-        description: The creator of the robot
+        description: The type of the robot creator, like local(harbor_user) or robot.
+      creator_ref:
+        type: integer
+        description: The reference of the robot creator, like the id of harbor user.
       creation_time:
         type: string
         format: date-time

diff --git a/make/migrations/postgresql/0150_2.12.0_schema.up.sql b/make/migrations/postgresql/0150_2.12.0_schema.up.sql
@@ -1,5 +1,5 @@
 /*
-Add new column creator for robot table to add a new column to record the creator of the robot
+Add new column creator_ref and creator_type for robot table to record the creator information of the robot
 */
-ALTER TABLE robot ADD COLUMN IF NOT EXISTS creator varchar(255);
-UPDATE robot SET creator = 'unknown' WHERE creator IS NULL;
+ALTER TABLE robot ADD COLUMN IF NOT EXISTS creator_ref integer default 0;
+ALTER TABLE robot ADD COLUMN IF NOT EXISTS creator_type varchar(255);
diff --git a/src/controller/robot/controller.go b/src/controller/robot/controller.go
@@ -133,7 +133,8 @@ func (d *controller) Create(ctx context.Context, r *Robot) (int64, string, error
 		Duration:    r.Duration,
 		Salt:        salt,
 		Visible:     r.Visible,
-		Creator:     r.Creator,
+		CreatorRef:  r.CreatorRef,
+		CreatorType: r.CreatorType,
 	}
 	robotID, err := d.robotMgr.Create(ctx, rCreate)
 	if err != nil {

diff --git a/src/controller/scan/base_controller.go b/src/controller/scan/base_controller.go
@@ -864,7 +864,8 @@ func (bc *basicController) makeRobotAccount(ctx context.Context, projectID int64
 			Description: "for scan",
 			ProjectID:   projectID,
 			Duration:    -1,
-			Creator:     "harbor-core-for-scan-all",
+			CreatorType: "local",
+			CreatorRef:  int64(0),
 		},
 		Level: robot.LEVELPROJECT,
 		Permissions: []*robot.Permission{

diff --git a/src/controller/scan/base_controller_test.go b/src/controller/scan/base_controller_test.go
@@ -235,7 +235,8 @@ func (suite *ControllerTestSuite) SetupSuite() {
 			Description: "for scan",
 			ProjectID:   suite.artifact.ProjectID,
 			Duration:    -1,
-			Creator:     "harbor-core-for-scan-all",
+			CreatorType: "local",
+			CreatorRef:  int64(0),
 		},
 		Level: robot.LEVELPROJECT,
 		Permissions: []*robot.Permission{
@@ -267,7 +268,8 @@ func (suite *ControllerTestSuite) SetupSuite() {
 			Description: "for scan",
 			ProjectID:   suite.artifact.ProjectID,
 			Duration:    -1,
-			Creator:     "harbor-core-for-scan-all",
+			CreatorType: "local",
+			CreatorRef:  int64(0),
 		},
 		Level: "project",
 	}, nil)

diff --git a/src/pkg/robot/dao/dao_test.go b/src/pkg/robot/dao/dao_test.go
@@ -52,7 +52,8 @@ func (suite *DaoTestSuite) robots() {
 		Description: "test3 description",
 		ProjectID:   1,
 		Secret:      suite.RandString(10),
-		Creator:     "tester",
+		CreatorType: "local",
+		CreatorRef:  int64(1),
 	})
 	suite.Nil(err)
 
@@ -121,7 +122,7 @@ func (suite *DaoTestSuite) TestGet() {
 	r, err := suite.dao.Get(orm.Context(), suite.robotID3)
 	suite.Nil(err)
 	suite.Equal("test3", r.Name)
-	suite.Equal("tester", r.Creator)
+	suite.Equal("local", r.CreatorType)
 }
 
 func (suite *DaoTestSuite) TestCount() {

diff --git a/src/pkg/robot/model/model.go b/src/pkg/robot/model/model.go
@@ -39,7 +39,8 @@ type Robot struct {
 	ExpiresAt    int64     `orm:"column(expiresat)" json:"expires_at"`
 	Disabled     bool      `orm:"column(disabled)" json:"disabled"`
 	Visible      bool      `orm:"column(visible)" json:"-"`
-	Creator      string    `orm:"column(creator)" json:"creator"`
+	CreatorRef   int64     `orm:"column(creator_ref)" json:"creator_ref"`
+	CreatorType  string    `orm:"column(creator_type)" json:"creator_type"`
 	CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"`
 	UpdateTime   time.Time `orm:"column(update_time);auto_now" json:"update_time"`
 }

diff --git a/src/server/v2.0/handler/model/robot.go b/src/server/v2.0/handler/model/robot.go
@@ -48,7 +48,8 @@ func (r *Robot) ToSwagger() *models.Robot {
 		Level:        r.Level,
 		Disable:      r.Disabled,
 		Editable:     r.Editable,
-		Creator:      r.Creator,
+		CreatorType:  r.CreatorType,
+		CreatorRef:   r.CreatorRef,
 		CreationTime: strfmt.DateTime(r.CreationTime),
 		UpdateTime:   strfmt.DateTime(r.UpdateTime),
 		Permissions:  perms,

diff --git a/src/server/v2.0/handler/robot.go b/src/server/v2.0/handler/robot.go
@@ -26,6 +26,8 @@ import (
 	"github.com/go-openapi/strfmt"
 
 	"github.com/goharbor/harbor/src/common/rbac"
+	"github.com/goharbor/harbor/src/common/security/local"
+	robotSc "github.com/goharbor/harbor/src/common/security/robot"
 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/controller/robot"
 	"github.com/goharbor/harbor/src/lib"
@@ -67,13 +69,24 @@ func (rAPI *robotAPI) CreateRobot(ctx context.Context, params operation.CreateRo
 		return rAPI.SendError(ctx, err)
 	}
 
+	var creatorRef int64
+	switch s := sc.(type) {
+	case *local.SecurityContext:
+		creatorRef = int64(s.User().UserID)
+	case *robotSc.SecurityContext:
+		creatorRef = s.User().ID
+	default:
+		return rAPI.SendError(ctx, errors.New(nil).WithMessage("invalid security context"))
+	}
+
 	r := &robot.Robot{
 		Robot: pkg.Robot{
 			Name:        params.Robot.Name,
 			Description: params.Robot.Description,
 			Duration:    params.Robot.Duration,
 			Visible:     true,
-			Creator:     sc.GetUsername(),
+			CreatorRef:  creatorRef,
+			CreatorType: sc.Name(),
 		},
 		Level: params.Robot.Level,
 	}