Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-24 07:49:41 +02:00
Code Issues Releases Activity
portainer/app/docker/services/containerService.js
Anthony Lapenna 19d4db13be
feat(api): rewrite access control management in Docker (#3337) 
* feat(api): decorate Docker resource creation response with resource control

* fix(api): fix a potential resource control conflict between stacks/volumes

* feat(api): generate a default private resource control instead of admin only

* fix(api): fix default RC value

* fix(api): update RC authorizations check to support admin only flag

* refactor(api): relocate access control related methods

* fix(api): fix a potential conflict when fetching RC from database

* refactor(api): refactor access control logic

* refactor(api): remove the concept of DecoratedStack

* feat(api): automatically remove RC when removing a Docker resource

* refactor(api): update filter resource methods documentation

* refactor(api): update proxy package structure

* refactor(api): renamed proxy/misc package

* feat(api): re-introduce ResourceControlDelete operation as admin restricted

* refactor(api): relocate default endpoint authorizations

* feat(api): migrate RBAC data

* feat(app): ResourceControl management refactor

* fix(api): fix access control issue on stack deletion and automatically delete RC

* fix(api): fix stack filtering

* fix(api): fix UpdateResourceControl operation checks

* refactor(api): introduce a NewTransport builder method

* refactor(api): inject endpoint in Docker transport

* refactor(api): introduce Docker client into Docker transport

* refactor(api): refactor http/proxy package

* feat(api): inspect a Docker resource labels during access control validation

* fix(api): only apply automatic resource control creation on success response

* fix(api): fix stack access control check

* fix(api): use StatusCreated instead of StatusOK for automatic resource control creation

* fix(app): resource control fixes

* fix(api): fix an issue preventing administrator to inspect a resource with a RC

* refactor(api): remove useless error return

* refactor(api): document DecorateStacks function

* fix(api): fix invalid resource control type for container deletion

* feat(api): support Docker system networks

* feat(api): update Swagger docs

* refactor(api): rename transport variable

* refactor(api): rename transport variable

* feat(networks): add system tag for system networks

* feat(api): add support for resource control labels

* feat(api): upgrade to DBVersion 22

* refactor(api): refactor access control management in Docker proxy

* refactor(api): re-implement docker proxy taskListOperation

* refactor(api): review parameters declaration

* refactor(api): remove extra blank line

* refactor(api): review method comments

* fix(api): fix invalid ServerAddress property and review method visibility

* feat(api): update error message

* feat(api): update restrictedVolumeBrowserOperation method

* refactor(api): refactor method parameters

* refactor(api): minor refactor

* refactor(api): change Azure transport visibility

* refactor(api): update struct documentation

* refactor(api): update struct documentation

* feat(api): review restrictedResourceOperation method

* refactor(api): remove unused authorization methods

* feat(api): apply RBAC when enabled on stack operations

* fix(api): fix invalid data migration procedure for DBVersion = 22

* fix(app): RC duplicate on private resource

* feat(api): change Docker API version logic for libcompose/client factory

* fix(api): update access denied error message to be Docker API compliant

* fix(api): update volume browsing authorizations data migration

* fix(api): fix an issue with access control in multi-node agent Swarm cluster
2019-11-13 12:41:42 +13:00

213 lines
5.8 KiB
JavaScript
Raw Blame History

import { ContainerDetailsViewModel, ContainerViewModel, ContainerStatsViewModel } from '../models/container';
angular.module('portainer.docker')
.factory('ContainerService', ['$q', 'Container', 'ResourceControlService', 'LogHelper', '$timeout',
function ContainerServiceFactory($q, Container, ResourceControlService, LogHelper, $timeout) {
'use strict';
var service = {};
service.container = function(id) {
var deferred = $q.defer();
Container.get({ id: id }).$promise
.then(function success(data) {
var container = new ContainerDetailsViewModel(data);
deferred.resolve(container);
})
.catch(function error(err) {
deferred.reject({ msg: 'Unable to retrieve container information', err: err });
});
return deferred.promise;
};
service.containers = function(all, filters) {
var deferred = $q.defer();
Container.query({ all : all, filters: filters }).$promise
.then(function success(data) {
var containers = data.map(function (item) {
return new ContainerViewModel(item);
});
deferred.resolve(containers);
})
.catch(function error(err) {
deferred.reject({ msg: 'Unable to retrieve containers', err: err });
});
return deferred.promise;
};
service.resizeTTY = function (id, width, height, timeout) {
var deferred = $q.defer();
$timeout(function() {
Container.resize({}, {id: id, height: height, width: width}).$promise
.then(function success(data) {
if (data.message) {
deferred.reject({msg: 'Unable to resize tty of container ' + id, err: data.message});
} else {
deferred.resolve(data);
}
})
.catch(function error(err) {
deferred.reject({msg: 'Unable to resize tty of container ' + id, err: err});
});
}, timeout);
return deferred.promise;
};
service.startContainer = function(id) {
return Container.start({ id: id }, {}).$promise;
};
service.stopContainer = function(id) {
return Container.stop({ id: id }, {}).$promise;
};
service.restartContainer = function(id) {
return Container.restart({ id: id }, {}).$promise;
};
service.killContainer = function(id) {
return Container.kill({ id: id }, {}).$promise;
};
service.pauseContainer = function(id) {
return Container.pause({ id: id }, {}).$promise;
};
service.resumeContainer = function(id) {
return Container.unpause({ id: id }, {}).$promise;
};
service.renameContainer = function(id, newContainerName) {
return Container.rename({id: id, name: newContainerName }, {}).$promise;
};
service.updateRestartPolicy = updateRestartPolicy;
function updateRestartPolicy(id, restartPolicy, maximumRetryCounts) {
return Container.update({ id: id },
{ RestartPolicy: { Name: restartPolicy, MaximumRetryCount: maximumRetryCounts } }
).$promise;
}
service.createContainer = function(configuration) {
var deferred = $q.defer();
Container.create(configuration).$promise
.then(function success(data) {
deferred.resolve(data);
})
.catch(function error(err) {
deferred.reject({ msg: 'Unable to create container', err: err });
});
return deferred.promise;
};
service.createAndStartContainer = function(configuration) {
var deferred = $q.defer();
var container;
service.createContainer(configuration)
.then(function success(data) {
container = data;
return service.startContainer(container.Id);
})
.then(function success() {
deferred.resolve(container);
})
.catch(function error(err) {
deferred.reject(err);
});
return deferred.promise;
};
service.remove = function(container, removeVolumes) {
var deferred = $q.defer();
Container.remove({ id: container.Id, v: (removeVolumes) ? 1 : 0, force: true }).$promise
.then(function success(data) {
if (data.message) {
deferred.reject({ msg: data.message, err: data.message });
} else {
deferred.resolve();
}
})
.catch(function error(err) {
deferred.reject({ msg: 'Unable to remove container', err: err });
});
return deferred.promise;
};
service.createExec = function(execConfig) {
var deferred = $q.defer();
Container.exec({}, execConfig).$promise
.then(function success(data) {
if (data.message) {
deferred.reject({ msg: data.message, err: data.message });
} else {
deferred.resolve(data);
}
})
.catch(function error(err) {
deferred.reject(err);
});
return deferred.promise;
};
service.logs = function(id, stdout, stderr, timestamps, since, tail, stripHeaders) {
var deferred = $q.defer();
var parameters = {
id: id,
stdout: stdout || 0,
stderr: stderr || 0,
timestamps: timestamps || 0,
since: since || 0,
tail: tail || 'all'
};
Container.logs(parameters).$promise
.then(function success(data) {
var logs = LogHelper.formatLogs(data.logs, stripHeaders);
deferred.resolve(logs);
})
.catch(function error(err) {
deferred.reject(err);
});
return deferred.promise;
};
service.containerStats = function(id) {
var deferred = $q.defer();
Container.stats({ id: id }).$promise
.then(function success(data) {
var containerStats = new ContainerStatsViewModel(data);
deferred.resolve(containerStats);
})
.catch(function error(err) {
deferred.reject(err);
});
return deferred.promise;
};
service.containerTop = function(id) {
return Container.top({ id: id }).$promise;
};
service.inspect = function(id) {
return Container.inspect({ id: id }).$promise;
};
service.prune = function(filters) {
return Container.prune({ filters: filters }).$promise;
};
return service;
}]);
View git blame Copy permalink