better authorizaion (#357)

Signed-off-by: Rohan <[email protected]>

Author: RohanMishra315

cmd/harbor/root/user/create.go

@@ -14,6 +14,8 @@
 package user
 
 import (
+	"strings"
+
 	"github.com/goharbor/harbor-cli/pkg/api"
 	log "github.com/sirupsen/logrus"
 
@@ -44,9 +46,16 @@ func UserCreateCmd() *cobra.Command {
 				err = createUserView(createView)
 			}
 
+			// Check if the error is due to unauthorized access.
+
 			if err != nil {
-				log.Errorf("failed to create user: %v", err)
+				if isUnauthorizedError(err) {
+					log.Error("Permission denied: Admin privileges are required to execute this command.")
+				} else {
+					log.Errorf("failed to create user: %v", err)
+				}
 			}
+
 		},
 	}
 
@@ -64,3 +73,7 @@ func createUserView(createView *create.CreateView) error {
 	create.CreateUserView(createView)
 	return api.CreateUser(*createView)
 }
+
+func isUnauthorizedError(err error) bool {
+	return strings.Contains(err.Error(), "403")
+}

cmd/harbor/root/user/delete.go

@@ -22,20 +22,25 @@ import (
 	"github.com/spf13/cobra"
 )
 
+// UserDeleteCmd defines the "delete" command for user deletion.
 func UserDeleteCmd() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "delete",
 		Short: "delete user by name or id",
 		Args:  cobra.MinimumNArgs(0),
 		Run: func(cmd *cobra.Command, args []string) {
-			var err error
-
-			var wg sync.WaitGroup
-			errChan := make(chan error, len(args)) // Channel to collect error
-
+			// If there are command line arguments, process them concurrently.
 			if len(args) > 0 {
+				var wg sync.WaitGroup
+				errChan := make(chan error, len(args)) // Channel to collect errors
+
 				for _, arg := range args {
-					userID, _ := api.GetUsersIdByName(arg)
+					// Retrieve user ID by name.
+					userID, err := api.GetUsersIdByName(arg)
+					if err != nil {
+						log.Errorf("failed to get user id for '%s': %v", arg, err)
+						continue
+					}
 					wg.Add(1)
 					go func(userID int64) {
 						defer wg.Done()
@@ -44,31 +49,31 @@ func UserDeleteCmd() *cobra.Command {
 						}
 					}(userID)
 				}
-			} else {
-				userId := prompt.GetUserIdFromUser()
-				err = api.DeleteUser(userId)
-				if err != nil {
-					log.Errorf("failed to delete user: %v", err)
-				}
-			}
 
-			// Wait for all goroutines to finish
-			go func() {
-				wg.Wait()
-				close(errChan)
-			}()
+				// Wait for all goroutines to finish and then close the error channel.
+				go func() {
+					wg.Wait()
+					close(errChan)
+				}()
 
-			// Collect and handle errors
-			var finalErr error
-			for err := range errChan {
-				if finalErr == nil {
-					finalErr = err
-				} else {
-					log.Errorf("Error: %v", err)
+				// Process errors from the goroutines.
+				for err := range errChan {
+					if isUnauthorizedError(err) {
+						log.Error("Permission denied: Admin privileges are required to execute this command.")
+					} else {
+						log.Errorf("failed to delete user: %v", err)
+					}
+				}
+			} else {
+				// Interactive mode: get the user ID from the prompt.
+				userID := prompt.GetUserIdFromUser()
+				if err := api.DeleteUser(userID); err != nil {
+					if isUnauthorizedError(err) {
+						log.Error("Permission denied: Admin privileges are required to execute this command.")
+					} else {
+						log.Errorf("failed to delete user: %v", err)
+					}
 				}
-			}
-			if finalErr != nil {
-				log.Errorf("failed to delete user: %v", finalErr)
 			}
 		},
 	}

cmd/harbor/root/user/elevate.go

@@ -31,20 +31,38 @@ func ElevateUserCmd() *cobra.Command {
 			var err error
 			var userId int64
 			if len(args) > 0 {
-				userId, _ = api.GetUsersIdByName(args[0])
+				userId, err = api.GetUsersIdByName(args[0])
+				if err != nil {
+					log.Errorf("failed to get user id for '%s': %v", args[0], err)
+					return
+				}
+
 			} else {
 				userId = prompt.GetUserIdFromUser()
+				if err != nil {
+					log.Errorf("failed to get user id: %v", err)
+					return
+				}
 			}
 
 			confirm, err := views.ConfirmElevation()
-			if confirm {
-				err = api.ElevateUser(userId)
-			} else {
-				log.Error("Permission denied for elevate user to admin.")
-			}
 			if err != nil {
+				log.Errorf("failed to confirm elevation: %v", err)
+				return
+			}
+			if !confirm {
+				log.Error("User did not confirm elevation. Aborting command.")
+				return
+			}
+
+			err = api.ElevateUser(userId)
+			if isUnauthorizedError(err) {
+				log.Error("Permission denied: Admin privileges are required to execute this command.")
+			} else {
 				log.Errorf("failed to elevate user: %v", err)
 			}
+
+			return
 		},
 	}
 

cmd/harbor/root/user/list.go

@@ -33,7 +33,11 @@ func UserListCmd() *cobra.Command {
 		Run: func(cmd *cobra.Command, args []string) {
 			response, err := api.ListUsers(opts)
 			if err != nil {
-				log.Errorf("failed to list users: %v", err)
+				if isUnauthorizedError(err) {
+					log.Error("Permission denied: Admin privileges are required to execute this command.")
+				} else {
+					log.Errorf("failed to list users: %v", err)
+				}
 				return
 			}
 			FormatFlag := viper.GetString("output-format")