code refactor (#1922)

Signed-off-by: hongming <talonwan@yunify.com>
2020-02-25 18:16:51 +08:00
parent abf9fee845
commit 0664eeb559
9 changed files with 87 additions and 766 deletions
--- a/pkg/apiserver/openpitrix/attachments.go
+++ b/pkg/apiserver/openpitrix/attachments.go
@@ -1,54 +0,0 @@
-/*
- *
- * Copyright 2019 The KubeSphere Authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * /
- */
-
-package openpitrix
-
-import (
-	"github.com/emicklei/go-restful"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
-	"kubesphere.io/kubesphere/pkg/models/openpitrix/attachment"
-	"kubesphere.io/kubesphere/pkg/server/errors"
-	"kubesphere.io/kubesphere/pkg/simple/client"
-	"net/http"
-)
-
-func DescribeAttachment(req *restful.Request, resp *restful.Response) {
-	attachmentId := req.PathParameter("attachment")
-	fileName := req.QueryParameter("filename")
-	result, err := attachment.DescribeAttachment(attachmentId)
-	// file raw
-	if fileName != "" {
-		data := result.AttachmentContent[fileName]
-		resp.Write(data)
-		resp.Header().Set("Content-Type", "text/plain")
-		return
-	}
-
-	if _, notEnabled := err.(client.ClientSetNotEnabledError); notEnabled {
-		resp.WriteHeaderAndEntity(http.StatusNotImplemented, errors.Wrap(err))
-		return
-	}
-
-	if status.Code(err) == codes.NotFound {
-		resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err))
-		return
-	}
-
-	resp.WriteEntity(result)
-}
--- a/pkg/apiserver/resources/user.go
+++ b/pkg/apiserver/resources/user.go
@@ -1,65 +0,0 @@
-/*
-
- Copyright 2019 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/
-package resources
-
-import (
-	"github.com/emicklei/go-restful"
-	k8serr "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/klog"
-	"net/http"
-
-	"kubesphere.io/kubesphere/pkg/models/kubeconfig"
-	"kubesphere.io/kubesphere/pkg/models/kubectl"
-	"kubesphere.io/kubesphere/pkg/server/errors"
-)
-
-func GetKubectl(req *restful.Request, resp *restful.Response) {
-
-	user := req.PathParameter("user")
-
-	kubectlPod, err := kubectl.GetKubectlPod(user)
-
-	if err != nil {
-		klog.Error(err)
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		return
-	}
-
-	resp.WriteAsJson(kubectlPod)
-}
-
-func GetKubeconfig(req *restful.Request, resp *restful.Response) {
-
-	user := req.PathParameter("user")
-
-	kubectlConfig, err := kubeconfig.GetKubeConfig(user)
-
-	if err != nil {
-		klog.Error(err)
-		if k8serr.IsNotFound(err) {
-			// recreate
-			kubeconfig.CreateKubeConfig(user)
-			resp.WriteHeaderAndJson(http.StatusNotFound, errors.Wrap(err), restful.MIME_JSON)
-		} else {
-			resp.WriteHeaderAndJson(http.StatusInternalServerError, errors.Wrap(err), restful.MIME_JSON)
-		}
-		return
-	}
-
-	resp.Write([]byte(kubectlConfig))
-}
--- a/pkg/apiserver/tenant/tenant.go
+++ b/pkg/apiserver/tenant/tenant.go
@@ -1,327 +0,0 @@
-/*
-
- Copyright 2019 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/
-package tenant
-
-import (
-	"github.com/emicklei/go-restful"
-	"k8s.io/api/core/v1"
-	rbacv1 "k8s.io/api/rbac/v1"
-	k8serr "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/util/net"
-	"k8s.io/klog"
-	devopsv1alpha2 "kubesphere.io/kubesphere/pkg/api/devops/v1alpha2"
-	loggingv1alpha2 "kubesphere.io/kubesphere/pkg/api/logging/v1alpha2"
-	"kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
-	"kubesphere.io/kubesphere/pkg/apiserver/logging"
-	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/models/iam"
-	"kubesphere.io/kubesphere/pkg/models/metrics"
-	"kubesphere.io/kubesphere/pkg/models/resources/v1alpha2"
-	"kubesphere.io/kubesphere/pkg/models/tenant"
-	"kubesphere.io/kubesphere/pkg/models/workspaces"
-	"kubesphere.io/kubesphere/pkg/server/errors"
-	"kubesphere.io/kubesphere/pkg/server/params"
-
-	"kubesphere.io/kubesphere/pkg/utils/sliceutil"
-	"net/http"
-	"strings"
-)
-
-func ListWorkspaceRules(req *restful.Request, resp *restful.Response) {
-	workspace := req.PathParameter("workspace")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	rules, err := iam.GetUserWorkspaceSimpleRules(workspace, username)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		return
-	}
-
-	resp.WriteAsJson(rules)
-}
-
-func ListWorkspaces(req *restful.Request, resp *restful.Response) {
-	username := req.HeaderParameter(constants.UserNameHeader)
-	conditions, err := params.ParseConditions(req.QueryParameter(params.ConditionsParam))
-	orderBy := req.QueryParameter(params.OrderByParam)
-	limit, offset := params.ParsePaging(req.QueryParameter(params.PagingParam))
-	reverse := params.ParseReverse(req)
-
-	if orderBy == "" {
-		orderBy = v1alpha2.CreateTime
-		reverse = true
-	}
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
-		return
-	}
-
-	result, err := tenant.ListWorkspaces(username, conditions, orderBy, reverse, limit, offset)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		return
-	}
-
-	resp.WriteAsJson(result)
-}
-
-func DescribeWorkspace(req *restful.Request, resp *restful.Response) {
-	username := req.HeaderParameter(constants.UserNameHeader)
-	workspaceName := req.PathParameter("workspace")
-
-	result, err := tenant.DescribeWorkspace(username, workspaceName)
-
-	if err != nil {
-		klog.Errorf("describe workspace failed: %+v", err)
-		if k8serr.IsNotFound(err) {
-			resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err))
-		} else {
-			resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		}
-		return
-	}
-
-	resp.WriteAsJson(result)
-}
-func ListNamespacesByUsername(req *restful.Request, resp *restful.Response) {
-	ListNamespaces(req, resp)
-}
-
-func ListNamespaces(req *restful.Request, resp *restful.Response) {
-	workspace := req.PathParameter("workspace")
-	username := req.PathParameter("member")
-	// /workspaces/{workspace}/members/{username}/namespaces
-	if username == "" {
-		// /workspaces/{workspace}/namespaces
-		username = req.HeaderParameter(constants.UserNameHeader)
-	}
-
-	conditions, err := params.ParseConditions(req.QueryParameter(params.ConditionsParam))
-	orderBy := req.QueryParameter(params.OrderByParam)
-	limit, offset := params.ParsePaging(req.QueryParameter(params.PagingParam))
-	reverse := params.ParseReverse(req)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
-		return
-	}
-
-	conditions.Match[constants.WorkspaceLabelKey] = workspace
-
-	result, err := tenant.ListNamespaces(username, conditions, orderBy, reverse, limit, offset)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		return
-	}
-
-	namespaces := make([]*v1.Namespace, 0)
-
-	for _, item := range result.Items {
-		namespaces = append(namespaces, item.(*v1.Namespace).DeepCopy())
-	}
-
-	namespaces = metrics.GetNamespacesWithMetrics(namespaces)
-
-	items := make([]interface{}, 0)
-
-	for _, item := range namespaces {
-		items = append(items, item)
-	}
-
-	result.Items = items
-
-	resp.WriteAsJson(result)
-}
-
-func CreateNamespace(req *restful.Request, resp *restful.Response) {
-	workspaceName := req.PathParameter("workspace")
-	username := req.HeaderParameter(constants.UserNameHeader)
-	var namespace v1.Namespace
-	err := req.ReadEntity(&namespace)
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
-		return
-	}
-
-	workspace, err := tenant.GetWorkspace(workspaceName)
-
-	err = checkResourceQuotas(workspace)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err))
-		return
-	}
-
-	if err != nil {
-		if k8serr.IsNotFound(err) {
-			resp.WriteHeaderAndEntity(http.StatusForbidden, errors.Wrap(err))
-		} else {
-			resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-		}
-		return
-	}
-
-	created, err := tenant.CreateNamespace(workspaceName, &namespace, username)
-
-	if err != nil {
-		if k8serr.IsAlreadyExists(err) {
-			resp.WriteHeaderAndEntity(http.StatusConflict, err)
-		} else {
-			resp.WriteHeaderAndEntity(http.StatusInternalServerError, err)
-		}
-		return
-	}
-	resp.WriteAsJson(created)
-}
-
-func DeleteNamespace(req *restful.Request, resp *restful.Response) {
-	workspaceName := req.PathParameter("workspace")
-	namespaceName := req.PathParameter("namespace")
-
-	err := workspaces.DeleteNamespace(workspaceName, namespaceName)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err))
-		return
-	}
-
-	resp.WriteAsJson(errors.None)
-}
-
-func checkResourceQuotas(wokrspace *v1alpha1.Workspace) error {
-	return nil
-}
-
-func ListNamespaceRules(req *restful.Request, resp *restful.Response) {
-	namespace := req.PathParameter("namespace")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	rules, err := iam.GetUserNamespaceSimpleRules(namespace, username)
-
-	if err != nil {
-		resp.WriteError(http.StatusInternalServerError, err)
-		return
-	}
-
-	resp.WriteAsJson(rules)
-}
-
-func LogQuery(req *restful.Request, resp *restful.Response) {
-	operation := req.QueryParameter("operation")
-	req, err := regenerateLoggingRequest(req)
-	switch {
-	case err != nil:
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err))
-	case req != nil:
-		logging.LoggingQueryCluster(req, resp)
-	default:
-		if operation == "export" {
-			resp.Header().Set(restful.HEADER_ContentType, "text/plain")
-			resp.Header().Set("Content-Disposition", "attachment")
-			resp.Write(nil)
-		} else {
-			resp.WriteAsJson(loggingv1alpha2.QueryResult{Read: new(loggingv1alpha2.ReadResult)})
-		}
-	}
-}
-
-// override namespace query conditions
-func regenerateLoggingRequest(req *restful.Request) (*restful.Request, error) {
-
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	// regenerate the request for log query
-	newUrl := net.FormatURL("http", "127.0.0.1", 80, "/kapis/logging.kubesphere.io/v1alpha2/cluster")
-	values := req.Request.URL.Query()
-
-	clusterRules, err := iam.GetUserClusterRules(username)
-	if err != nil {
-		klog.Errorln(err)
-		return nil, err
-	}
-
-	hasClusterLogAccess := iam.RulesMatchesRequired(clusterRules, rbacv1.PolicyRule{Verbs: []string{"get"}, Resources: []string{"*"}, APIGroups: []string{"logging.kubesphere.io"}})
-	// if the user is not a cluster admin
-	if !hasClusterLogAccess {
-		queryNamespaces := strings.Split(req.QueryParameter("namespaces"), ",")
-		// then the user can only view logs of namespaces he belongs to
-		namespaces := make([]string, 0)
-		roles, err := iam.GetUserRoles("", username)
-		if err != nil {
-			klog.Errorln(err)
-			return nil, err
-		}
-		for _, role := range roles {
-			if !sliceutil.HasString(namespaces, role.Namespace) && iam.RulesMatchesRequired(role.Rules, rbacv1.PolicyRule{Verbs: []string{"get"}, Resources: []string{"*"}, APIGroups: []string{"logging.kubesphere.io"}}) {
-				namespaces = append(namespaces, role.Namespace)
-			}
-		}
-
-		// if the user belongs to no namespace
-		// then no log visible
-		if len(namespaces) == 0 {
-			return nil, nil
-		} else if len(queryNamespaces) == 1 && queryNamespaces[0] == "" {
-			values.Set("namespaces", strings.Join(namespaces, ","))
-		} else {
-			inter := intersection(queryNamespaces, namespaces)
-			if len(inter) == 0 {
-				return nil, nil
-			}
-			values.Set("namespaces", strings.Join(inter, ","))
-		}
-	}
-
-	newUrl.RawQuery = values.Encode()
-
-	// forward the request to logging model
-	newHttpRequest, _ := http.NewRequest(http.MethodGet, newUrl.String(), nil)
-	return restful.NewRequest(newHttpRequest), nil
-}
-
-func intersection(s1, s2 []string) (inter []string) {
-	hash := make(map[string]bool)
-	for _, e := range s1 {
-		hash[e] = true
-	}
-	for _, e := range s2 {
-		// If elements present in the hashmap then append intersection list.
-		if hash[e] {
-			inter = append(inter, e)
-		}
-	}
-	//Remove dups from slice.
-	inter = removeDups(inter)
-	return
-}
-
-//Remove dups from slice.
-func removeDups(elements []string) (nodups []string) {
-	encountered := make(map[string]bool)
-	for _, element := range elements {
-		if !encountered[element] {
-			nodups = append(nodups, element)
-			encountered[element] = true
-		}
-	}
-	return
-}