hongming
@@ -19,76 +19,20 @@ package im
|
||||
|
||||
import (
|
||||
"github.com/pkg/errors"
|
||||
"kubesphere.io/kubesphere/pkg/api/iam"
|
||||
"kubesphere.io/kubesphere/pkg/simple/client/ldap"
|
||||
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
|
||||
)
|
||||
|
||||
type IdentityManagementInterface interface {
|
||||
CreateUser(user *iam.User) (*iam.User, error)
|
||||
CreateUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error)
|
||||
DeleteUser(username string) error
|
||||
ModifyUser(user *iam.User) (*iam.User, error)
|
||||
DescribeUser(username string) (*iam.User, error)
|
||||
Authenticate(username, password string) (*iam.User, error)
|
||||
}
|
||||
|
||||
type imOperator struct {
|
||||
ldapClient ldap.Interface
|
||||
ModifyUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error)
|
||||
DescribeUser(username string) (*iamv1alpha2.User, error)
|
||||
Authenticate(username, password string) (*iamv1alpha2.User, error)
|
||||
}
|
||||
|
||||
var (
|
||||
AuthRateLimitExceeded = errors.New("user auth rate limit exceeded")
|
||||
UserAlreadyExists = errors.New("user already exists")
|
||||
UserNotExists = errors.New("user not exists")
|
||||
AuthRateLimitExceeded = errors.New("user auth rate limit exceeded")
|
||||
AuthFailedIncorrectPassword = errors.New("incorrect password")
|
||||
UserAlreadyExists = errors.New("user already exists")
|
||||
UserNotExists = errors.New("user not exists")
|
||||
)
|
||||
|
||||
func NewLDAPOperator(ldapClient ldap.Interface) IdentityManagementInterface {
|
||||
return &imOperator{
|
||||
ldapClient: ldapClient,
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func (im *imOperator) ModifyUser(user *iam.User) (*iam.User, error) {
|
||||
|
||||
err := im.ldapClient.Update(user)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return im.ldapClient.Get(user.Name)
|
||||
}
|
||||
|
||||
func (im *imOperator) Authenticate(username, password string) (*iam.User, error) {
|
||||
|
||||
user, err := im.ldapClient.Get(username)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = im.ldapClient.Authenticate(user.Name, password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func (im *imOperator) DescribeUser(username string) (*iam.User, error) {
|
||||
return im.ldapClient.Get(username)
|
||||
}
|
||||
|
||||
func (im *imOperator) DeleteUser(username string) error {
|
||||
return im.ldapClient.Delete(username)
|
||||
}
|
||||
|
||||
func (im *imOperator) CreateUser(user *iam.User) (*iam.User, error) {
|
||||
err := im.ldapClient.Create(user)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
85
pkg/models/iam/im/im_operator.go
Normal file
85
pkg/models/iam/im/im_operator.go
Normal file
@@ -0,0 +1,85 @@
|
||||
/*
|
||||
*
|
||||
* Copyright 2020 The KubeSphere Authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
* /
|
||||
*/
|
||||
|
||||
package im
|
||||
|
||||
import (
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
|
||||
kubesphereclient "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
|
||||
informers "kubesphere.io/kubesphere/pkg/client/informers/externalversions"
|
||||
)
|
||||
|
||||
func NewOperator(ksClient kubesphereclient.Interface, informer informers.SharedInformerFactory) IdentityManagementInterface {
|
||||
|
||||
return &defaultIMOperator{
|
||||
ksClient: ksClient,
|
||||
informer: informer,
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
type defaultIMOperator struct {
|
||||
ksClient kubesphereclient.Interface
|
||||
informer informers.SharedInformerFactory
|
||||
}
|
||||
|
||||
func (im *defaultIMOperator) ModifyUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error) {
|
||||
return im.ksClient.IamV1alpha2().Users().Update(user)
|
||||
}
|
||||
|
||||
func (im *defaultIMOperator) Authenticate(username, password string) (*iamv1alpha2.User, error) {
|
||||
|
||||
user, err := im.ksClient.IamV1alpha2().Users().Get(username, metav1.GetOptions{})
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if checkPasswordHash(password, user.Spec.EncryptedPassword) {
|
||||
return user, nil
|
||||
}
|
||||
return nil, AuthFailedIncorrectPassword
|
||||
}
|
||||
|
||||
func checkPasswordHash(password, hash string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
func (im *defaultIMOperator) DescribeUser(username string) (*iamv1alpha2.User, error) {
|
||||
user, err := im.ksClient.IamV1alpha2().Users().Get(username, metav1.GetOptions{})
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func (im *defaultIMOperator) DeleteUser(username string) error {
|
||||
return im.ksClient.IamV1alpha2().Users().Delete(username, metav1.NewDeleteOptions(0))
|
||||
}
|
||||
|
||||
func (im *defaultIMOperator) CreateUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error) {
|
||||
user, err := im.ksClient.IamV1alpha2().Users().Create(user)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
@@ -17,3 +17,25 @@
|
||||
*/
|
||||
|
||||
package im
|
||||
|
||||
import (
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestEncryptPassword(t *testing.T) {
|
||||
password := "P@88w0rd"
|
||||
encryptedPassword, err := hashPassword(password)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if !checkPasswordHash(password, encryptedPassword) {
|
||||
t.Fatal(err)
|
||||
}
|
||||
t.Log(encryptedPassword)
|
||||
}
|
||||
|
||||
func hashPassword(password string) (string, error) {
|
||||
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost)
|
||||
return string(bytes), err
|
||||
}
|
||||
|
||||
80
pkg/models/iam/im/ldap_operator.go
Normal file
80
pkg/models/iam/im/ldap_operator.go
Normal file
@@ -0,0 +1,80 @@
|
||||
/*
|
||||
*
|
||||
* Copyright 2020 The KubeSphere Authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
* /
|
||||
*/
|
||||
|
||||
package im
|
||||
|
||||
import (
|
||||
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
|
||||
"kubesphere.io/kubesphere/pkg/simple/client/ldap"
|
||||
)
|
||||
|
||||
type ldapOperator struct {
|
||||
ldapClient ldap.Interface
|
||||
}
|
||||
|
||||
func NewLDAPOperator(ldapClient ldap.Interface) IdentityManagementInterface {
|
||||
return &ldapOperator{
|
||||
ldapClient: ldapClient,
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func (im *ldapOperator) ModifyUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error) {
|
||||
|
||||
err := im.ldapClient.Update(user)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return im.ldapClient.Get(user.Name)
|
||||
}
|
||||
|
||||
func (im *ldapOperator) Authenticate(username, password string) (*iamv1alpha2.User, error) {
|
||||
|
||||
user, err := im.ldapClient.Get(username)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = im.ldapClient.Authenticate(user.Name, password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
|
||||
func (im *ldapOperator) DescribeUser(username string) (*iamv1alpha2.User, error) {
|
||||
return im.ldapClient.Get(username)
|
||||
}
|
||||
|
||||
func (im *ldapOperator) DeleteUser(username string) error {
|
||||
return im.ldapClient.Delete(username)
|
||||
}
|
||||
|
||||
func (im *ldapOperator) CreateUser(user *iamv1alpha2.User) (*iamv1alpha2.User, error) {
|
||||
err := im.ldapClient.Create(user)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return user, nil
|
||||
}
|
||||
@@ -32,9 +32,6 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
applicationLabel = "app.kubernetes.io/name"
|
||||
ReleaseLabel = "relase"
|
||||
|
||||
statusStopped = "stopped"
|
||||
statusRunning = "running"
|
||||
statusUpdating = "updating"
|
||||
@@ -80,14 +77,10 @@ func (d *deploymentsGetter) compare(left runtime.Object, right runtime.Object, f
|
||||
}
|
||||
|
||||
switch field {
|
||||
case query.FieldCreationTimeStamp:
|
||||
return leftDeployment.CreationTimestamp.After(rightDeployment.CreationTimestamp.Time)
|
||||
case query.FieldLastUpdateTimestamp:
|
||||
return lastUpdateTime(leftDeployment).After(lastUpdateTime(rightDeployment))
|
||||
default:
|
||||
fallthrough
|
||||
case query.FieldName:
|
||||
return strings.Compare(leftDeployment.Name, rightDeployment.Name) > 0
|
||||
return v1alpha3.DefaultObjectMetaCompare(leftDeployment.ObjectMeta, rightDeployment.ObjectMeta, field)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -98,18 +91,12 @@ func (d *deploymentsGetter) filter(object runtime.Object, filter query.Filter) b
|
||||
}
|
||||
|
||||
switch filter.Field {
|
||||
case query.FieldName:
|
||||
return query.ComparableString(deployment.Name).Contains(filter.Value)
|
||||
case query.FieldApplication:
|
||||
if app, ok := deployment.Labels[applicationLabel]; ok {
|
||||
return query.ComparableString(app).Contains(filter.Value)
|
||||
}
|
||||
|
||||
case query.FieldStatus:
|
||||
return filter.Value.Compare(query.ComparableString(deploymentStatus(deployment.Status))) == 0
|
||||
return strings.Compare(deploymentStatus(deployment.Status), string(filter.Value)) == 0
|
||||
default:
|
||||
return false
|
||||
return v1alpha3.DefaultObjectMetaFilter(deployment.ObjectMeta, filter)
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func deploymentStatus(status v1.DeploymentStatus) string {
|
||||
|
||||
@@ -94,15 +94,15 @@ func TestListDeployments(t *testing.T) {
|
||||
},
|
||||
&query.Query{
|
||||
Pagination: &query.Pagination{
|
||||
Limit: 1,
|
||||
Page: 1,
|
||||
Limit: 1,
|
||||
Offset: 1,
|
||||
},
|
||||
SortBy: query.FieldName,
|
||||
Ascending: false,
|
||||
Filters: []query.Filter{
|
||||
{
|
||||
Field: query.FieldName,
|
||||
Value: query.ComparableString("foo"),
|
||||
Value: query.Value("foo"),
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
package v1alpha3
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"kubesphere.io/kubesphere/pkg/api"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/query"
|
||||
"sort"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type Interface interface {
|
||||
@@ -36,14 +38,6 @@ func DefaultList(objects []runtime.Object, query *query.Query, compareFunc Compa
|
||||
}
|
||||
}
|
||||
|
||||
start, end := query.Pagination.GetPaginationSettings(len(filtered))
|
||||
if !query.Pagination.IsPageAvailable(len(filtered), start) {
|
||||
return &api.ListResult{
|
||||
Items: nil,
|
||||
TotalItems: 0,
|
||||
}
|
||||
}
|
||||
|
||||
// sort by sortBy field
|
||||
sort.Slice(filtered, func(i, j int) bool {
|
||||
if !query.Ascending {
|
||||
@@ -52,14 +46,88 @@ func DefaultList(objects []runtime.Object, query *query.Query, compareFunc Compa
|
||||
return compareFunc(filtered[i], filtered[j], query.SortBy)
|
||||
})
|
||||
|
||||
start, end := query.Pagination.GetValidPagination(len(filtered))
|
||||
|
||||
return &api.ListResult{
|
||||
Items: objectsToInterfaces(filtered[start:end]),
|
||||
TotalItems: len(filtered),
|
||||
}
|
||||
}
|
||||
|
||||
func DefaultObjectMetaCompare(left, right metav1.ObjectMeta, sortBy query.Field) bool {
|
||||
switch sortBy {
|
||||
// ?sortBy=name
|
||||
case query.FieldName:
|
||||
return strings.Compare(left.Name, right.Name) > 0
|
||||
// ?sortBy=creationTimestamp
|
||||
case query.FieldCreationTimeStamp:
|
||||
return left.CreationTimestamp.After(right.CreationTimestamp.Time)
|
||||
default:
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// Default metadata filter
|
||||
func DefaultObjectMetaFilter(item metav1.ObjectMeta, filter query.Filter) bool {
|
||||
switch filter.Field {
|
||||
// /namespaces?page=1&limit=10&name=default
|
||||
case query.FieldName:
|
||||
return strings.Contains(item.Name, string(filter.Value))
|
||||
// /namespaces?page=1&limit=10&uid=a8a8d6cf-f6a5-4fea-9c1b-e57610115706
|
||||
case query.FieldUID:
|
||||
return strings.Compare(string(item.UID), string(filter.Value)) == 0
|
||||
// /deployments?page=1&limit=10&namespace=kubesphere-system
|
||||
case query.FieldNamespace:
|
||||
return strings.Compare(item.Namespace, string(filter.Value)) == 0
|
||||
// /namespaces?page=1&limit=10&ownerReference=a8a8d6cf-f6a5-4fea-9c1b-e57610115706
|
||||
case query.FieldOwnerReference:
|
||||
for _, ownerReference := range item.OwnerReferences {
|
||||
if strings.Compare(string(ownerReference.UID), string(filter.Value)) == 0 {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
// /namespaces?page=1&limit=10&ownerKind=Workspace
|
||||
case query.FieldOwnerKind:
|
||||
for _, ownerReference := range item.OwnerReferences {
|
||||
if strings.Compare(ownerReference.Kind, string(filter.Value)) == 0 {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
// /namespaces?page=1&limit=10&annotation=openpitrix_runtime
|
||||
case query.FieldAnnotation:
|
||||
return containsAnyValue(item.Annotations, string(filter.Value))
|
||||
// /namespaces?page=1&limit=10&label=kubesphere.io/workspace:system-workspace
|
||||
case query.FieldLabel:
|
||||
return containsAnyValue(item.Labels, string(filter.Value))
|
||||
case query.FieldClusterName:
|
||||
return strings.Compare(item.ClusterName, string(filter.Value)) == 0
|
||||
default:
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// Filter format <key:><value>,if the key is defined, the key must match exactly, value match according to strings.Contains.
|
||||
func containsAnyValue(keyValues map[string]string, filter string) bool {
|
||||
fields := strings.SplitN(filter, ":", 2)
|
||||
var keyFilter, valueFilter string
|
||||
if len(fields) == 2 {
|
||||
keyFilter = fields[0]
|
||||
valueFilter = fields[1]
|
||||
} else {
|
||||
valueFilter = fields[0]
|
||||
}
|
||||
for key, value := range keyValues {
|
||||
if (key == keyFilter || keyFilter == "") && strings.Contains(value, valueFilter) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func objectsToInterfaces(objs []runtime.Object) []interface{} {
|
||||
var res []interface{}
|
||||
res := make([]interface{}, 0)
|
||||
for _, obj := range objs {
|
||||
res = append(res, obj)
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@ type namespaceGetter struct {
|
||||
informers informers.SharedInformerFactory
|
||||
}
|
||||
|
||||
func NewNamespaceGetter(informers informers.SharedInformerFactory) v1alpha3.Interface {
|
||||
func New(informers informers.SharedInformerFactory) v1alpha3.Interface {
|
||||
return &namespaceGetter{informers: informers}
|
||||
}
|
||||
|
||||
@@ -42,14 +42,11 @@ func (n namespaceGetter) filter(item runtime.Object, filter query.Filter) bool {
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
||||
switch filter.Field {
|
||||
case query.FieldName:
|
||||
return query.ComparableString(namespace.Name).Contains(filter.Value)
|
||||
case query.FieldStatus:
|
||||
return query.ComparableString(namespace.Status.Phase).Compare(filter.Value) == 0
|
||||
return strings.Compare(string(namespace.Status.Phase), string(filter.Value)) == 0
|
||||
default:
|
||||
return false
|
||||
return v1alpha3.DefaultObjectMetaFilter(namespace.ObjectMeta, filter)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,13 +60,5 @@ func (n namespaceGetter) compare(left runtime.Object, right runtime.Object, fiel
|
||||
if !ok {
|
||||
return true
|
||||
}
|
||||
|
||||
switch field {
|
||||
case query.FieldName:
|
||||
return strings.Compare(leftNs.Name, rightNs.Name) > 0
|
||||
case query.FieldCreationTimeStamp:
|
||||
return leftNs.CreationTimestamp.After(rightNs.CreationTimestamp.Time)
|
||||
default:
|
||||
return false
|
||||
}
|
||||
return v1alpha3.DefaultObjectMetaCompare(leftNs.ObjectMeta, rightNs.ObjectMeta, field)
|
||||
}
|
||||
|
||||
@@ -8,27 +8,29 @@ import (
|
||||
"kubesphere.io/kubesphere/pkg/informers"
|
||||
"kubesphere.io/kubesphere/pkg/models/resources/v1alpha3"
|
||||
"kubesphere.io/kubesphere/pkg/models/resources/v1alpha3/deployment"
|
||||
"kubesphere.io/kubesphere/pkg/models/resources/v1alpha3/namespace"
|
||||
)
|
||||
|
||||
var ErrResourceNotSupported = errors.New("resource is not supported")
|
||||
|
||||
type NamespacedResourceGetter struct {
|
||||
type ResourceGetter struct {
|
||||
getters map[schema.GroupVersionResource]v1alpha3.Interface
|
||||
}
|
||||
|
||||
func New(factory informers.InformerFactory) *NamespacedResourceGetter {
|
||||
func New(factory informers.InformerFactory) *ResourceGetter {
|
||||
getters := make(map[schema.GroupVersionResource]v1alpha3.Interface)
|
||||
|
||||
getters[schema.GroupVersionResource{Group: "apps", Version: "v1", Resource: "deployments"}] = deployment.New(factory.KubernetesSharedInformerFactory())
|
||||
getters[schema.GroupVersionResource{Group: "", Version: "v1", Resource: "namespaces"}] = namespace.New(factory.KubernetesSharedInformerFactory())
|
||||
|
||||
return &NamespacedResourceGetter{
|
||||
return &ResourceGetter{
|
||||
getters: getters,
|
||||
}
|
||||
}
|
||||
|
||||
// tryResource will retrieve a getter with resource name, it doesn't guarantee find resource with correct group version
|
||||
// need to refactor this use schema.GroupVersionResource
|
||||
func (r *NamespacedResourceGetter) tryResource(resource string) v1alpha3.Interface {
|
||||
func (r *ResourceGetter) tryResource(resource string) v1alpha3.Interface {
|
||||
for k, v := range r.getters {
|
||||
if k.Resource == resource {
|
||||
return v
|
||||
@@ -38,21 +40,18 @@ func (r *NamespacedResourceGetter) tryResource(resource string) v1alpha3.Interfa
|
||||
return nil
|
||||
}
|
||||
|
||||
func (r *NamespacedResourceGetter) Get(resource, namespace, name string) (interface{}, error) {
|
||||
func (r *ResourceGetter) Get(resource, namespace, name string) (interface{}, error) {
|
||||
getter := r.tryResource(resource)
|
||||
if getter == nil {
|
||||
return nil, ErrResourceNotSupported
|
||||
}
|
||||
|
||||
return getter.Get(namespace, name)
|
||||
}
|
||||
|
||||
func (r *NamespacedResourceGetter) List(resource, namespace string, query *query.Query) (*api.ListResult, error) {
|
||||
func (r *ResourceGetter) List(resource, namespace string, query *query.Query) (*api.ListResult, error) {
|
||||
getter := r.tryResource(resource)
|
||||
if getter == nil {
|
||||
return nil, ErrResourceNotSupported
|
||||
}
|
||||
|
||||
return getter.List(namespace, query)
|
||||
|
||||
}
|
||||
|
||||
111
pkg/models/resources/v1alpha3/resource/resource_test.go
Normal file
111
pkg/models/resources/v1alpha3/resource/resource_test.go
Normal file
@@ -0,0 +1,111 @@
|
||||
/*
|
||||
*
|
||||
* Copyright 2020 The KubeSphere Authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
* /
|
||||
*/
|
||||
|
||||
package resource
|
||||
|
||||
import (
|
||||
"github.com/google/go-cmp/cmp"
|
||||
fakeapp "github.com/kubernetes-sigs/application/pkg/client/clientset/versioned/fake"
|
||||
fakeistio "istio.io/client-go/pkg/clientset/versioned/fake"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
corev1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
fakek8s "k8s.io/client-go/kubernetes/fake"
|
||||
"kubesphere.io/kubesphere/pkg/api"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/query"
|
||||
fakeks "kubesphere.io/kubesphere/pkg/client/clientset/versioned/fake"
|
||||
"kubesphere.io/kubesphere/pkg/informers"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestResourceGetter(t *testing.T) {
|
||||
|
||||
namespaces := make([]interface{}, 0)
|
||||
defaultNamespace := &v1.Namespace{
|
||||
ObjectMeta: corev1.ObjectMeta{
|
||||
Name: "default",
|
||||
Labels: map[string]string{"kubesphere.io/workspace": "system-workspace"},
|
||||
},
|
||||
}
|
||||
kubesphereNamespace := &v1.Namespace{
|
||||
ObjectMeta: corev1.ObjectMeta{
|
||||
Name: "kubesphere-system",
|
||||
Labels: map[string]string{"kubesphere.io/workspace": "system-workspace"},
|
||||
},
|
||||
}
|
||||
|
||||
namespaces = append(namespaces, defaultNamespace, kubesphereNamespace)
|
||||
|
||||
ksClient := fakeks.NewSimpleClientset()
|
||||
k8sClient := fakek8s.NewSimpleClientset(defaultNamespace, kubesphereNamespace)
|
||||
istioClient := fakeistio.NewSimpleClientset()
|
||||
appClient := fakeapp.NewSimpleClientset()
|
||||
fakeInformerFactory := informers.NewInformerFactories(k8sClient, ksClient, istioClient, appClient)
|
||||
|
||||
k8sInformerFactory := fakeInformerFactory.KubernetesSharedInformerFactory()
|
||||
for _, namespace := range namespaces {
|
||||
err := k8sInformerFactory.Core().V1().Namespaces().Informer().GetIndexer().Add(namespace)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
resource := New(fakeInformerFactory)
|
||||
|
||||
tests := []struct {
|
||||
Name string
|
||||
Resource string
|
||||
Namespace string
|
||||
Query *query.Query
|
||||
ExpectError error
|
||||
ExpectResponse *api.ListResult
|
||||
}{
|
||||
{
|
||||
Name: "normal case",
|
||||
Resource: "namespaces",
|
||||
Namespace: "",
|
||||
Query: &query.Query{
|
||||
Pagination: &query.Pagination{
|
||||
Limit: 10,
|
||||
Offset: 0,
|
||||
},
|
||||
SortBy: query.FieldName,
|
||||
Ascending: false,
|
||||
Filters: []query.Filter{},
|
||||
},
|
||||
ExpectError: nil,
|
||||
ExpectResponse: &api.ListResult{
|
||||
Items: namespaces,
|
||||
TotalItems: 2,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range tests {
|
||||
|
||||
result, err := resource.List(test.Resource, test.Namespace, test.Query)
|
||||
|
||||
t.Logf("%+v", result)
|
||||
if err != test.ExpectError {
|
||||
t.Errorf("expected error: %s, got: %s", test.ExpectError, err)
|
||||
}
|
||||
if diff := cmp.Diff(test.ExpectResponse, result); diff != "" {
|
||||
t.Errorf(diff)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -22,6 +22,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||
"k8s.io/client-go/informers"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
|
||||
"kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
|
||||
"kubesphere.io/kubesphere/pkg/client/informers/externalversions"
|
||||
"kubesphere.io/kubesphere/pkg/constants"
|
||||
@@ -37,12 +38,10 @@ import (
|
||||
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/labels"
|
||||
|
||||
iamapi "kubesphere.io/kubesphere/pkg/api/iam"
|
||||
)
|
||||
|
||||
type InWorkspaceUser struct {
|
||||
*iamapi.User
|
||||
*iamv1alpha2.User
|
||||
WorkspaceRole string `json:"workspaceRole"`
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user