From 5e1cb6b79d6d83be40ba8a5a4b7ddb980aa27f0f Mon Sep 17 00:00:00 2001 From: hongming Date: Fri, 1 Jun 2018 16:31:25 +0800 Subject: [PATCH] bug fixed --- pkg/apis/v1alpha/iam/iam_handler.go | 2 +- pkg/apis/v1alpha/iam/policy.go | 2 +- pkg/models/roles.go | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/apis/v1alpha/iam/iam_handler.go b/pkg/apis/v1alpha/iam/iam_handler.go index f5d971ff7..2705c1d37 100644 --- a/pkg/apis/v1alpha/iam/iam_handler.go +++ b/pkg/apis/v1alpha/iam/iam_handler.go @@ -110,7 +110,7 @@ func clusterRoleUsersHandler(req *restful.Request, resp *restful.Response) { for _, roleBinding := range roleBindings { for _, subject := range roleBinding.Subjects { - if subject.Kind == v1.UserKind { + if subject.Kind == v1.UserKind && !strings.HasPrefix(subject.Name, "system") { users = append(users, subject.Name) } } diff --git a/pkg/apis/v1alpha/iam/policy.go b/pkg/apis/v1alpha/iam/policy.go index 9b6516985..161130b53 100644 --- a/pkg/apis/v1alpha/iam/policy.go +++ b/pkg/apis/v1alpha/iam/policy.go @@ -41,7 +41,7 @@ type userRuleList struct { Rules map[string][]rule `json:"rules"` } -// TODO design all frontend-facing rules +// TODO stored in etcd, allow updates var ( clusterRoleRuleGroup = []rule{projectsManagement, userManagement, roleManagement, registryManagement, volumeManagement, storageclassManagement, nodeManagement, appCatalogManagement, appManagement} diff --git a/pkg/models/roles.go b/pkg/models/roles.go index 5de506b9d..a52af2504 100644 --- a/pkg/models/roles.go +++ b/pkg/models/roles.go @@ -33,7 +33,7 @@ func GetClusterRoleBindings(name string) ([]v1.ClusterRoleBinding, error) { } } - return roleBindingList.Items, nil + return items, nil } func GetRoleBindings(namespace string, name string) ([]v1.RoleBinding, error) { @@ -53,7 +53,7 @@ func GetRoleBindings(namespace string, name string) ([]v1.RoleBinding, error) { } } - return roleBindingList.Items, nil + return items, nil } func GetClusterRole(name string) (*v1.ClusterRole, error) {