Allow global admins to view deleted namespace logs

Signed-off-by: huanggze <loganhuang@yunify.com>

pkg/simple/client/logging/elasticsearch/api_body.go

@@ -5,7 +5,6 @@ import (
 	"github.com/json-iterator/go"
 	"k8s.io/klog"
 	"kubesphere.io/kubesphere/pkg/simple/client/logging"
-	"time"
 )
 
 const (
@@ -36,23 +35,38 @@ func (bb *bodyBuilder) mainBool(sf logging.SearchFilter) *bodyBuilder {
 	if len(sf.NamespaceFilter) != 0 {
 		var b Bool
 		for ns := range sf.NamespaceFilter {
-			match := Match{
-				Bool: &Bool{
-					Filter: []Match{
-						{
-							MatchPhrase: map[string]string{
-								"kubernetes.namespace_name.keyword": ns,
+			var match Match
+			if ct := sf.NamespaceFilter[ns]; ct != nil {
+				match = Match{
+					Bool: &Bool{
+						Filter: []Match{
+							{
+								MatchPhrase: map[string]string{
+									"kubernetes.namespace_name.keyword": ns,
+								},
 							},
-						},
-						{
-							Range: &Range{
-								Time: &Time{
-									Gte: func() *time.Time { t := sf.NamespaceFilter[ns]; return &t }(),
+							{
+								Range: &Range{
+									Time: &Time{
+										Gte: ct,
+									},
 								},
 							},
 						},
 					},
-				},
+				}
+			} else {
+				match = Match{
+					Bool: &Bool{
+						Filter: []Match{
+							{
+								MatchPhrase: map[string]string{
+									"kubernetes.namespace_name.keyword": ns,
+								},
+							},
+						},
+					},
+				}
 			}
 			b.Should = append(b.Should, match)
 		}

pkg/simple/client/logging/elasticsearch/api_body_test.go

@@ -16,8 +16,8 @@ func TestMainBool(t *testing.T) {
 	}{
 		{
 			filter: logging.SearchFilter{
-				NamespaceFilter: map[string]time.Time{
-					"default": time.Unix(1589981934, 0),
+				NamespaceFilter: map[string]*time.Time{
+					"default": func() *time.Time { t := time.Unix(1589981934, 0); return &t }(),
 				},
 			},
 			expected: "api_body_1.json",
@@ -51,6 +51,14 @@ func TestMainBool(t *testing.T) {
 			},
 			expected: "api_body_7.json",
 		},
+		{
+			filter: logging.SearchFilter{
+				NamespaceFilter: map[string]*time.Time{
+					"default": nil,
+				},
+			},
+			expected: "api_body_8.json",
+		},
 	}
 
 	for i, test := range tests {

pkg/simple/client/logging/elasticsearch/testdata/api_body_8.json

@@ -0,0 +1,26 @@
+{
+  "query":{
+    "bool":{
+      "filter":[
+        {
+          "bool":{
+            "should":[
+              {
+                "bool":{
+                  "filter":[
+                    {
+                      "match_phrase":{
+                        "kubernetes.namespace_name.keyword":"default"
+                      }
+                    }
+                  ]
+                }
+              }
+            ],
+            "minimum_should_match":1
+          }
+        }
+      ]
+    }
+  }
+}

pkg/simple/client/logging/interface.go

@@ -51,7 +51,7 @@ type SearchFilter struct {
 	// To prevent disclosing archived logs of a reopened namespace,
 	// NamespaceFilter records the namespace creation time.
 	// Any query to this namespace must begin after its creation.
-	NamespaceFilter map[string]time.Time
+	NamespaceFilter map[string]*time.Time
 	WorkloadSearch  []string
 	WorkloadFilter  []string
 	PodSearch       []string