refine tenant api

Signed-off-by: hongming <talonwan@yunify.com>
2019-04-01 02:59:19 +08:00
parent 744bd053e3
commit 93ad572e19
202 changed files with 13517 additions and 7951 deletions
--- a/pkg/utils/iputil/iputils.go
+++ b/pkg/utils/iputil/iputils.go
@@ -15,7 +15,7 @@
 limitations under the License.

 */
-package utils
+package iputil

 import (
 	"net"
--- a/pkg/utils/jsonutil/jsonutils.go
+++ b/pkg/utils/jsonutil/jsonutils.go
@@ -15,7 +15,7 @@
 limitations under the License.

 */
-package utils
+package jsonutil

 import (
 	"encoding/json"
--- a/pkg/utils/jwtutil/jwt.go
+++ b/pkg/utils/jwtutil/jwt.go
@@ -15,29 +15,33 @@
 limitations under the License.

 */
-package jwt
+package jwtutil

 import (
 	"fmt"
-	"os"
-
 	"github.com/dgrijalva/jwt-go"
 )

 const secretEnv = "JWT_SECRET"

-var Secret []byte
+var secret []byte

-func init() {
-	if env := os.Getenv(secretEnv); env != "" {
-		Secret = []byte(env)
-	} else {
-		fmt.Printf("Environment variable %s not set\n", secretEnv)
-	}
+func Setup(key string) {
+	secret = []byte(key)
 }
+
+func MustSigned(claims jwt.MapClaims) string {
+	uToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	token, err := uToken.SignedString(secret)
+	if err != nil {
+		panic(err)
+	}
+	return token
+}
+
 func provideKey(token *jwt.Token) (interface{}, error) {
 	if _, ok := token.Method.(*jwt.SigningMethodHMAC); ok {
-		return Secret, nil
+		return secret, nil
 	} else {
 		return nil, fmt.Errorf("expect token signed with HMAC but got %v", token.Header["alg"])
 	}
--- a/pkg/utils/k8sutil/k8sutil.go
+++ b/pkg/utils/k8sutil/k8sutil.go
@@ -0,0 +1,73 @@
+/*
+
+ Copyright 2019 The KubeSphere Authors.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+*/
+package k8sutil
+
+import (
+	"k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"kubesphere.io/kubesphere/pkg/models"
+)
+
+func IsControlledBy(reference []metav1.OwnerReference, kind string, name string) bool {
+	for _, ref := range reference {
+		if ref.Kind == kind && (name == "" || ref.Name == name) {
+			return true
+		}
+	}
+	return false
+}
+
+func GetControlledWorkspace(reference []metav1.OwnerReference) string {
+	for _, ref := range reference {
+		if ref.Kind == "Workspace" {
+			return ref.Name
+		}
+	}
+	return ""
+}
+
+func ContainsUser(subjects interface{}, username string) bool {
+	switch subjects.(type) {
+	case []*v1.Subject:
+		for _, subject := range subjects.([]*v1.Subject) {
+			if subject.Kind == v1.UserKind && subject.Name == username {
+				return true
+			}
+		}
+	case []v1.Subject:
+		for _, subject := range subjects.([]v1.Subject) {
+			if subject.Kind == v1.UserKind && subject.Name == username {
+				return true
+			}
+		}
+	case []models.User:
+		for _, u := range subjects.([]models.User) {
+			if u.Username == username {
+				return true
+			}
+		}
+
+	case []*models.User:
+		for _, u := range subjects.([]*models.User) {
+			if u.Username == username {
+				return true
+			}
+		}
+	}
+	return false
+}
--- a/pkg/utils/sliceutil/sliceutils.go
+++ b/pkg/utils/sliceutil/sliceutils.go
@@ -15,7 +15,7 @@
 limitations under the License.

 */
-package utils
+package sliceutil

 func RemoveString(slice []string, remove func(item string) bool) []string {
 	for i := 0; i < len(slice); i++ {
--- a/pkg/utils/utils.go
+++ b/pkg/utils/utils.go
@@ -1,7 +0,0 @@
-package utils
-
-func CheckError(err error) {
-	if err != nil {
-		panic(err)
-	}
-}