admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

code refactor (#1924)

Browse Source 
* code refactor

Signed-off-by: hongming <talonwan@yunify.com>

* code refactor

Signed-off-by: hongming <talonwan@yunify.com>
This commit is contained in:
hongming
2020-02-26 10:08:13 +08:00
committed by GitHub
parent 570ef8b60a
commit a9e1183f3c
14 changed files with 176 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/models/iam/am.go
View File

@@ -156,7 +156,7 @@ func (am *amOperator) GetUserRoles(namespace, username string) ([]*rbacv1.Role,
roles := make([]*rbacv1.Role, 0)
for _, roleBinding := range roleBindings {
if k8sutil.ContainsUser(roleBinding.Subjects, username) {
if ContainsUser(roleBinding.Subjects, username) {
if roleBinding.RoleRef.Kind == ClusterRoleKind {
clusterRole, err := clusterRoleLister.Get(roleBinding.RoleRef.Name)
if err != nil {
@@ -207,7 +207,7 @@ func (am *amOperator) GetUserClusterRoles(username string) (*rbacv1.ClusterRole,
clusterRoles := make([]*rbacv1.ClusterRole, 0)
userFacingClusterRole := &rbacv1.ClusterRole{}
for _, clusterRoleBinding := range clusterRoleBindings {
if k8sutil.ContainsUser(clusterRoleBinding.Subjects, username) {
if ContainsUser(clusterRoleBinding.Subjects, username) {
clusterRole, err := clusterRoleLister.Get(clusterRoleBinding.RoleRef.Name)
if err != nil {
if apierrors.IsNotFound(err) {
@@ -307,7 +307,7 @@ func (am *amOperator) GetWorkspaceRoleMap(username string) (map[string]string, e
for _, roleBinding := range clusterRoleBindings {
if workspace := k8sutil.GetControlledWorkspace(roleBinding.OwnerReferences); workspace != "" &&
k8sutil.ContainsUser(roleBinding.Subjects, username) {
ContainsUser(roleBinding.Subjects, username) {
result[workspace] = roleBinding.RoleRef.Name
}
}
@@ -588,7 +588,7 @@ func (am *amOperator) CreateClusterRoleBinding(username string, clusterRoleName
return nil
}
if !k8sutil.ContainsUser(found.Subjects, username) {
if !ContainsUser(found.Subjects, username) {
found.Subjects = clusterRoleBinding.Subjects
_, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(found)
if err != nil {

31
pkg/models/iam/utils.go
View File

@@ -179,3 +179,34 @@ func hasString(slice []string, value string) bool {
}
return false
}
func ContainsUser(subjects interface{}, username string) bool {
switch subjects.(type) {
case []*rbacv1.Subject:
for _, subject := range subjects.([]*rbacv1.Subject) {
if subject.Kind == rbacv1.UserKind && subject.Name == username {
return true
}
}
case []rbacv1.Subject:
for _, subject := range subjects.([]rbacv1.Subject) {
if subject.Kind == rbacv1.UserKind && subject.Name == username {
return true
}
}
case []User:
for _, u := range subjects.([]User) {
if u.Username == username {
return true
}
}
case []*User:
for _, u := range subjects.([]*User) {
if u.Username == username {
return true
}
}
}
return false
}