Roland.Ma
@@ -904,7 +904,7 @@ func (h *iamHandler) CreateWorkspaceMembers(request *restful.Request, response *
|
|||||||
}
|
}
|
||||||
|
|
||||||
for _, member := range members {
|
for _, member := range members {
|
||||||
err := h.am.CreateWorkspaceRoleBinding(member.Username, workspace, member.RoleRef)
|
err := h.am.CreateUserWorkspaceRoleBinding(member.Username, workspace, member.RoleRef)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
klog.Error(err)
|
klog.Error(err)
|
||||||
handleError(request, response, err)
|
handleError(request, response, err)
|
||||||
@@ -948,7 +948,7 @@ func (h *iamHandler) UpdateWorkspaceMember(request *restful.Request, response *r
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
err = h.am.CreateWorkspaceRoleBinding(member.Username, workspace, member.RoleRef)
|
err = h.am.CreateUserWorkspaceRoleBinding(member.Username, workspace, member.RoleRef)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
klog.Error(err)
|
klog.Error(err)
|
||||||
handleError(request, response, err)
|
handleError(request, response, err)
|
||||||
@@ -1534,7 +1534,7 @@ func (h *iamHandler) CreateRoleBinding(request *restful.Request, response *restf
|
|||||||
|
|
||||||
results := []rbacv1.RoleBinding{}
|
results := []rbacv1.RoleBinding{}
|
||||||
for _, item := range roleBindings {
|
for _, item := range roleBindings {
|
||||||
r, err := h.am.CreateRoleBindings(namespace, &item)
|
r, err := h.am.CreateRoleBinding(namespace, &item)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
klog.Error(err)
|
klog.Error(err)
|
||||||
handleError(request, response, err)
|
handleError(request, response, err)
|
||||||
@@ -1550,7 +1550,7 @@ func (h *iamHandler) DeleteRoleBinding(request *restful.Request, response *restf
|
|||||||
name := request.PathParameter("rolebinding")
|
name := request.PathParameter("rolebinding")
|
||||||
namespace := request.PathParameter("namespace")
|
namespace := request.PathParameter("namespace")
|
||||||
|
|
||||||
err := h.am.DeleteRoleBindings(namespace, name)
|
err := h.am.DeleteRoleBinding(namespace, name)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.IsNotFound(err) {
|
if errors.IsNotFound(err) {
|
||||||
@@ -1591,7 +1591,7 @@ func (h *iamHandler) CreateWorkspaceRoleBinding(request *restful.Request, respon
|
|||||||
|
|
||||||
results := []iamv1alpha2.WorkspaceRoleBinding{}
|
results := []iamv1alpha2.WorkspaceRoleBinding{}
|
||||||
for _, item := range roleBindings {
|
for _, item := range roleBindings {
|
||||||
r, err := h.am.CreateWorkspaceRoleBindings(workspaceName, &item)
|
r, err := h.am.CreateWorkspaceRoleBinding(workspaceName, &item)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
klog.Error(err)
|
klog.Error(err)
|
||||||
handleError(request, response, err)
|
handleError(request, response, err)
|
||||||
@@ -1607,7 +1607,7 @@ func (h *iamHandler) DeleteWorkspaceRoleBinding(request *restful.Request, respon
|
|||||||
workspaceName := request.PathParameter("workspace")
|
workspaceName := request.PathParameter("workspace")
|
||||||
name := request.PathParameter("rolebinding")
|
name := request.PathParameter("rolebinding")
|
||||||
|
|
||||||
err := h.am.DeleteWorkspaceRoleBindings(workspaceName, name)
|
err := h.am.DeleteWorkspaceRoleBinding(workspaceName, name)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.IsNotFound(err) {
|
if errors.IsNotFound(err) {
|
||||||
|
|||||||
@@ -66,7 +66,7 @@ type AccessManagementInterface interface {
|
|||||||
GetNamespaceRole(namespace string, name string) (*rbacv1.Role, error)
|
GetNamespaceRole(namespace string, name string) (*rbacv1.Role, error)
|
||||||
CreateOrUpdateNamespaceRole(namespace string, role *rbacv1.Role) (*rbacv1.Role, error)
|
CreateOrUpdateNamespaceRole(namespace string, role *rbacv1.Role) (*rbacv1.Role, error)
|
||||||
DeleteNamespaceRole(namespace string, name string) error
|
DeleteNamespaceRole(namespace string, name string) error
|
||||||
CreateWorkspaceRoleBinding(username string, workspace string, role string) error
|
CreateUserWorkspaceRoleBinding(username string, workspace string, role string) error
|
||||||
RemoveUserFromWorkspace(username string, workspace string) error
|
RemoveUserFromWorkspace(username string, workspace string) error
|
||||||
CreateNamespaceRoleBinding(username string, namespace string, role string) error
|
CreateNamespaceRoleBinding(username string, namespace string, role string) error
|
||||||
RemoveUserFromNamespace(username string, namespace string) error
|
RemoveUserFromNamespace(username string, namespace string) error
|
||||||
@@ -79,11 +79,11 @@ type AccessManagementInterface interface {
|
|||||||
PatchClusterRole(clusterRole *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error)
|
PatchClusterRole(clusterRole *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error)
|
||||||
ListGroupRoleBindings(workspace, group string) ([]*rbacv1.RoleBinding, error)
|
ListGroupRoleBindings(workspace, group string) ([]*rbacv1.RoleBinding, error)
|
||||||
ListGroupDevOpsRoleBindings(workspace, group string) ([]*rbacv1.RoleBinding, error)
|
ListGroupDevOpsRoleBindings(workspace, group string) ([]*rbacv1.RoleBinding, error)
|
||||||
CreateRoleBindings(namespace string, roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error)
|
CreateRoleBinding(namespace string, roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error)
|
||||||
DeleteRoleBindings(namespace, name string) error
|
DeleteRoleBinding(namespace, name string) error
|
||||||
ListGroupWorkspaceRoleBindings(group string, workspace string) ([]*iamv1alpha2.WorkspaceRoleBinding, error)
|
ListGroupWorkspaceRoleBindings(group string, workspace string) ([]*iamv1alpha2.WorkspaceRoleBinding, error)
|
||||||
CreateWorkspaceRoleBindings(workspace string, roleBinding *iamv1alpha2.WorkspaceRoleBinding) (*iamv1alpha2.WorkspaceRoleBinding, error)
|
CreateWorkspaceRoleBinding(workspace string, roleBinding *iamv1alpha2.WorkspaceRoleBinding) (*iamv1alpha2.WorkspaceRoleBinding, error)
|
||||||
DeleteWorkspaceRoleBindings(workspaceName, name string) error
|
DeleteWorkspaceRoleBinding(workspaceName, name string) error
|
||||||
}
|
}
|
||||||
|
|
||||||
type amOperator struct {
|
type amOperator struct {
|
||||||
@@ -575,7 +575,7 @@ func (am *amOperator) PatchClusterRole(clusterRole *rbacv1.ClusterRole) (*rbacv1
|
|||||||
return am.k8sclient.RbacV1().ClusterRoles().Patch(clusterRole.Name, types.MergePatchType, data)
|
return am.k8sclient.RbacV1().ClusterRoles().Patch(clusterRole.Name, types.MergePatchType, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am *amOperator) CreateWorkspaceRoleBinding(username string, workspace string, role string) error {
|
func (am *amOperator) CreateUserWorkspaceRoleBinding(username string, workspace string, role string) error {
|
||||||
_, err := am.GetWorkspaceRole(workspace, role)
|
_, err := am.GetWorkspaceRole(workspace, role)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
klog.Error(err)
|
klog.Error(err)
|
||||||
@@ -1027,7 +1027,7 @@ func (am *amOperator) ListGroupWorkspaceRoleBindings(workspace, group string) ([
|
|||||||
return result, nil
|
return result, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am *amOperator) CreateWorkspaceRoleBindings(workspace string, roleBinding *iamv1alpha2.WorkspaceRoleBinding) (*iamv1alpha2.WorkspaceRoleBinding, error) {
|
func (am *amOperator) CreateWorkspaceRoleBinding(workspace string, roleBinding *iamv1alpha2.WorkspaceRoleBinding) (*iamv1alpha2.WorkspaceRoleBinding, error) {
|
||||||
|
|
||||||
_, err := am.GetWorkspaceRole(workspace, roleBinding.RoleRef.Name)
|
_, err := am.GetWorkspaceRole(workspace, roleBinding.RoleRef.Name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -1057,7 +1057,7 @@ func (am *amOperator) CreateWorkspaceRoleBindings(workspace string, roleBinding
|
|||||||
return am.ksclient.IamV1alpha2().WorkspaceRoleBindings().Create(roleBinding)
|
return am.ksclient.IamV1alpha2().WorkspaceRoleBindings().Create(roleBinding)
|
||||||
|
|
||||||
}
|
}
|
||||||
func (am *amOperator) DeleteWorkspaceRoleBindings(workspaceName, name string) error {
|
func (am *amOperator) DeleteWorkspaceRoleBinding(workspaceName, name string) error {
|
||||||
return am.ksclient.IamV1alpha2().WorkspaceRoleBindings().Delete(name, metav1.NewDeleteOptions(0))
|
return am.ksclient.IamV1alpha2().WorkspaceRoleBindings().Delete(name, metav1.NewDeleteOptions(0))
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1111,7 +1111,7 @@ func (am *amOperator) ListGroupDevOpsRoleBindings(workspace, group string) ([]*r
|
|||||||
return result, nil
|
return result, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am *amOperator) CreateRoleBindings(namespace string, roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) {
|
func (am *amOperator) CreateRoleBinding(namespace string, roleBinding *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) {
|
||||||
|
|
||||||
_, err := am.GetNamespaceRole(namespace, roleBinding.RoleRef.Name)
|
_, err := am.GetNamespaceRole(namespace, roleBinding.RoleRef.Name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -1139,7 +1139,7 @@ func (am *amOperator) CreateRoleBindings(namespace string, roleBinding *rbacv1.R
|
|||||||
return am.k8sclient.RbacV1().RoleBindings(namespace).Create(roleBinding)
|
return am.k8sclient.RbacV1().RoleBindings(namespace).Create(roleBinding)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (am *amOperator) DeleteRoleBindings(namespace, name string) error {
|
func (am *amOperator) DeleteRoleBinding(namespace, name string) error {
|
||||||
return am.k8sclient.RbacV1().RoleBindings(namespace).Delete(name, metav1.NewDeleteOptions(0))
|
return am.k8sclient.RbacV1().RoleBindings(namespace).Delete(name, metav1.NewDeleteOptions(0))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user