code refactor (#1786)

* implement LDAP mock client Signed-off-by: hongming <talonwan@yunify.com> * update Signed-off-by: hongming <talonwan@yunify.com> * update Signed-off-by: hongming <talonwan@yunify.com> * resolve conflict Signed-off-by: hongming <talonwan@yunify.com>
2020-02-24 15:39:36 +08:00
parent 96aee0e60b
commit abf9fee845
39 changed files with 1338 additions and 2467 deletions
--- a/pkg/kapis/tenant/v1alpha2/devops.go
+++ b/pkg/kapis/tenant/v1alpha2/devops.go
@@ -1,154 +0,0 @@
-/*
-
- Copyright 2019 The KubeSphere Authors.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
-*/
-package v1alpha2
-
-import (
-	"github.com/emicklei/go-restful"
-	"k8s.io/klog"
-	"kubesphere.io/kubesphere/pkg/api"
-	devopsv1alpha2 "kubesphere.io/kubesphere/pkg/api/devops/v1alpha2"
-	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
-	"kubesphere.io/kubesphere/pkg/server/params"
-	"net/http"
-)
-
-func (h *tenantHandler) DeleteDevOpsProjectHandler(req *restful.Request, resp *restful.Response) {
-	projectId := req.PathParameter("devops")
-	workspaceName := req.PathParameter("workspace")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	_, err := h.tenant.GetWorkspace(workspaceName)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
-		return
-	}
-
-	err = h.tenant.DeleteDevOpsProject(projectId, username)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
-		return
-	}
-
-	resp.WriteAsJson(errors.None)
-}
-
-func (h *tenantHandler) CreateDevOpsProjectHandler(req *restful.Request, resp *restful.Response) {
-
-	workspaceName := req.PathParameter("workspace")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	var devops devopsv1alpha2.DevOpsProject
-
-	err := req.ReadEntity(&devops)
-
-	if err != nil {
-		klog.Infof("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
-		return
-	}
-
-	klog.Infoln("create workspace", username, workspaceName, devops)
-	project, err := h.tenant.CreateDevOpsProject(username, workspaceName, &devops)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
-		return
-	}
-
-	resp.WriteAsJson(project)
-}
-
-func (h *tenantHandler) GetDevOpsProjectsCountHandler(req *restful.Request, resp *restful.Response) {
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	result, err := h.tenant.GetDevOpsProjectsCount(username)
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
-		return
-	}
-	resp.WriteAsJson(struct {
-		Count uint32 `json:"count"`
-	}{Count: result})
-}
-
-func (h *tenantHandler) ListDevOpsProjectsHandler(req *restful.Request, resp *restful.Response) {
-
-	workspace := req.PathParameter("workspace")
-	username := req.PathParameter("member")
-	if username == "" {
-		username = req.HeaderParameter(constants.UserNameHeader)
-	}
-	orderBy := req.QueryParameter(params.OrderByParam)
-	reverse := params.GetBoolValueWithDefault(req, params.ReverseParam, false)
-	limit, offset := params.ParsePaging(req)
-	conditions, err := params.ParseConditions(req)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
-		return
-	}
-
-	result, err := h.tenant.ListDevOpsProjects(workspace, username, conditions, orderBy, reverse, limit, offset)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
-		return
-	}
-
-	resp.WriteAsJson(result)
-}
-
-func (h *tenantHandler) ListDevOpsRules(req *restful.Request, resp *restful.Response) {
-
-	devops := req.PathParameter("devops")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	rules, err := h.tenant.GetUserDevOpsSimpleRules(username, devops)
-
-	if err != nil {
-		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
-		return
-	}
-
-	resp.WriteAsJson(rules)
-}
-
-func (h *tenantHandler) ListDevopsRules(req *restful.Request, resp *restful.Response) {
-
-	devops := req.PathParameter("devops")
-	username := req.HeaderParameter(constants.UserNameHeader)
-
-	rules, err := h.tenant.GetUserDevOpsSimpleRules(username, devops)
-
-	if err != nil {
-		api.HandleInternalError(resp, err)
-		return
-	}
-
-	resp.WriteAsJson(rules)
-}
--- a/pkg/kapis/tenant/v1alpha2/handler.go
+++ b/pkg/kapis/tenant/v1alpha2/handler.go
@@ -11,12 +11,15 @@ import (
 	loggingv1alpha2 "kubesphere.io/kubesphere/pkg/api/logging/v1alpha2"
 	"kubesphere.io/kubesphere/pkg/apiserver/logging"
 	"kubesphere.io/kubesphere/pkg/constants"
+	"kubesphere.io/kubesphere/pkg/informers"
 	"kubesphere.io/kubesphere/pkg/models/iam"
 	"kubesphere.io/kubesphere/pkg/models/metrics"
 	"kubesphere.io/kubesphere/pkg/models/resources/v1alpha2"
 	"kubesphere.io/kubesphere/pkg/models/tenant"
-	"kubesphere.io/kubesphere/pkg/server/errors"
+	apierr "kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/server/params"
+	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
+	"kubesphere.io/kubesphere/pkg/simple/client/mysql"
 	"kubesphere.io/kubesphere/pkg/utils/sliceutil"
 	"net/http"
 	"strings"
@@ -24,24 +27,31 @@ import (

 type tenantHandler struct {
 	tenant tenant.Interface
+	am     iam.AccessManagementInterface
 }

-func newTenantHandler() *tenantHandler {
-	return &tenantHandler{}
+func newTenantHandler(k8sClient k8s.Client, db *mysql.Database) *tenantHandler {
+	factory := informers.NewInformerFactories(k8sClient.Kubernetes(), k8sClient.KubeSphere(), k8sClient.S2i(), k8sClient.Application())
+
+	return &tenantHandler{
+		tenant: tenant.New(k8sClient.Kubernetes(), factory.KubernetesSharedInformerFactory(), factory.KubeSphereSharedInformerFactory(), db),
+		am:     iam.NewAMOperator(factory.KubernetesSharedInformerFactory()),
+	}
 }

 func (h *tenantHandler) ListWorkspaceRules(req *restful.Request, resp *restful.Response) {
 	workspace := req.PathParameter("workspace")
 	username := req.HeaderParameter(constants.UserNameHeader)

-	rules, err := iam.GetUserWorkspaceSimpleRules(workspace, username)
+	rules, err := h.tenant.GetWorkspaceSimpleRules(workspace, username)

 	if err != nil {
+		klog.Errorln(err)
 		api.HandleInternalError(resp, err)
 		return
 	}

-	resp.WriteAsJson(rules)
+	resp.WriteEntity(rules)
 }

 func (h *tenantHandler) ListWorkspaces(req *restful.Request, resp *restful.Response) {
@@ -52,6 +62,7 @@ func (h *tenantHandler) ListWorkspaces(req *restful.Request, resp *restful.Respo
 	conditions, err := params.ParseConditions(req)

 	if err != nil {
+		klog.Errorln(err)
 		api.HandleBadRequest(resp, err)
 		return
 	}
@@ -180,9 +191,49 @@ func (h *tenantHandler) DeleteNamespace(req *restful.Request, resp *restful.Resp
 		return
 	}

-	resp.WriteAsJson(errors.None)
+	resp.WriteAsJson(apierr.None)
 }

+func (h *tenantHandler) ListDevopsProjects(req *restful.Request, resp *restful.Response) {
+
+	workspace := req.PathParameter("workspace")
+	username := req.PathParameter("member")
+	if username == "" {
+		username = req.HeaderParameter(constants.UserNameHeader)
+	}
+	orderBy := params.GetStringValueWithDefault(req, params.OrderByParam, v1alpha2.CreateTime)
+	limit, offset := params.ParsePaging(req)
+	reverse := params.GetBoolValueWithDefault(req, params.ReverseParam, true)
+	conditions, err := params.ParseConditions(req)
+
+	if err != nil {
+		api.HandleBadRequest(resp, err)
+		return
+	}
+	conditions.Match["workspace"] = workspace
+
+	result, err := h.tenant.ListDevopsProjects(username, conditions, orderBy, reverse, limit, offset)
+
+	if err != nil {
+		api.HandleInternalError(resp, err)
+		return
+	}
+
+	resp.WriteEntity(result)
+}
+
+func (h *tenantHandler) GetDevOpsProjectsCount(req *restful.Request, resp *restful.Response) {
+	username := req.HeaderParameter(constants.UserNameHeader)
+
+	result, err := h.tenant.ListDevopsProjects(username, nil, "", false, 1, 0)
+	if err != nil {
+		api.HandleInternalError(resp, err)
+		return
+	}
+	resp.WriteEntity(struct {
+		Count int `json:"count"`
+	}{Count: result.TotalCount})
+}
 func (h *tenantHandler) DeleteDevopsProject(req *restful.Request, resp *restful.Response) {
 	projectId := req.PathParameter("devops")
 	workspace := req.PathParameter("workspace")
@@ -195,21 +246,40 @@ func (h *tenantHandler) DeleteDevopsProject(req *restful.Request, resp *restful.
 		return
 	}

-	err = h.tenant.DeleteDevOpsProject(projectId, username)
+	err = h.tenant.DeleteDevOpsProject(username, projectId)

 	if err != nil {
 		api.HandleInternalError(resp, err)
 		return
 	}

-	resp.WriteAsJson(errors.None)
+	resp.WriteEntity(apierr.None)
+}
+
+func (h *tenantHandler) CreateDevopsProject(req *restful.Request, resp *restful.Response) {
+
 }

 func (h *tenantHandler) ListNamespaceRules(req *restful.Request, resp *restful.Response) {
 	namespace := req.PathParameter("namespace")
 	username := req.HeaderParameter(constants.UserNameHeader)

-	rules, err := iam.GetUserNamespaceSimpleRules(namespace, username)
+	rules, err := h.tenant.GetNamespaceSimpleRules(namespace, username)
+
+	if err != nil {
+		api.HandleInternalError(resp, err)
+		return
+	}
+
+	resp.WriteAsJson(rules)
+}
+
+func (h *tenantHandler) ListDevopsRules(req *restful.Request, resp *restful.Response) {
+
+	devops := req.PathParameter("devops")
+	username := req.HeaderParameter(constants.UserNameHeader)
+
+	rules, err := h.tenant.GetUserDevopsSimpleRules(username, devops)

 	if err != nil {
 		api.HandleInternalError(resp, err)
@@ -247,19 +317,20 @@ func (h *tenantHandler) regenerateLoggingRequest(req *restful.Request) (*restful
 	newUrl := net.FormatURL("http", "127.0.0.1", 80, "/kapis/logging.kubesphere.io/v1alpha2/cluster")
 	values := req.Request.URL.Query()

-	clusterRules, err := iam.GetUserClusterRules(username)
+	clusterRoleRules, err := h.am.GetClusterPolicyRules(username)
+
 	if err != nil {
 		klog.Errorln(err)
 		return nil, err
 	}

-	hasClusterLogAccess := iam.RulesMatchesRequired(clusterRules, rbacv1.PolicyRule{Verbs: []string{"get"}, Resources: []string{"*"}, APIGroups: []string{"logging.kubesphere.io"}})
+	hasClusterLogAccess := iam.RulesMatchesRequired(clusterRoleRules, rbacv1.PolicyRule{Verbs: []string{"get"}, Resources: []string{"*"}, APIGroups: []string{"logging.kubesphere.io"}})
 	// if the user is not a cluster admin
 	if !hasClusterLogAccess {
 		queryNamespaces := strings.Split(req.QueryParameter("namespaces"), ",")
 		// then the user can only view logs of namespaces he belongs to
 		namespaces := make([]string, 0)
-		roles, err := iam.GetUserRoles("", username)
+		roles, err := h.am.GetRoles("", username)
 		if err != nil {
 			klog.Errorln(err)
 			return nil, err
--- a/pkg/kapis/tenant/v1alpha2/register.go
+++ b/pkg/kapis/tenant/v1alpha2/register.go
@@ -32,6 +32,8 @@ import (
 	"kubesphere.io/kubesphere/pkg/models/iam"
 	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/server/params"
+	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
+	"kubesphere.io/kubesphere/pkg/simple/client/mysql"

 	"net/http"
 )
@@ -42,9 +44,9 @@ const (

 var GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"}

-func AddToContainer(c *restful.Container) error {
+func AddToContainer(c *restful.Container, k8sClient k8s.Client, db *mysql.Database) error {
 	ws := runtime.NewWebService(GroupVersion)
-	handler := newTenantHandler()
+	handler := newTenantHandler(k8sClient, db)

 	ws.Route(ws.GET("/workspaces").
 		To(handler.ListWorkspaces).
@@ -103,7 +105,7 @@ func AddToContainer(c *restful.Container) error {
 		Metadata(restfulspec.KeyOpenAPITags, []string{constants.TenantResourcesTag}))

 	ws.Route(ws.GET("/workspaces/{workspace}/devops").
-		To(handler.ListDevOpsProjectsHandler).
+		To(handler.ListDevopsProjects).
 		Param(ws.PathParameter("workspace", "workspace name")).
 		Param(ws.QueryParameter(params.PagingParam, "page").
 			Required(false).
@@ -115,7 +117,7 @@ func AddToContainer(c *restful.Container) error {
 		Doc("List devops projects for the current user").
 		Metadata(restfulspec.KeyOpenAPITags, []string{constants.TenantResourcesTag}))
 	ws.Route(ws.GET("/workspaces/{workspace}/members/{member}/devops").
-		To(handler.ListDevOpsProjectsHandler).
+		To(handler.ListDevopsProjects).
 		Param(ws.PathParameter("workspace", "workspace name")).
 		Param(ws.PathParameter("member", "workspace member's username")).
 		Param(ws.QueryParameter(params.PagingParam, "page").
@@ -129,14 +131,14 @@ func AddToContainer(c *restful.Container) error {
 		Doc("List the devops projects for the workspace member").
 		Metadata(restfulspec.KeyOpenAPITags, []string{constants.TenantResourcesTag}))
 	ws.Route(ws.GET("/devopscount").
-		To(handler.GetDevOpsProjectsCountHandler).
+		To(handler.GetDevOpsProjectsCount).
 		Returns(http.StatusOK, api.StatusOK, struct {
 			Count uint32 `json:"count"`
 		}{}).
 		Doc("Get the devops projects count for the member").
 		Metadata(restfulspec.KeyOpenAPITags, []string{constants.TenantResourcesTag}))
 	ws.Route(ws.POST("/workspaces/{workspace}/devops").
-		To(handler.CreateDevOpsProjectHandler).
+		To(handler.CreateDevopsProject).
 		Param(ws.PathParameter("workspace", "workspace name")).
 		Doc("Create a devops project in the specified workspace").
 		Reads(devopsv1alpha2.DevOpsProject{}).