From acfcd619e471c9dde14fcbe505b317893a6c9456 Mon Sep 17 00:00:00 2001
From: hongming <talonwan@yunify.com>
Date: Mon, 21 Oct 2019 14:24:47 +0800
Subject: [PATCH] feat: support user-facing role filter

Signed-off-by: hongming <talonwan@yunify.com>
---
 pkg/models/resources/clusterroles.go |  3 ++-
 pkg/models/resources/resources.go    |  1 +
 pkg/models/resources/roles.go        | 14 ++++++++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/pkg/models/resources/clusterroles.go b/pkg/models/resources/clusterroles.go
index 09078dec9..e0dfac238 100644
--- a/pkg/models/resources/clusterroles.go
+++ b/pkg/models/resources/clusterroles.go
@@ -58,7 +58,7 @@ func (*clusterRoleSearcher) match(match map[string]string, item *rbac.ClusterRol
 			if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
 				return false
 			}
-		case "userfacing":
+		case UserFacing:
 			if v == "true" {
 				if !isUserFacingClusterRole(item) {
 					return false
@@ -145,6 +145,7 @@ func (s *clusterRoleSearcher) search(namespace string, conditions *params.Condit
 	return r, nil
 }
 
+// cluster role created by user from kubesphere dashboard
 func isUserFacingClusterRole(role *rbac.ClusterRole) bool {
 	if role.Annotations[constants.CreatorAnnotationKey] != "" && role.Labels[constants.WorkspaceLabelKey] == "" {
 		return true
diff --git a/pkg/models/resources/resources.go b/pkg/models/resources/resources.go
index 0edae5bfc..42a8ebda0 100644
--- a/pkg/models/resources/resources.go
+++ b/pkg/models/resources/resources.go
@@ -74,6 +74,7 @@ const (
 	release                  = "release"
 	annotation               = "annotation"
 	Keyword                  = "keyword"
+	UserFacing               = "userfacing"
 	Status                   = "status"
 	includeCronJob           = "includeCronJob"
 	storageClassName         = "storageClassName"
diff --git a/pkg/models/resources/roles.go b/pkg/models/resources/roles.go
index 24786904c..b08f30ef6 100644
--- a/pkg/models/resources/roles.go
+++ b/pkg/models/resources/roles.go
@@ -49,6 +49,12 @@ func (*roleSearcher) match(match map[string]string, item *rbac.Role) bool {
 			if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
 				return false
 			}
+		case UserFacing:
+			if v == "true" {
+				if !isUserFacingRole(item) {
+					return false
+				}
+			}
 		default:
 			// label not exist or value not equal
 			if val, ok := item.Labels[k]; !ok || val != v {
@@ -129,3 +135,11 @@ func (s *roleSearcher) search(namespace string, conditions *params.Conditions, o
 	}
 	return r, nil
 }
+
+// role created by user from kubesphere dashboard
+func isUserFacingRole(role *rbac.Role) bool {
+	if role.Annotations[constants.CreatorAnnotationKey] != "" {
+		return true
+	}
+	return false
+}