fix: label filter

Signed-off-by: hongming <talonwan@yunify.com>

pkg/controller/namespace/namespace_controller.go

@@ -265,7 +265,7 @@ func (r *ReconcileNamespace) initRoles(namespace *corev1.Namespace) error {
 	for _, roleBase := range roleBases.Items {
 		var role rbacv1.Role
 
-		if err = yaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(roleBase.Role.Raw), 1024).Decode(&role); err == nil {
+		if err = yaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(roleBase.Role.Raw), 1024).Decode(&role); err == nil && role.Kind == iamv1alpha2.ResourceKindRole {
 			var old rbacv1.Role
 			err := r.Client.Get(context.Background(), types.NamespacedName{Namespace: namespace.Name, Name: role.Name}, &old)
 			if err != nil {

pkg/controller/workspacetemplate/workspacetemplate_controller.go

@@ -458,7 +458,7 @@ func (r *Controller) initRoles(workspace *tenantv1alpha2.WorkspaceTemplate) erro
 
 	for _, roleBase := range roleBases {
 		var role iamv1alpha2.WorkspaceRole
-		if err = yaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(roleBase.Role.Raw), 1024).Decode(&role); err == nil {
+		if err = yaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(roleBase.Role.Raw), 1024).Decode(&role); err == nil && role.Kind == iamv1alpha2.ResourceKindWorkspaceRole {
 			old, err := r.workspaceRoleLister.Get(fmt.Sprintf("%s-%s", workspace.Name, role.Name))
 			if err != nil {
 				if errors.IsNotFound(err) {

pkg/models/iam/am/am.go

@@ -114,7 +114,7 @@ func (am *amOperator) GetGlobalRoleOfUser(username string) (*iamv1alpha2.GlobalR
 	}
 
 	err = errors.NewNotFound(iamv1alpha2.Resource(iamv1alpha2.ResourcesSingularGlobalRoleBinding), username)
-	klog.Error(err)
+	klog.V(4).Info(err)
 	return nil, err
 }
 
@@ -148,7 +148,7 @@ func (am *amOperator) GetWorkspaceRoleOfUser(username, workspace string) (*iamv1
 	}
 
 	err = errors.NewNotFound(iamv1alpha2.Resource(iamv1alpha2.ResourcesSingularWorkspaceRoleBinding), username)
-	klog.Error(err)
+	klog.V(4).Info(err)
 	return nil, err
 }
 
@@ -179,7 +179,7 @@ func (am *amOperator) GetNamespaceRoleOfUser(username, namespace string) (*rbacv
 	}
 
 	err = errors.NewNotFound(iamv1alpha2.Resource(iamv1alpha2.ResourcesSingularRoleBinding), username)
-	klog.Error(err)
+	klog.V(4).Info(err)
 	return nil, err
 }
 
@@ -211,7 +211,7 @@ func (am *amOperator) GetClusterRoleOfUser(username string) (*rbacv1.ClusterRole
 	}
 
 	err = errors.NewNotFound(iamv1alpha2.Resource(iamv1alpha2.ResourcesSingularClusterRoleBinding), username)
-	klog.Error(err)
+	klog.V(4).Info(err)
 	return nil, err
 }
 

pkg/models/resources/v1alpha3/interface.go

@@ -5,7 +5,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/apiserver/query"
-	"kubesphere.io/kubesphere/pkg/constants"
 	"sort"
 	"strings"
 )
@@ -92,7 +91,7 @@ func DefaultObjectMetaFilter(item metav1.ObjectMeta, filter query.Filter) bool {
 	switch filter.Field {
 	case query.FieldNames:
 		for _, name := range strings.Split(string(filter.Value), ",") {
-			if item.Name == name || item.Annotations[constants.DisplayNameAnnotationKey] == name {
+			if item.Name == name {
 				return true
 			}
 		}
@@ -133,7 +132,6 @@ func DefaultObjectMetaFilter(item metav1.ObjectMeta, filter query.Filter) bool {
 	}
 }
 
-// Filter format (key!?=)?value,if the key is defined, the key must match exactly, value match according to strings.Contains.
 func labelMatch(labels map[string]string, filter string) bool {
 	fields := strings.SplitN(filter, "=", 2)
 	var key, value string
@@ -150,11 +148,11 @@ func labelMatch(labels map[string]string, filter string) bool {
 	}
 	for k, v := range labels {
 		if opposite {
-			if (key == "" || k == key) && !strings.Contains(v, value) {
+			if (key == "" || k == key) && v != value {
 				return true
 			}
 		} else {
-			if (key == "" || k == key) && strings.Contains(v, value) {
+			if (key == "" || k == key) && v == value {
 				return true
 			}
 		}