code refactor (#1924)

* code refactor
Signed-off-by: Nhongming <talonwan@yunify.com>

* code refactor
Signed-off-by: Nhongming <talonwan@yunify.com>

pkg/apigateway/caddy-plugin/authentication/authentication.go

@@ -25,8 +25,8 @@ import (
 	"k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/client-go/informers"
 	"kubesphere.io/kubesphere/pkg/apigateway/caddy-plugin/internal"
+	"kubesphere.io/kubesphere/pkg/models/iam"
 	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
-	"kubesphere.io/kubesphere/pkg/utils/k8sutil"
 	"log"
 	"net/http"
 	"strings"
@@ -140,7 +140,7 @@ func (c *Authentication) roleValidate(attrs authorizer.Attributes) (bool, error)
 	}
 
 	for _, roleBinding := range roleBindings {
-		if k8sutil.ContainsUser(roleBinding.Subjects, attrs.GetUser().GetName()) {
+		if iam.ContainsUser(roleBinding.Subjects, attrs.GetUser().GetName()) {
 			role, err := roleLister.Roles(attrs.GetNamespace()).Get(roleBinding.RoleRef.Name)
 
 			if err != nil {
@@ -171,7 +171,7 @@ func (c *Authentication) clusterRoleValidate(attrs authorizer.Attributes) (bool,
 
 	for _, clusterRoleBinding := range clusterRoleBindings {
 
-		if k8sutil.ContainsUser(clusterRoleBinding.Subjects, attrs.GetUser().GetName()) {
+		if iam.ContainsUser(clusterRoleBinding.Subjects, attrs.GetUser().GetName()) {
 			clusterRole, err := clusterRoleLister.Get(clusterRoleBinding.RoleRef.Name)
 
 			if err != nil {

pkg/controller/namespace/namespace_controller.go

@@ -32,8 +32,8 @@ import (
 	"k8s.io/klog"
 	"kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
 	"kubesphere.io/kubesphere/pkg/constants"
+	"kubesphere.io/kubesphere/pkg/models/iam"
 	"kubesphere.io/kubesphere/pkg/simple/client/openpitrix"
-	"kubesphere.io/kubesphere/pkg/utils/k8sutil"
 	"kubesphere.io/kubesphere/pkg/utils/sliceutil"
 	"openpitrix.io/openpitrix/pkg/pb"
 	"reflect"
@@ -261,7 +261,7 @@ func (r *ReconcileNamespace) checkAndCreateRoleBindings(namespace *corev1.Namesp
 		if adminBinding.Subjects == nil {
 			adminBinding.Subjects = make([]rbac.Subject, 0)
 		}
-		if !k8sutil.ContainsUser(adminBinding.Subjects, creatorName) {
+		if !iam.ContainsUser(adminBinding.Subjects, creatorName) {
 			adminBinding.Subjects = append(adminBinding.Subjects, creator)
 		}
 	}

pkg/kapis/devops/v1alpha2/member.go

@@ -18,12 +18,11 @@ import (
 	"github.com/asaskevich/govalidator"
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/server/params"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
 	"kubesphere.io/kubesphere/pkg/utils/reflectutils"
-	"net/http"
 )
 
 func (h ProjectPipelineHandler) GetDevOpsProjectMembersHandler(request *restful.Request, resp *restful.Response) {
@@ -34,7 +33,7 @@ func (h ProjectPipelineHandler) GetDevOpsProjectMembersHandler(request *restful.
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, devops.AllRoleSlice)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	orderBy := request.QueryParameter(params.OrderByParam)
@@ -46,7 +45,7 @@ func (h ProjectPipelineHandler) GetDevOpsProjectMembersHandler(request *restful.
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -63,14 +62,14 @@ func (h ProjectPipelineHandler) GetDevOpsProjectMemberHandler(request *restful.R
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, devops.AllRoleSlice)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	project, err := h.projectMemberOperator.GetProjectMember(projectId, member)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -86,26 +85,26 @@ func (h ProjectPipelineHandler) AddDevOpsProjectMemberHandler(request *restful.R
 	err := request.ReadEntity(&member)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if govalidator.IsNull(member.Username) {
 		err := fmt.Errorf("error need username")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if !reflectutils.In(member.Role, devops.AllRoleSlice) {
 		err := fmt.Errorf("err role [%s] not in [%s]", member.Role,
 			devops.AllRoleSlice)
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	err = h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 
@@ -114,7 +113,7 @@ func (h ProjectPipelineHandler) AddDevOpsProjectMemberHandler(request *restful.R
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -130,41 +129,41 @@ func (h ProjectPipelineHandler) UpdateDevOpsProjectMemberHandler(request *restfu
 	err := request.ReadEntity(&member)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	member.Username = request.PathParameter("member")
 	if govalidator.IsNull(member.Username) {
 		err := fmt.Errorf("error need username")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if username == member.Username {
 		err := fmt.Errorf("you can not change your role")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if !reflectutils.In(member.Role, devops.AllRoleSlice) {
 		err := fmt.Errorf("err role [%s] not in [%s]", member.Role,
 			devops.AllRoleSlice)
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 
 	err = h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	project, err := h.projectMemberOperator.UpdateProjectMember(projectId, member)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -181,13 +180,13 @@ func (h ProjectPipelineHandler) DeleteDevOpsProjectMemberHandler(request *restfu
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	username, err = h.projectMemberOperator.DeleteProjectMember(projectId, member)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	resp.WriteAsJson(struct {

pkg/kapis/devops/v1alpha2/pipeline_sonar.go

@@ -3,10 +3,9 @@ package v1alpha2
 import (
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
-	"net/http"
 )
 
 func (h PipelineSonarHandler) GetPipelineSonarStatusHandler(request *restful.Request, resp *restful.Response) {
@@ -16,13 +15,13 @@ func (h PipelineSonarHandler) GetPipelineSonarStatusHandler(request *restful.Req
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, devops.AllRoleSlice)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	sonarStatus, err := h.pipelineSonarGetter.GetPipelineSonar(projectId, pipelineId)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	resp.WriteAsJson(sonarStatus)
@@ -36,13 +35,13 @@ func (h PipelineSonarHandler) GetMultiBranchesPipelineSonarStatusHandler(request
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, devops.AllRoleSlice)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	sonarStatus, err := h.pipelineSonarGetter.GetMultiBranchPipelineSonar(projectId, pipelineId, branchId)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	resp.WriteAsJson(sonarStatus)

pkg/kapis/devops/v1alpha2/project.go

@@ -16,11 +16,10 @@ package v1alpha2
 import (
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/api/devops/v1alpha2"
 	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
-	"net/http"
 )
 
 func (h ProjectPipelineHandler) GetDevOpsProjectHandler(request *restful.Request, resp *restful.Response) {
@@ -31,14 +30,14 @@ func (h ProjectPipelineHandler) GetDevOpsProjectHandler(request *restful.Request
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, devops.AllRoleSlice)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	project, err := h.projectOperator.GetProject(projectId)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -54,21 +53,21 @@ func (h ProjectPipelineHandler) UpdateProjectHandler(request *restful.Request, r
 	err := request.ReadEntity(&project)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	project.ProjectId = projectId
 	err = h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	project, err = h.projectOperator.UpdateProject(project)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 

pkg/kapis/devops/v1alpha2/project_credential.go

@@ -16,10 +16,9 @@ package v1alpha2
 import (
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
-	"net/http"
 )
 
 func (h ProjectPipelineHandler) CreateDevOpsProjectCredentialHandler(request *restful.Request, resp *restful.Response) {
@@ -30,14 +29,14 @@ func (h ProjectPipelineHandler) CreateDevOpsProjectCredentialHandler(request *re
 	err := request.ReadEntity(&credential)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	credentialId, err := h.projectCredentialOperator.CreateProjectCredential(projectId, username, credential)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -55,14 +54,14 @@ func (h ProjectPipelineHandler) UpdateDevOpsProjectCredentialHandler(request *re
 	err := request.ReadEntity(&credential)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	credentialId, err = h.projectCredentialOperator.UpdateProjectCredential(projectId, credentialId, credential)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -81,7 +80,7 @@ func (h ProjectPipelineHandler) DeleteDevOpsProjectCredentialHandler(request *re
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -100,7 +99,7 @@ func (h ProjectPipelineHandler) GetDevOpsProjectCredentialHandler(request *restf
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -114,7 +113,7 @@ func (h ProjectPipelineHandler) GetDevOpsProjectCredentialsHandler(request *rest
 	jenkinsCredentials, err := h.projectCredentialOperator.GetProjectCredentials(projectId)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	resp.WriteAsJson(jenkinsCredentials)

pkg/kapis/devops/v1alpha2/project_pipeline.go

@@ -16,10 +16,9 @@ package v1alpha2
 import (
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/constants"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
-	"net/http"
 )
 
 func (h ProjectPipelineHandler) CreateDevOpsProjectPipelineHandler(request *restful.Request, resp *restful.Response) {
@@ -30,20 +29,20 @@ func (h ProjectPipelineHandler) CreateDevOpsProjectPipelineHandler(request *rest
 	err := request.ReadEntity(&pipeline)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	err = h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner, devops.ProjectMaintainer})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	pipelineName, err := h.projectPipelineOperator.CreateProjectPipeline(projectId, pipeline)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -61,14 +60,14 @@ func (h ProjectPipelineHandler) DeleteDevOpsProjectPipelineHandler(request *rest
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner, devops.ProjectMaintainer})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	pipelineName, err := h.projectPipelineOperator.DeleteProjectPipeline(projectId, pipelineId)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -87,20 +86,20 @@ func (h ProjectPipelineHandler) UpdateDevOpsProjectPipelineHandler(request *rest
 	err := request.ReadEntity(&pipeline)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	err = h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner, devops.ProjectMaintainer})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	pipelineName, err := h.projectPipelineOperator.UpdateProjectPipeline(projectId, pipelineId, pipeline)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 
@@ -119,14 +118,14 @@ func (h ProjectPipelineHandler) GetDevOpsProjectPipelineConfigHandler(request *r
 	err := h.projectOperator.CheckProjectUserInRole(username, projectId, []string{devops.ProjectOwner, devops.ProjectMaintainer})
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusForbidden, err.Error()), resp)
+		api.HandleForbidden(resp, err)
 		return
 	}
 	pipeline, err := h.projectPipelineOperator.GetProjectPipelineConfig(projectId, pipelineId)
 
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 

pkg/kapis/devops/v1alpha2/s2ibinary.go

@@ -5,8 +5,8 @@ import (
 	"fmt"
 	"github.com/emicklei/go-restful"
 	"k8s.io/klog"
+	"kubesphere.io/kubesphere/pkg/api"
 	"kubesphere.io/kubesphere/pkg/models/devops"
-	"kubesphere.io/kubesphere/pkg/server/errors"
 	"kubesphere.io/kubesphere/pkg/utils/hashutil"
 	"net/http"
 )
@@ -22,38 +22,38 @@ func (h S2iBinaryHandler) UploadS2iBinaryHandler(req *restful.Request, resp *res
 	err := req.Request.ParseMultipartForm(bytefmt.MEGABYTE * 20)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if len(req.Request.MultipartForm.File) == 0 {
 		err := restful.NewError(http.StatusBadRequest, "could not get file from form")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(restful.NewError(http.StatusBadRequest, err.Error()), resp)
+		api.HandleBadRequest(resp, err)
 		return
 	}
 	if len(req.Request.MultipartForm.File["s2ibinary"]) == 0 {
 		err := restful.NewError(http.StatusBadRequest, "could not get file from form")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	if len(req.Request.MultipartForm.File["s2ibinary"]) > 1 {
 		err := restful.NewError(http.StatusBadRequest, "s2ibinary should only have one file")
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	defer req.Request.MultipartForm.RemoveAll()
 	file, err := req.Request.MultipartForm.File["s2ibinary"][0].Open()
 	if err != nil {
 		klog.Error(err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	filemd5, err := hashutil.GetMD5(file)
 	if err != nil {
 		klog.Error(err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	md5, ok := req.Request.MultipartForm.Value["md5"]
@@ -61,7 +61,7 @@ func (h S2iBinaryHandler) UploadS2iBinaryHandler(req *restful.Request, resp *res
 		if md5[0] != filemd5 {
 			err := restful.NewError(http.StatusBadRequest, fmt.Sprintf("md5 not match, origin: %+v, calculate: %+v", md5[0], filemd5))
 			klog.Error(err)
-			errors.ParseSvcErr(err, resp)
+			api.HandleInternalError(resp, err)
 			return
 		}
 	}
@@ -69,7 +69,7 @@ func (h S2iBinaryHandler) UploadS2iBinaryHandler(req *restful.Request, resp *res
 	s2ibin, err := h.s2iUploader.UploadS2iBinary(ns, name, filemd5, req.Request.MultipartForm.File["s2ibinary"][0])
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	resp.WriteAsJson(s2ibin)
@@ -83,7 +83,7 @@ func (h S2iBinaryHandler) DownloadS2iBinaryHandler(req *restful.Request, resp *r
 	url, err := h.s2iUploader.DownloadS2iBinary(ns, name, fileName)
 	if err != nil {
 		klog.Errorf("%+v", err)
-		errors.ParseSvcErr(err, resp)
+		api.HandleInternalError(resp, err)
 		return
 	}
 	http.Redirect(resp.ResponseWriter, req.Request, url, http.StatusFound)

pkg/models/iam/am.go

@@ -156,7 +156,7 @@ func (am *amOperator) GetUserRoles(namespace, username string) ([]*rbacv1.Role,
 	roles := make([]*rbacv1.Role, 0)
 
 	for _, roleBinding := range roleBindings {
-		if k8sutil.ContainsUser(roleBinding.Subjects, username) {
+		if ContainsUser(roleBinding.Subjects, username) {
 			if roleBinding.RoleRef.Kind == ClusterRoleKind {
 				clusterRole, err := clusterRoleLister.Get(roleBinding.RoleRef.Name)
 				if err != nil {
@@ -207,7 +207,7 @@ func (am *amOperator) GetUserClusterRoles(username string) (*rbacv1.ClusterRole,
 	clusterRoles := make([]*rbacv1.ClusterRole, 0)
 	userFacingClusterRole := &rbacv1.ClusterRole{}
 	for _, clusterRoleBinding := range clusterRoleBindings {
-		if k8sutil.ContainsUser(clusterRoleBinding.Subjects, username) {
+		if ContainsUser(clusterRoleBinding.Subjects, username) {
 			clusterRole, err := clusterRoleLister.Get(clusterRoleBinding.RoleRef.Name)
 			if err != nil {
 				if apierrors.IsNotFound(err) {
@@ -307,7 +307,7 @@ func (am *amOperator) GetWorkspaceRoleMap(username string) (map[string]string, e
 
 	for _, roleBinding := range clusterRoleBindings {
 		if workspace := k8sutil.GetControlledWorkspace(roleBinding.OwnerReferences); workspace != "" &&
-			k8sutil.ContainsUser(roleBinding.Subjects, username) {
+			ContainsUser(roleBinding.Subjects, username) {
 			result[workspace] = roleBinding.RoleRef.Name
 		}
 	}
@@ -588,7 +588,7 @@ func (am *amOperator) CreateClusterRoleBinding(username string, clusterRoleName
 		return nil
 	}
 
-	if !k8sutil.ContainsUser(found.Subjects, username) {
+	if !ContainsUser(found.Subjects, username) {
 		found.Subjects = clusterRoleBinding.Subjects
 		_, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(found)
 		if err != nil {

pkg/models/iam/utils.go

@@ -179,3 +179,34 @@ func hasString(slice []string, value string) bool {
 	}
 	return false
 }
+
+func ContainsUser(subjects interface{}, username string) bool {
+	switch subjects.(type) {
+	case []*rbacv1.Subject:
+		for _, subject := range subjects.([]*rbacv1.Subject) {
+			if subject.Kind == rbacv1.UserKind && subject.Name == username {
+				return true
+			}
+		}
+	case []rbacv1.Subject:
+		for _, subject := range subjects.([]rbacv1.Subject) {
+			if subject.Kind == rbacv1.UserKind && subject.Name == username {
+				return true
+			}
+		}
+	case []User:
+		for _, u := range subjects.([]User) {
+			if u.Username == username {
+				return true
+			}
+		}
+
+	case []*User:
+		for _, u := range subjects.([]*User) {
+			if u.Username == username {
+				return true
+			}
+		}
+	}
+	return false
+}

pkg/models/metrics/metrics.go

@@ -23,7 +23,6 @@ import (
 	"github.com/json-iterator/go"
 	"k8s.io/klog"
 	"kubesphere.io/kubesphere/pkg/api/monitoring/v1alpha2"
-	"kubesphere.io/kubesphere/pkg/models/workspaces"
 	cs "kubesphere.io/kubesphere/pkg/simple/client"
 	"net/url"
 	"regexp"
@@ -665,40 +664,40 @@ func GetClusterStatistics() *Response {
 	wg := sync.WaitGroup{}
 	wg.Add(4)
 
-	go func() {
-		num, err := workspaces.WorkspaceCount()
-		if err != nil {
-			klog.Errorln(err)
-			workspaceStats.Status = "error"
-		} else {
-			workspaceStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
-
-	go func() {
-		num, err := workspaces.GetAllDevOpsProjectsNums()
-		if err != nil {
-			if _, notEnabled := err.(cs.ClientSetNotEnabledError); !notEnabled {
-				klog.Errorln(err)
-			}
-			devopsStats.Status = "error"
-		} else {
-			devopsStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
-
-	go func() {
-		num, err := workspaces.GetAllProjectNums()
-		if err != nil {
-			klog.Errorln(err)
-			namespaceStats.Status = "error"
-		} else {
-			namespaceStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
+	//go func() {
+	//	num, err := workspaces.WorkspaceCount()
+	//	if err != nil {
+	//		klog.Errorln(err)
+	//		workspaceStats.Status = "error"
+	//	} else {
+	//		workspaceStats.withMetricResult(now, num)
+	//	}
+	//	wg.Done()
+	//}()
+
+	//go func() {
+	//num, err := workspaces.GetAllDevOpsProjectsNums()
+	//if err != nil {
+	//	if _, notEnabled := err.(cs.ClientSetNotEnabledError); !notEnabled {
+	//		klog.Errorln(err)
+	//	}
+	//	devopsStats.Status = "error"
+	//} else {
+	//	devopsStats.withMetricResult(now, num)
+	//}
+	//	wg.Done()
+	//}()
+
+	//go func() {
+	//num, err := workspaces.GetAllProjectNums()
+	//if err != nil {
+	//	klog.Errorln(err)
+	//	namespaceStats.Status = "error"
+	//} else {
+	//	namespaceStats.withMetricResult(now, num)
+	//}
+	//	wg.Done()
+	//}()
 
 	go func() {
 		ret, err := cs.ClientSets().KubeSphere().ListUsers()
@@ -723,7 +722,7 @@ func GetClusterStatistics() *Response {
 
 func GetWorkspaceStatistics(workspaceName string) *Response {
 
-	now := time.Now().Unix()
+	//now := time.Now().Unix()
 
 	var metricsArray []APIResponse
 	namespaceStats := APIResponse{MetricName: MetricWorkspaceNamespaceCount}
@@ -734,51 +733,51 @@ func GetWorkspaceStatistics(workspaceName string) *Response {
 	wg := sync.WaitGroup{}
 	wg.Add(4)
 
-	go func() {
-		num, err := workspaces.WorkspaceNamespaceCount(workspaceName)
-		if err != nil {
-			klog.Errorln(err)
-			namespaceStats.Status = "error"
-		} else {
-			namespaceStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
-
-	go func() {
-		num, err := workspaces.GetDevOpsProjectsCount(workspaceName)
-		if err != nil {
-			if _, notEnabled := err.(cs.ClientSetNotEnabledError); !notEnabled {
-				klog.Errorln(err)
-			}
-			devopsStats.Status = "error"
-		} else {
-			devopsStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
-
-	go func() {
-		num, err := workspaces.WorkspaceUserCount(workspaceName)
-		if err != nil {
-			klog.Errorln(err)
-			memberStats.Status = "error"
-		} else {
-			memberStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
-
-	go func() {
-		num, err := workspaces.GetOrgRolesCount(workspaceName)
-		if err != nil {
-			klog.Errorln(err)
-			roleStats.Status = "error"
-		} else {
-			roleStats.withMetricResult(now, num)
-		}
-		wg.Done()
-	}()
+	//go func() {
+	//	num, err := workspaces.WorkspaceNamespaceCount(workspaceName)
+	//	if err != nil {
+	//		klog.Errorln(err)
+	//		namespaceStats.Status = "error"
+	//	} else {
+	//		namespaceStats.withMetricResult(now, num)
+	//	}
+	//	wg.Done()
+	//}()
+
+	//go func() {
+	//	num, err := workspaces.GetDevOpsProjectsCount(workspaceName)
+	//	if err != nil {
+	//		if _, notEnabled := err.(cs.ClientSetNotEnabledError); !notEnabled {
+	//			klog.Errorln(err)
+	//		}
+	//		devopsStats.Status = "error"
+	//	} else {
+	//		devopsStats.withMetricResult(now, num)
+	//	}
+	//	wg.Done()
+	//}()
+
+	//go func() {
+	//num, err := workspaces.WorkspaceUserCount(workspaceName)
+	//if err != nil {
+	//	klog.Errorln(err)
+	//	memberStats.Status = "error"
+	//} else {
+	//	memberStats.withMetricResult(now, num)
+	//}
+	//	wg.Done()
+	//}()
+
+	//go func() {
+	//num, err := workspaces.GetOrgRolesCount(workspaceName)
+	//	if err != nil {
+	//		klog.Errorln(err)
+	//		roleStats.Status = "error"
+	//	} else {
+	//		roleStats.withMetricResult(now, num)
+	//	}
+	//	wg.Done()
+	//}()
 
 	wg.Wait()
 

pkg/models/tenant/workspaces.go

@@ -35,7 +35,6 @@ import (
 	"kubesphere.io/kubesphere/pkg/server/params"
 	clientset "kubesphere.io/kubesphere/pkg/simple/client"
 	"kubesphere.io/kubesphere/pkg/simple/client/mysql"
-	"kubesphere.io/kubesphere/pkg/utils/k8sutil"
 	"kubesphere.io/kubesphere/pkg/utils/sliceutil"
 	"sort"
 	"strings"
@@ -164,7 +163,7 @@ func (w *workspaceOperator) createWorkspaceRoleBinding(workspace, username strin
 		return err
 	}
 
-	if !k8sutil.ContainsUser(workspaceRoleBinding.Subjects, username) {
+	if !iam.ContainsUser(workspaceRoleBinding.Subjects, username) {
 		workspaceRoleBinding = workspaceRoleBinding.DeepCopy()
 		workspaceRoleBinding.Subjects = append(workspaceRoleBinding.Subjects, v1.Subject{APIGroup: "rbac.authorization.k8s.io", Kind: "User", Name: username})
 		_, err = w.client.RbacV1().ClusterRoleBindings().Update(workspaceRoleBinding)

pkg/server/errors/errors.go

@@ -19,6 +19,8 @@ package errors
 
 import (
 	"fmt"
+	"github.com/emicklei/go-restful"
+	"net/http"
 )
 
 type Error struct {

pkg/utils/k8sutil/k8sutil.go

@@ -18,9 +18,7 @@
 package k8sutil
 
 import (
-	"k8s.io/api/rbac/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"kubesphere.io/kubesphere/pkg/models/iam"
 )
 
 func IsControlledBy(reference []metav1.OwnerReference, kind string, name string) bool {
@@ -40,34 +38,3 @@ func GetControlledWorkspace(reference []metav1.OwnerReference) string {
 	}
 	return ""
 }
-
-func ContainsUser(subjects interface{}, username string) bool {
-	switch subjects.(type) {
-	case []*v1.Subject:
-		for _, subject := range subjects.([]*v1.Subject) {
-			if subject.Kind == v1.UserKind && subject.Name == username {
-				return true
-			}
-		}
-	case []v1.Subject:
-		for _, subject := range subjects.([]v1.Subject) {
-			if subject.Kind == v1.UserKind && subject.Name == username {
-				return true
-			}
-		}
-	case []iam.User:
-		for _, u := range subjects.([]iam.User) {
-			if u.Username == username {
-				return true
-			}
-		}
-
-	case []*iam.User:
-		for _, u := range subjects.([]*iam.User) {
-			if u.Username == username {
-				return true
-			}
-		}
-	}
-	return false
-}