Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
KubeSphere
kubesphere
提交
b1d996f4
K
kubesphere
项目概览
KubeSphere
/
kubesphere
通知
143
Star
32
Fork
5
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
2
Wiki
分析
仓库
DevOps
项目成员
Pages
K
kubesphere
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
2
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
b1d996f4
编写于
6月 11, 2020
作者:
H
hongming
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
add test case
Signed-off-by:
N
hongming
<
talonwan@yunify.com
>
上级
bafeecfe
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
347 addition
and
175 deletion
+347
-175
pkg/kapis/iam/v1alpha2/handler.go
pkg/kapis/iam/v1alpha2/handler.go
+11
-13
pkg/kapis/iam/v1alpha2/register.go
pkg/kapis/iam/v1alpha2/register.go
+21
-21
pkg/models/iam/am/am.go
pkg/models/iam/am/am.go
+8
-44
pkg/models/tenant/tenant.go
pkg/models/tenant/tenant.go
+1
-1
pkg/models/tenant/tenent_test.go
pkg/models/tenant/tenent_test.go
+306
-96
未找到文件。
pkg/kapis/iam/v1alpha2/handler.go
浏览文件 @
b1d996f4
...
...
@@ -61,9 +61,10 @@ func (h *iamHandler) DescribeUser(request *restful.Request, response *restful.Re
}
func
(
h
*
iamHandler
)
RetrieveMemberRoleTemplates
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
username
:=
request
.
PathParameter
(
"user"
)
if
strings
.
HasSuffix
(
request
.
Request
.
URL
.
Path
,
iamv1alpha2
.
ResourcesPluralGlobalRole
)
{
username
:=
request
.
PathParameter
(
"user"
)
globalRole
,
err
:=
h
.
am
.
GetGlobalRoleOfUser
(
username
)
if
err
!=
nil
{
...
...
@@ -93,8 +94,8 @@ func (h *iamHandler) RetrieveMemberRoleTemplates(request *restful.Request, respo
}
if
strings
.
HasSuffix
(
request
.
Request
.
URL
.
Path
,
iamv1alpha2
.
ResourcesPluralClusterRole
)
{
username
:=
request
.
PathParameter
(
"clustermember"
)
clusterRole
,
err
:=
h
.
am
.
GetClusterRoleOfUser
(
username
)
if
err
!=
nil
{
// if role binding not exist return empty list
if
errors
.
IsNotFound
(
err
)
{
...
...
@@ -111,7 +112,6 @@ func (h *iamHandler) RetrieveMemberRoleTemplates(request *restful.Request, respo
Ascending
:
false
,
Filters
:
map
[
query
.
Field
]
query
.
Value
{
iamv1alpha2
.
AggregateTo
:
query
.
Value
(
clusterRole
.
Name
)},
})
if
err
!=
nil
{
api
.
HandleInternalError
(
response
,
request
,
err
)
return
...
...
@@ -123,9 +123,8 @@ func (h *iamHandler) RetrieveMemberRoleTemplates(request *restful.Request, respo
if
strings
.
HasSuffix
(
request
.
Request
.
URL
.
Path
,
iamv1alpha2
.
ResourcesPluralWorkspaceRole
)
{
workspace
:=
request
.
PathParameter
(
"workspace"
)
username
:=
request
.
PathParameter
(
"workspacemember"
)
workspaceRole
,
err
:=
h
.
am
.
GetWorkspaceRoleOfUser
(
username
,
workspace
)
if
err
!=
nil
{
// if role binding not exist return empty list
if
errors
.
IsNotFound
(
err
)
{
...
...
@@ -142,7 +141,6 @@ func (h *iamHandler) RetrieveMemberRoleTemplates(request *restful.Request, respo
Ascending
:
false
,
Filters
:
map
[
query
.
Field
]
query
.
Value
{
iamv1alpha2
.
AggregateTo
:
query
.
Value
(
workspaceRole
.
Name
)},
})
if
err
!=
nil
{
api
.
HandleInternalError
(
response
,
request
,
err
)
return
...
...
@@ -154,7 +152,7 @@ func (h *iamHandler) RetrieveMemberRoleTemplates(request *restful.Request, respo
if
strings
.
HasSuffix
(
request
.
Request
.
URL
.
Path
,
iamv1alpha2
.
ResourcesPluralRole
)
{
namespace
,
err
:=
h
.
resolveNamespace
(
request
.
PathParameter
(
"namespace"
),
request
.
PathParameter
(
"devops"
))
username
:=
request
.
PathParameter
(
"member"
)
if
err
!=
nil
{
api
.
HandleInternalError
(
response
,
request
,
err
)
return
...
...
@@ -280,7 +278,7 @@ func (h *iamHandler) ListNamespaceMembers(request *restful.Request, response *re
}
func
(
h
*
iamHandler
)
DescribeNamespaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
memb
er"
)
namespace
,
err
:=
h
.
resolveNamespace
(
request
.
PathParameter
(
"namespace"
),
request
.
PathParameter
(
"devops"
))
if
err
!=
nil
{
...
...
@@ -347,7 +345,7 @@ func (h *iamHandler) ListWorkspaceMembers(request *restful.Request, response *re
func
(
h
*
iamHandler
)
DescribeWorkspaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
workspace
:=
request
.
PathParameter
(
"workspace"
)
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
workspacememb
er"
)
queryParam
:=
query
.
New
()
queryParam
.
Filters
[
query
.
FieldName
]
=
query
.
Value
(
username
)
...
...
@@ -828,7 +826,7 @@ func (h *iamHandler) CreateWorkspaceMembers(request *restful.Request, response *
func
(
h
*
iamHandler
)
RemoveWorkspaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
workspace
:=
request
.
PathParameter
(
"workspace"
)
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
workspacememb
er"
)
err
:=
h
.
am
.
RemoveUserFromWorkspace
(
username
,
workspace
)
...
...
@@ -843,7 +841,7 @@ func (h *iamHandler) RemoveWorkspaceMember(request *restful.Request, response *r
func
(
h
*
iamHandler
)
UpdateWorkspaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
workspace
:=
request
.
PathParameter
(
"workspace"
)
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
workspacememb
er"
)
var
member
Member
...
...
@@ -905,7 +903,7 @@ func (h *iamHandler) CreateNamespaceMembers(request *restful.Request, response *
}
func
(
h
*
iamHandler
)
UpdateNamespaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
memb
er"
)
namespace
,
err
:=
h
.
resolveNamespace
(
request
.
PathParameter
(
"namespace"
),
request
.
PathParameter
(
"devops"
))
if
err
!=
nil
{
...
...
@@ -942,7 +940,7 @@ func (h *iamHandler) UpdateNamespaceMember(request *restful.Request, response *r
}
func
(
h
*
iamHandler
)
RemoveNamespaceMember
(
request
*
restful
.
Request
,
response
*
restful
.
Response
)
{
username
:=
request
.
PathParameter
(
"
us
er"
)
username
:=
request
.
PathParameter
(
"
memb
er"
)
namespace
,
err
:=
h
.
resolveNamespace
(
request
.
PathParameter
(
"namespace"
),
request
.
PathParameter
(
"devops"
))
if
err
!=
nil
{
...
...
pkg/kapis/iam/v1alpha2/register.go
浏览文件 @
b1d996f4
...
...
@@ -103,25 +103,25 @@ func AddToContainer(container *restful.Container, im im.IdentityManagementInterf
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
api
.
ListResult
{
Items
:
[]
interface
{}{
iamv1alpha2
.
User
{}}})
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
us
ers"
)
.
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
workspacememb
ers"
)
.
To
(
handler
.
ListWorkspaceMembers
)
.
Doc
(
"List all members in the specified workspace."
)
.
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace name"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
workspacemembers/{workspacememb
er}"
)
.
To
(
handler
.
DescribeWorkspaceMember
)
.
Doc
(
"Retrieve workspace member details."
)
.
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace name"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
POST
(
"/workspaces/{workspace}/
us
ers"
)
.
ws
.
Route
(
ws
.
POST
(
"/workspaces/{workspace}/
workspacememb
ers"
)
.
To
(
handler
.
CreateWorkspaceMembers
)
.
Doc
(
"Batch add workspace members."
)
.
Reads
([]
Member
{})
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
errors
.
None
)
.
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace name"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
PUT
(
"/workspaces/{workspace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
PUT
(
"/workspaces/{workspace}/
workspacemembers/{workspacememb
er}"
)
.
To
(
handler
.
UpdateWorkspaceMember
)
.
Doc
(
"Update member in workspace."
)
.
Reads
(
Member
{})
.
...
...
@@ -129,32 +129,32 @@ func AddToContainer(container *restful.Container, im im.IdentityManagementInterf
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace name"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
DELETE
(
"/workspaces/{workspace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
DELETE
(
"/workspaces/{workspace}/
workspacemembers/{workspacememb
er}"
)
.
To
(
handler
.
RemoveWorkspaceMember
)
.
Doc
(
"Remove member in workspace."
)
.
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace name"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
us
ers"
)
.
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
memb
ers"
)
.
To
(
handler
.
ListNamespaceMembers
)
.
Doc
(
"List all members in the specified namespace."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
members/{memb
er}"
)
.
To
(
handler
.
DescribeNamespaceMember
)
.
Doc
(
"Retrieve namespace member details."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
POST
(
"/namespaces/{namespace}/
us
ers"
)
.
ws
.
Route
(
ws
.
POST
(
"/namespaces/{namespace}/
memb
ers"
)
.
To
(
handler
.
CreateNamespaceMembers
)
.
Doc
(
"Batch add namespace members."
)
.
Reads
([]
Member
{})
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
errors
.
None
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
PUT
(
"/namespaces/{namespace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
PUT
(
"/namespaces/{namespace}/
members/{memb
er}"
)
.
To
(
handler
.
UpdateNamespaceMember
)
.
Doc
(
"Update member in namespace."
)
.
Reads
(
Member
{})
.
...
...
@@ -162,44 +162,44 @@ func AddToContainer(container *restful.Container, im im.IdentityManagementInterf
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
DELETE
(
"/namespaces/{namespace}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
DELETE
(
"/namespaces/{namespace}/
members/{memb
er}"
)
.
To
(
handler
.
RemoveNamespaceMember
)
.
Doc
(
"Remove member in namespace."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
us
ers"
)
.
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
memb
ers"
)
.
To
(
handler
.
ListNamespaceMembers
)
.
Doc
(
"List all members in the specified namespace."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
members/{memb
er}"
)
.
To
(
handler
.
DescribeNamespaceMember
)
.
Doc
(
"Retrieve namespace member details."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
POST
(
"/devops/{devops}/
us
ers"
)
.
ws
.
Route
(
ws
.
POST
(
"/devops/{devops}/
memb
ers"
)
.
To
(
handler
.
CreateNamespaceMembers
)
.
Doc
(
"Batch add namespace members."
)
.
Reads
([]
Member
{})
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
errors
.
None
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
PUT
(
"/devops/{devops}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
PUT
(
"/devops/{devops}/
members/{memb
er}"
)
.
To
(
handler
.
UpdateNamespaceMember
)
.
Doc
(
"Update member in namespace."
)
.
Reads
(
Member
{})
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
errors
.
None
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"
us
er"
,
"username"
))
.
Param
(
ws
.
PathParameter
(
"
memb
er"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
DELETE
(
"/devops/{devops}/
users/{us
er}"
)
.
ws
.
Route
(
ws
.
DELETE
(
"/devops/{devops}/
members/{memb
er}"
)
.
To
(
handler
.
RemoveNamespaceMember
)
.
Doc
(
"Remove member in namespace."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"
us
er"
,
"username"
))
.
Param
(
ws
.
PathParameter
(
"
memb
er"
,
"username"
))
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
// globalroles
...
...
@@ -375,27 +375,27 @@ func AddToContainer(container *restful.Container, im im.IdentityManagementInterf
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
iamv1alpha2
.
GlobalRole
{})
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/
users/{us
er}/clusterroles"
)
.
ws
.
Route
(
ws
.
GET
(
"/
clustermembers/{clustermemb
er}/clusterroles"
)
.
To
(
handler
.
RetrieveMemberRoleTemplates
)
.
Doc
(
"Retrieve user's role templates in cluster."
)
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
rbacv1
.
ClusterRole
{})
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
users/{us
er}/workspaceroles"
)
.
ws
.
Route
(
ws
.
GET
(
"/workspaces/{workspace}/
workspacemembers/{workspacememb
er}/workspaceroles"
)
.
To
(
handler
.
RetrieveMemberRoleTemplates
)
.
Doc
(
"Retrieve member's role templates in workspace."
)
.
Param
(
ws
.
PathParameter
(
"workspace"
,
"workspace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
iamv1alpha2
.
WorkspaceRole
{})
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
users/{us
er}/roles"
)
.
ws
.
Route
(
ws
.
GET
(
"/namespaces/{namespace}/
members/{memb
er}/roles"
)
.
To
(
handler
.
RetrieveMemberRoleTemplates
)
.
Doc
(
"Retrieve member's role templates in namespace."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
Param
(
ws
.
PathParameter
(
"user"
,
"username"
))
.
Returns
(
http
.
StatusOK
,
api
.
StatusOK
,
rbacv1
.
Role
{})
.
Metadata
(
restfulspec
.
KeyOpenAPITags
,
[]
string
{
constants
.
AccessManagementTag
}))
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
users/{us
er}/roles"
)
.
ws
.
Route
(
ws
.
GET
(
"/devops/{devops}/
members/{memb
er}/roles"
)
.
To
(
handler
.
RetrieveMemberRoleTemplates
)
.
Doc
(
"Retrieve member's role templates in devops project."
)
.
Param
(
ws
.
PathParameter
(
"namespace"
,
"namespace"
))
.
...
...
pkg/models/iam/am/am.go
浏览文件 @
b1d996f4
...
...
@@ -32,7 +32,6 @@ import (
kubesphere
"kubesphere.io/kubesphere/pkg/client/clientset/versioned"
"kubesphere.io/kubesphere/pkg/informers"
resourcev1alpha3
"kubesphere.io/kubesphere/pkg/models/resources/v1alpha3/resource"
"net/http"
)
type
AccessManagementInterface
interface
{
...
...
@@ -114,17 +113,8 @@ func (am *amOperator) GetGlobalRoleOfUser(username string) (*iamv1alpha2.GlobalR
return
out
,
nil
}
err
=
&
errors
.
StatusError
{
ErrStatus
:
metav1
.
Status
{
Status
:
metav1
.
StatusFailure
,
Code
:
http
.
StatusNotFound
,
Reason
:
metav1
.
StatusReasonNotFound
,
Details
:
&
metav1
.
StatusDetails
{
Group
:
iamv1alpha2
.
SchemeGroupVersion
.
Group
,
Kind
:
iamv1alpha2
.
ResourceKindGlobalRoleBinding
,
},
Message
:
fmt
.
Sprintf
(
"global role binding not found for %s"
,
username
),
}}
err
=
errors
.
NewNotFound
(
iamv1alpha2
.
Resource
(
iamv1alpha2
.
ResourcesSingularGlobalRoleBinding
),
username
)
klog
.
Error
(
err
)
return
nil
,
err
}
...
...
@@ -157,17 +147,8 @@ func (am *amOperator) GetWorkspaceRoleOfUser(username, workspace string) (*iamv1
return
out
,
nil
}
err
=
&
errors
.
StatusError
{
ErrStatus
:
metav1
.
Status
{
Status
:
metav1
.
StatusFailure
,
Code
:
http
.
StatusNotFound
,
Reason
:
metav1
.
StatusReasonNotFound
,
Details
:
&
metav1
.
StatusDetails
{
Group
:
iamv1alpha2
.
SchemeGroupVersion
.
Group
,
Kind
:
iamv1alpha2
.
ResourceKindWorkspaceRoleBinding
,
},
Message
:
fmt
.
Sprintf
(
"workspace role binding not found for %s"
,
username
),
}}
err
=
errors
.
NewNotFound
(
iamv1alpha2
.
Resource
(
iamv1alpha2
.
ResourcesSingularWorkspaceRoleBinding
),
username
)
klog
.
Error
(
err
)
return
nil
,
err
}
...
...
@@ -197,17 +178,8 @@ func (am *amOperator) GetNamespaceRoleOfUser(username, namespace string) (*rbacv
return
out
,
nil
}
err
=
&
errors
.
StatusError
{
ErrStatus
:
metav1
.
Status
{
Status
:
metav1
.
StatusFailure
,
Code
:
http
.
StatusNotFound
,
Reason
:
metav1
.
StatusReasonNotFound
,
Details
:
&
metav1
.
StatusDetails
{
Group
:
rbacv1
.
SchemeGroupVersion
.
Group
,
Kind
:
iamv1alpha2
.
ResourceKindRoleBinding
,
},
Message
:
fmt
.
Sprintf
(
"role binding not found for %s in %s"
,
username
,
namespace
),
}}
err
=
errors
.
NewNotFound
(
iamv1alpha2
.
Resource
(
iamv1alpha2
.
ResourcesSingularRoleBinding
),
username
)
klog
.
Error
(
err
)
return
nil
,
err
}
...
...
@@ -237,17 +209,9 @@ func (am *amOperator) GetClusterRoleOfUser(username string) (*rbacv1.ClusterRole
out
.
Annotations
[
iamv1alpha2
.
ClusterRoleAnnotation
]
=
role
.
Name
return
out
,
nil
}
err
=
&
errors
.
StatusError
{
ErrStatus
:
metav1
.
Status
{
Status
:
metav1
.
StatusFailure
,
Code
:
http
.
StatusNotFound
,
Reason
:
metav1
.
StatusReasonNotFound
,
Details
:
&
metav1
.
StatusDetails
{
Group
:
rbacv1
.
SchemeGroupVersion
.
Group
,
Kind
:
"ClusterRoleBinding"
,
},
Message
:
fmt
.
Sprintf
(
"cluster role binding not found for %s"
,
username
),
}}
err
=
errors
.
NewNotFound
(
iamv1alpha2
.
Resource
(
iamv1alpha2
.
ResourcesSingularClusterRoleBinding
),
username
)
klog
.
Error
(
err
)
return
nil
,
err
}
...
...
pkg/models/tenant/tenant.go
浏览文件 @
b1d996f4
...
...
@@ -283,7 +283,7 @@ func (t *tenantOperator) DeleteNamespace(workspace, namespace string) error {
}
func
(
t
*
tenantOperator
)
UpdateNamespace
(
workspace
string
,
namespace
*
corev1
.
Namespace
)
(
*
corev1
.
Namespace
,
error
)
{
_
,
err
:=
t
.
DescribeNamespace
(
workspace
,
namespace
.
Name
space
)
_
,
err
:=
t
.
DescribeNamespace
(
workspace
,
namespace
.
Name
)
if
err
!=
nil
{
return
nil
,
err
}
...
...
pkg/models/tenant/tenent_test.go
浏览文件 @
b1d996f4
...
...
@@ -22,7 +22,9 @@ import (
fakeistio
"istio.io/client-go/pkg/clientset/versioned/fake"
corev1
"k8s.io/api/core/v1"
rbacv1
"k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1
"k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apiserver/pkg/authentication/user"
fakek8s
"k8s.io/client-go/kubernetes/fake"
"kubesphere.io/kubesphere/pkg/api"
...
...
@@ -32,47 +34,45 @@ import (
"kubesphere.io/kubesphere/pkg/apiserver/query"
fakeks
"kubesphere.io/kubesphere/pkg/client/clientset/versioned/fake"
"kubesphere.io/kubesphere/pkg/informers"
"reflect"
"testing"
)
func
TestTenantOperator_ListWorkspaces
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
name
string
result
*
api
.
ListResult
username
string
expectError
error
}{
{
name
:
"list workspace"
,
username
:
"admin"
,
username
:
admin
.
Name
,
result
:
&
api
.
ListResult
{
Items
:
workspaces
,
TotalItems
:
len
(
workspaces
),
Items
:
workspace
Template
s
,
TotalItems
:
len
(
workspace
Template
s
),
},
},
{
name
:
"list workspaces"
,
username
:
"regular"
,
username
:
tester2
.
Name
,
result
:
&
api
.
ListResult
{
Items
:
[]
interface
{}{
workspaceBar
},
Items
:
[]
interface
{}{
systemWorkspaceTmpl
},
TotalItems
:
1
,
},
},
}
for
_
,
test
:=
range
tests
{
for
i
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
ListWorkspaces
(
&
user
.
DefaultInfo
{
Name
:
test
.
username
},
query
.
New
())
if
err
!=
nil
{
if
test
.
expectError
!=
err
{
t
.
Error
(
er
r
)
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Error
f
(
"got %#v, expected %#v"
,
err
,
test
.
expectErro
r
)
}
continue
}
if
diff
:=
cmp
.
Diff
(
result
,
test
.
result
);
diff
!=
""
{
t
.
Error
(
diff
)
t
.
Error
f
(
"case %d,%s"
,
i
,
diff
)
}
}
}
...
...
@@ -80,47 +80,245 @@ func TestTenantOperator_ListWorkspaces(t *testing.T) {
func
TestTenantOperator_ListNamespaces
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
name
string
result
*
api
.
ListResult
username
string
workspace
string
expectError
error
}{
{
name
:
"list namespaces"
,
workspace
:
"foo"
,
username
:
"admin"
,
workspace
:
systemWorkspace
.
Name
,
username
:
admin
.
Name
,
result
:
&
api
.
ListResult
{
Items
:
[]
interface
{}{
foo2
,
foo1
},
Items
:
[]
interface
{}{
kubesphereSystem
,
defaultNamespace
},
TotalItems
:
2
,
},
},
{
name
:
"list namespaces"
,
workspace
:
"foo"
,
username
:
"regular"
,
workspace
:
systemWorkspace
.
Name
,
username
:
tester1
.
Name
,
result
:
&
api
.
ListResult
{
Items
:
[]
interface
{}{},
TotalItems
:
0
,
},
},
{
name
:
"list namespaces"
,
workspace
:
"bar"
,
username
:
"regular"
,
workspace
:
testWorkspace
.
Name
,
username
:
tester2
.
Name
,
result
:
&
api
.
ListResult
{
Items
:
[]
interface
{}{
bar1
},
Items
:
[]
interface
{}{
testNamespace
},
TotalItems
:
1
,
},
},
}
for
_
,
test
:=
range
tests
{
for
i
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
ListNamespaces
(
&
user
.
DefaultInfo
{
Name
:
test
.
username
},
test
.
workspace
,
query
.
New
())
if
err
!=
nil
{
if
test
.
expectError
!=
err
{
t
.
Error
(
err
)
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"got %#v, expected %#v"
,
err
,
test
.
expectError
)
}
continue
}
if
diff
:=
cmp
.
Diff
(
result
,
test
.
result
);
diff
!=
""
{
t
.
Errorf
(
"case %d, %s"
,
i
,
diff
)
}
}
}
func
TestTenantOperator_DescribeNamespace
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
result
*
corev1
.
Namespace
username
string
workspace
string
namespace
string
expectError
error
}{
{
result
:
testNamespace
,
username
:
tester2
.
Name
,
workspace
:
testWorkspace
.
Name
,
namespace
:
testNamespace
.
Name
,
expectError
:
nil
,
},
{
result
:
testNamespace
,
username
:
tester2
.
Name
,
workspace
:
systemWorkspace
.
Name
,
namespace
:
testNamespace
.
Name
,
expectError
:
errors
.
NewNotFound
(
corev1
.
Resource
(
"namespace"
),
testNamespace
.
Name
),
},
}
for
_
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
DescribeNamespace
(
test
.
workspace
,
test
.
namespace
)
if
err
!=
nil
{
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"got %#v, expected %#v"
,
err
,
test
.
expectError
)
}
continue
}
if
diff
:=
cmp
.
Diff
(
result
,
test
.
result
);
diff
!=
""
{
t
.
Error
(
diff
)
}
}
}
func
TestTenantOperator_CreateNamespace
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
result
*
corev1
.
Namespace
workspace
string
namespace
*
corev1
.
Namespace
expectError
error
}{
{
result
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
testWorkspace
.
Name
},
},
},
workspace
:
testWorkspace
.
Name
,
namespace
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test"
,
},
},
expectError
:
nil
,
},
}
for
i
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
CreateNamespace
(
test
.
workspace
,
test
.
namespace
)
if
err
!=
nil
{
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"case %d, got %#v, expected %#v"
,
i
,
err
,
test
.
expectError
)
}
continue
}
if
diff
:=
cmp
.
Diff
(
result
,
test
.
result
);
diff
!=
""
{
t
.
Error
(
diff
)
}
}
}
func
TestTenantOperator_DeleteNamespace
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
workspace
string
namespace
string
expectError
error
}{
{
workspace
:
testWorkspace
.
Name
,
namespace
:
kubesphereSystem
.
Name
,
expectError
:
errors
.
NewNotFound
(
corev1
.
Resource
(
"namespace"
),
kubesphereSystem
.
Name
),
},
{
workspace
:
testWorkspace
.
Name
,
namespace
:
testNamespace
.
Name
,
expectError
:
nil
,
},
}
for
i
,
test
:=
range
tests
{
err
:=
tenantOperator
.
DeleteNamespace
(
test
.
workspace
,
test
.
namespace
)
if
err
!=
nil
{
if
test
.
expectError
!=
nil
&&
test
.
expectError
.
Error
()
==
err
.
Error
()
{
continue
}
else
{
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"case %d, got %#v, expected %#v"
,
i
,
err
,
test
.
expectError
)
}
}
}
}
}
func
TestTenantOperator_UpdateNamespace
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
result
*
corev1
.
Namespace
workspace
string
namespace
*
corev1
.
Namespace
expectError
error
}{
{
result
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-namespace"
,
Annotations
:
map
[
string
]
string
{
"test"
:
"test"
},
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
testWorkspace
.
Name
},
},
},
workspace
:
testWorkspace
.
Name
,
namespace
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-namespace"
,
Annotations
:
map
[
string
]
string
{
"test"
:
"test"
},
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
testWorkspace
.
Name
},
},
},
expectError
:
nil
,
},
}
for
i
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
UpdateNamespace
(
test
.
workspace
,
test
.
namespace
)
if
err
!=
nil
{
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"case %d, got %#v, expected %#v"
,
i
,
err
,
test
.
expectError
)
}
continue
}
if
diff
:=
cmp
.
Diff
(
result
,
test
.
result
);
diff
!=
""
{
t
.
Error
(
diff
)
}
}
}
func
TestTenantOperator_PatchNamespace
(
t
*
testing
.
T
)
{
tenantOperator
:=
prepare
()
tests
:=
[]
struct
{
result
*
corev1
.
Namespace
workspace
string
patch
*
corev1
.
Namespace
expectError
error
}{
{
result
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-namespace"
,
Annotations
:
map
[
string
]
string
{
"test"
:
"test2"
},
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
testWorkspace
.
Name
},
},
},
workspace
:
testWorkspace
.
Name
,
patch
:
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-namespace"
,
Annotations
:
map
[
string
]
string
{
"test"
:
"test2"
},
},
},
expectError
:
nil
,
},
}
for
i
,
test
:=
range
tests
{
result
,
err
:=
tenantOperator
.
PatchNamespace
(
test
.
workspace
,
test
.
patch
)
if
err
!=
nil
{
if
!
reflect
.
DeepEqual
(
err
,
test
.
expectError
)
{
t
.
Errorf
(
"case %d, got %#v, expected %#v"
,
i
,
err
,
test
.
expectError
)
}
continue
}
...
...
@@ -132,28 +330,56 @@ func TestTenantOperator_ListNamespaces(t *testing.T) {
}
var
(
foo1
=
&
corev1
.
Namespace
{
admin
=
user
.
DefaultInfo
{
Name
:
"admin"
,
}
tester1
=
user
.
DefaultInfo
{
Name
:
"tester1"
,
}
tester2
=
user
.
DefaultInfo
{
Name
:
"tester2"
,
}
systemWorkspaceTmpl
=
&
tenantv1alpha2
.
WorkspaceTemplate
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"foo1"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
"foo"
},
Name
:
"system-workspace"
,
},
}
foo2
=
&
corev1
.
Namespace
{
testWorkspaceTmpl
=
&
tenantv1alpha2
.
WorkspaceTemplate
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-workspace"
,
},
}
systemWorkspace
=
&
tenantv1alpha1
.
Workspace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"system-workspace"
,
},
}
testWorkspace
=
&
tenantv1alpha1
.
Workspace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"test-workspace"
,
},
}
kubesphereSystem
=
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"kubesphere-system"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
systemWorkspace
.
Name
},
},
}
defaultNamespace
=
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"
foo2
"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
"foo"
},
Name
:
"
default
"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
systemWorkspace
.
Name
},
},
}
bar1
=
&
corev1
.
Namespace
{
testNamespace
=
&
corev1
.
Namespace
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"
bar1
"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
"bar"
},
Name
:
"
test-namespace
"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
testWorkspace
.
Name
},
},
}
adminGlobalRole
=
&
iamv1alpha2
.
GlobalRole
{
platformAdmin
=
&
iamv1alpha2
.
GlobalRole
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"
global
-admin"
,
Name
:
"
platform
-admin"
,
},
Rules
:
[]
rbacv1
.
PolicyRule
{
{
...
...
@@ -163,79 +389,67 @@ var (
},
},
}
regularGlobalRole
=
&
iamv1alpha2
.
GlobalRole
{
platformRegular
=
&
iamv1alpha2
.
GlobalRole
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"regular"
,
},
Rules
:
[]
rbacv1
.
PolicyRule
{
{
Verbs
:
[]
string
{},
APIGroups
:
[]
string
{},
Resources
:
[]
string
{},
},
Name
:
"platform-regular"
,
},
Rules
:
[]
rbacv1
.
PolicyRule
{},
}
reguarWorksapceRole
=
&
iamv1alpha2
.
WorkspaceRole
{
systemWorkspaceRegular
=
&
iamv1alpha2
.
WorkspaceRole
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"workspace-regular"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
"bar"
},
},
Rules
:
[]
rbacv1
.
PolicyRule
{
{
Verbs
:
[]
string
{},
APIGroups
:
[]
string
{},
Resources
:
[]
string
{},
},
Name
:
"system-workspace-regular"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
systemWorkspace
.
Name
},
},
Rules
:
[]
rbacv1
.
PolicyRule
{},
}
adminGlobalRoleBinding
=
&
iamv1alpha2
.
GlobalRoleBinding
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"global-admin"
,
Name
:
admin
.
Name
+
"-"
+
platformAdmin
.
Name
,
},
Subjects
:
[]
rbacv1
.
Subject
{{
Kind
:
"User"
,
Name
:
"admin"
,
Name
:
admin
.
Name
,
}},
RoleRef
:
rbacv1
.
RoleRef
{
APIGroup
:
iamv1alpha2
.
SchemeGroupVersion
.
String
(),
Kind
:
iamv1alpha2
.
ResourceKindGlobalRole
,
Name
:
"global-admin"
,
Name
:
platformAdmin
.
Name
,
},
}
regularGlobalRoleBinding
=
&
iamv1alpha2
.
GlobalRoleBinding
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"regular"
,
Name
:
tester1
.
Name
+
"-"
+
platformRegular
.
Name
,
},
Subjects
:
[]
rbacv1
.
Subject
{{
Kind
:
"User"
,
Name
:
"regular"
,
Name
:
tester1
.
Name
,
}},
RoleRef
:
rbacv1
.
RoleRef
{
APIGroup
:
iamv1alpha2
.
SchemeGroupVersion
.
String
(),
Kind
:
iamv1alpha2
.
ResourceKindGlobalRole
,
Name
:
"regular"
,
Name
:
platformRegular
.
Name
,
},
}
regularWorkspace
RoleBinding
=
&
iamv1alpha2
.
WorkspaceRoleBinding
{
systemWorkspaceRegular
RoleBinding
=
&
iamv1alpha2
.
WorkspaceRoleBinding
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"workspace-regular"
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
"bar"
},
Name
:
tester2
.
Name
+
"-"
+
systemWorkspaceRegular
.
Name
,
Labels
:
map
[
string
]
string
{
tenantv1alpha1
.
WorkspaceLabel
:
systemWorkspace
.
Name
},
},
Subjects
:
[]
rbacv1
.
Subject
{{
Kind
:
"User"
,
Name
:
"regular"
,
Name
:
tester2
.
Name
,
}},
RoleRef
:
rbacv1
.
RoleRef
{
APIGroup
:
iamv1alpha2
.
SchemeGroupVersion
.
String
(),
Kind
:
iamv1alpha2
.
ResourceKindGlobalRole
,
Name
:
"workspace-regular"
,
Name
:
systemWorkspaceRegular
.
Name
,
},
}
bar1NamespaceRole
=
&
rbacv1
.
Role
{
testNamespaceAdmin
=
&
rbacv1
.
Role
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"admin"
,
Namespace
:
"bar1"
,
Namespace
:
testNamespace
.
Name
,
},
Rules
:
[]
rbacv1
.
PolicyRule
{
{
...
...
@@ -245,52 +459,48 @@ var (
},
},
}
bar1Namespace
RoleBinding
=
&
rbacv1
.
RoleBinding
{
testNamespaceAdmin
RoleBinding
=
&
rbacv1
.
RoleBinding
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"admin"
,
Namespace
:
"bar1"
,
Namespace
:
testNamespace
.
Name
,
},
Subjects
:
[]
rbacv1
.
Subject
{{
Kind
:
"User"
,
Name
:
"regular"
,
Name
:
tester2
.
Name
,
}},
RoleRef
:
rbacv1
.
RoleRef
{
APIGroup
:
rbacv1
.
SchemeGroupVersion
.
String
(),
Kind
:
"Role"
,
Name
:
"admin"
,
},
}
workspaceFoo
=
&
tenantv1alpha2
.
WorkspaceTemplate
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"foo"
,
},
}
workspaceBar
=
&
tenantv1alpha2
.
WorkspaceTemplate
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Name
:
"bar"
,
Name
:
testNamespaceAdmin
.
Name
,
},
}
workspaces
=
[]
interface
{}{
workspaceFoo
,
workspaceBar
}
namespaces
=
[]
interface
{}{
foo1
,
foo2
,
bar1
}
globalRoles
=
[]
interface
{}{
adminGlobalRole
,
regularGlobalRole
}
workspaces
=
[]
interface
{}{
systemWorkspace
,
testWorkspace
}
workspaceTemplates
=
[]
interface
{}{
testWorkspaceTmpl
,
systemWorkspaceTmpl
}
namespaces
=
[]
interface
{}{
kubesphereSystem
,
defaultNamespace
,
testNamespace
}
globalRoles
=
[]
interface
{}{
platformAdmin
,
platformRegular
}
globalRoleBindings
=
[]
interface
{}{
adminGlobalRoleBinding
,
regularGlobalRoleBinding
}
workspaceRoles
=
[]
interface
{}{
regularGlobalRole
}
workspaceRoleBindings
=
[]
interface
{}{
regularWorkspace
RoleBinding
}
namespaceRoles
=
[]
interface
{}{
bar1NamespaceRole
}
namespaceRoleBindings
=
[]
interface
{}{
bar1Namespace
RoleBinding
}
workspaceRoles
=
[]
interface
{}{
systemWorkspaceRegular
}
workspaceRoleBindings
=
[]
interface
{}{
systemWorkspaceRegular
RoleBinding
}
namespaceRoles
=
[]
interface
{}{
testNamespaceAdmin
}
namespaceRoleBindings
=
[]
interface
{}{
testNamespaceAdmin
RoleBinding
}
)
func
prepare
()
Interface
{
ksClient
:=
fakeks
.
NewSimpleClientset
()
k8sClient
:=
fakek8s
.
NewSimpleClientset
()
ksClient
:=
fakeks
.
NewSimpleClientset
(
[]
runtime
.
Object
{
testWorkspace
,
systemWorkspace
}
...
)
k8sClient
:=
fakek8s
.
NewSimpleClientset
(
[]
runtime
.
Object
{
testNamespace
,
kubesphereSystem
}
...
)
istioClient
:=
fakeistio
.
NewSimpleClientset
()
appClient
:=
fakeapp
.
NewSimpleClientset
()
fakeInformerFactory
:=
informers
.
NewInformerFactories
(
k8sClient
,
ksClient
,
istioClient
,
appClient
,
nil
,
nil
)
for
_
,
workspace
:=
range
workspaces
{
fakeInformerFactory
.
KubeSphereSharedInformerFactory
()
.
Tenant
()
.
V1alpha1
()
.
Workspaces
()
.
Informer
()
.
GetIndexer
()
.
Add
(
workspace
)
}
for
_
,
workspaceTmpl
:=
range
workspaceTemplates
{
fakeInformerFactory
.
KubeSphereSharedInformerFactory
()
.
Tenant
()
.
V1alpha2
()
.
WorkspaceTemplates
()
.
Informer
()
.
GetIndexer
()
.
Add
(
workspace
)
WorkspaceTemplates
()
.
Informer
()
.
GetIndexer
()
.
Add
(
workspace
Tmpl
)
}
for
_
,
namespace
:=
range
namespaces
{
...
...
@@ -328,5 +538,5 @@ func prepare() Interface {
RoleBindings
()
.
Informer
()
.
GetIndexer
()
.
Add
(
roleBinding
)
}
return
New
(
fakeInformerFactory
,
nil
,
nil
,
nil
,
nil
,
nil
)
return
New
(
fakeInformerFactory
,
k8sClient
,
ksClient
,
nil
,
nil
,
nil
)
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录