未验证 提交 acfcd619 编写于 作者: H hongming

feat: support user-facing role filter

Signed-off-by: Nhongming <talonwan@yunify.com>
上级 6ac00afa
......@@ -58,7 +58,7 @@ func (*clusterRoleSearcher) match(match map[string]string, item *rbac.ClusterRol
if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
return false
}
case "userfacing":
case UserFacing:
if v == "true" {
if !isUserFacingClusterRole(item) {
return false
......@@ -145,6 +145,7 @@ func (s *clusterRoleSearcher) search(namespace string, conditions *params.Condit
return r, nil
}
// cluster role created by user from kubesphere dashboard
func isUserFacingClusterRole(role *rbac.ClusterRole) bool {
if role.Annotations[constants.CreatorAnnotationKey] != "" && role.Labels[constants.WorkspaceLabelKey] == "" {
return true
......
......@@ -74,6 +74,7 @@ const (
release = "release"
annotation = "annotation"
Keyword = "keyword"
UserFacing = "userfacing"
Status = "status"
includeCronJob = "includeCronJob"
storageClassName = "storageClassName"
......
......@@ -49,6 +49,12 @@ func (*roleSearcher) match(match map[string]string, item *rbac.Role) bool {
if !strings.Contains(item.Name, v) && !searchFuzzy(item.Labels, "", v) && !searchFuzzy(item.Annotations, "", v) {
return false
}
case UserFacing:
if v == "true" {
if !isUserFacingRole(item) {
return false
}
}
default:
// label not exist or value not equal
if val, ok := item.Labels[k]; !ok || val != v {
......@@ -129,3 +135,11 @@ func (s *roleSearcher) search(namespace string, conditions *params.Conditions, o
}
return r, nil
}
// role created by user from kubesphere dashboard
func isUserFacingRole(role *rbac.Role) bool {
if role.Annotations[constants.CreatorAnnotationKey] != "" {
return true
}
return false
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册