fix: sync devops rolebindings

Signed-off-by: N hongming <talonwan@yunify.com>

fix: sync devops rolebindings
Signed-off-by: N hongming <talonwan@yunify.com>
b90a84b9 · hongming · a908757c · b90a84b9 · b90a84b9
隐藏空白更改
内联并排

Showing with 11 addition and 9 deletion

pkg/constants/common.go pkg/constants/common.go +2 -0

pkg/models/workspaces/workspaces.go pkg/models/workspaces/workspaces.go +9 -9

未找到文件。
--- a/pkg/constants/common.go
+++ b/pkg/constants/common.go
@@ -48,6 +48,8 @@ const (
 	WorkspaceAdmin             = "workspace-admin"
 	WorkspaceRegular           = "workspace-regular"
 	WorkspaceViewer            = "workspace-viewer"
+	DevopsOwner                = "owner"
+	DevopsReporter             = "reporter"
 )

 var (

--- a/pkg/models/workspaces/workspaces.go
+++ b/pkg/models/workspaces/workspaces.go
@@ -110,16 +110,16 @@ func CreateDevopsProject(username string, workspace string, devops DevopsProject
 }

 func createDefaultDevopsRoleBinding(workspace string, project DevopsProject) {
-	admins := iam.GetWorkspaceUsers(workspace, "admin")
+	admins := iam.GetWorkspaceUsers(workspace, constants.WorkspaceAdmin)

 	for _, admin := range admins {
-		createDevopsRoleBinding(workspace, *project.ProjectId, admin, "owner")
+		createDevopsRoleBinding(workspace, *project.ProjectId, admin, constants.DevopsOwner)
 	}

-	viewers := iam.GetWorkspaceUsers(workspace, "viewer")
+	viewers := iam.GetWorkspaceUsers(workspace, constants.WorkspaceViewer)

 	for _, viewer := range viewers {
-		createDevopsRoleBinding(workspace, *project.ProjectId, viewer, "reporter")
+		createDevopsRoleBinding(workspace, *project.ProjectId, viewer, constants.DevopsReporter)
 	}
 }

@@ -1156,7 +1156,7 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri
 				} else {
 					modify = true
 					roleBinding.Subjects = append(roleBinding.Subjects[:i], roleBinding.Subjects[i+1:]...)
-					if roleName == "admin" || roleName == "viewer" {
+					if roleName == constants.WorkspaceAdmin || roleName == constants.WorkspaceViewer {
 						go deleteDevopsRoleBinding(workspace.Name, "", username)
 					}
 					break
@@ -1167,10 +1167,10 @@ func CreateWorkspaceRoleBinding(workspace *Workspace, username string, role stri
 		if roleName == role {
 			modify = true
 			roleBinding.Subjects = append(roleBinding.Subjects, v1.Subject{Kind: v1.UserKind, Name: username})
-			if roleName == "admin" {
-				go createDevopsRoleBinding(workspace.Name, "", username, "owner")
-			} else if roleName == "viewer" {
-				go createDevopsRoleBinding(workspace.Name, "", username, "reporter")
+			if roleName == constants.WorkspaceAdmin {
+				go createDevopsRoleBinding(workspace.Name, "", username, constants.DevopsOwner)
+			} else if roleName == constants.WorkspaceViewer {
+				go createDevopsRoleBinding(workspace.Name, "", username, constants.DevopsReporter)
 			}
 		}