From f25ae2d571d365eac48beeb8361b7e6fd02171b1 Mon Sep 17 00:00:00 2001
From: hongming <talonwan@yunify.com>
Date: Mon, 3 Dec 2018 21:13:18 +0800
Subject: [PATCH] support workspace member search

Signed-off-by: hongming <talonwan@yunify.com>
---
 pkg/apis/v1alpha/users/user.go            |  8 --
 pkg/apis/v1alpha/workspaces/workspaces.go |  6 +-
 pkg/models/iam/iam.go                     | 91 ++++-------------------
 pkg/models/workspaces/workspaces.go       | 18 ++++-
 4 files changed, 30 insertions(+), 93 deletions(-)

diff --git a/pkg/apis/v1alpha/users/user.go b/pkg/apis/v1alpha/users/user.go
index 45640db9..20ae6e21 100644
--- a/pkg/apis/v1alpha/users/user.go
+++ b/pkg/apis/v1alpha/users/user.go
@@ -26,7 +26,6 @@ import (
 
 	"kubesphere.io/kubesphere/pkg/constants"
 	"kubesphere.io/kubesphere/pkg/models"
-	"kubesphere.io/kubesphere/pkg/models/iam"
 )
 
 func Register(ws *restful.WebService, subPath string) {
@@ -83,13 +82,6 @@ func delUser(req *restful.Request, resp *restful.Response) {
 		return
 	}
 
-	err = iam.DeleteRoleBindings(user)
-
-	if err != nil {
-		resp.WriteHeaderAndEntity(http.StatusInternalServerError, constants.MessageResponse{Message: err.Error()})
-		return
-	}
-
 	resp.WriteEntity(constants.MessageResponse{Message: "successfully deleted"})
 }
 
diff --git a/pkg/apis/v1alpha/workspaces/workspaces.go b/pkg/apis/v1alpha/workspaces/workspaces.go
index 99b257b2..0ff39910 100644
--- a/pkg/apis/v1alpha/workspaces/workspaces.go
+++ b/pkg/apis/v1alpha/workspaces/workspaces.go
@@ -100,8 +100,9 @@ func RolesHandler(req *restful.Request, resp *restful.Response) {
 
 func MembersHandler(req *restful.Request, resp *restful.Response) {
 	workspace := req.PathParameter("name")
+	keyword := req.QueryParameter("keyword")
 
-	users, err := workspaces.GetWorkspaceMembers(workspace)
+	users, err := workspaces.GetWorkspaceMembers(workspace, keyword)
 
 	if err != nil {
 		resp.WriteHeaderAndEntity(http.StatusInternalServerError, constants.MessageResponse{Message: err.Error()})
@@ -311,9 +312,6 @@ func DevOpsProjectHandler(req *restful.Request, resp *restful.Response) {
 	if groups := regexp.MustCompile(`^limit=(\d+),page=(\d+)$`).FindStringSubmatch(req.QueryParameter("paging")); len(groups) == 3 {
 		limit, _ = strconv.Atoi(groups[1])
 		page, _ := strconv.Atoi(groups[2])
-		if page < 0 {
-			page = 1
-		}
 		offset = (page - 1) * limit
 	}
 
diff --git a/pkg/models/iam/iam.go b/pkg/models/iam/iam.go
index a1f59935..72ba0219 100644
--- a/pkg/models/iam/iam.go
+++ b/pkg/models/iam/iam.go
@@ -10,13 +10,11 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/rbac/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	v12 "k8s.io/client-go/listers/rbac/v1"
 
 	"k8s.io/kubernetes/pkg/util/slice"
 
-	"kubesphere.io/kubesphere/pkg/client"
 	"kubesphere.io/kubesphere/pkg/constants"
 	"kubesphere.io/kubesphere/pkg/models/controllers"
 	ksErr "kubesphere.io/kubesphere/pkg/util/errors"
@@ -222,75 +220,6 @@ func GetUserNamespaces(username string, requiredRule v1.PolicyRule) (allNamespac
 	return false, namespaces, nil
 }
 
-func DeleteRoleBindings(username string) error {
-
-	lister, err := controllers.GetLister(controllers.RoleBindings)
-
-	if err != nil {
-		return err
-	}
-
-	roleBindingLister := lister.(v12.RoleBindingLister)
-
-	roleBindings, err := roleBindingLister.List(labels.Everything())
-
-	if err != nil {
-		return err
-	}
-
-	for _, roleBinding := range roleBindings {
-
-		length1 := len(roleBinding.Subjects)
-
-		for index, subject := range roleBinding.Subjects {
-			if subject.Kind == v1.UserKind && subject.Name == username {
-				roleBinding.Subjects = append(roleBinding.Subjects[:index], roleBinding.Subjects[index+1:]...)
-				index--
-			}
-		}
-
-		length2 := len(roleBinding.Subjects)
-
-		if length2 == 0 {
-			deletePolicy := meta_v1.DeletePropagationForeground
-			client.NewK8sClient().RbacV1().RoleBindings(roleBinding.Namespace).Delete(roleBinding.Name, &meta_v1.DeleteOptions{PropagationPolicy: &deletePolicy})
-		} else if length2 < length1 {
-			client.NewK8sClient().RbacV1().RoleBindings(roleBinding.Namespace).Update(roleBinding)
-		}
-	}
-
-	lister, err = controllers.GetLister(controllers.ClusterRoleBindings)
-
-	if err != nil {
-		return err
-	}
-
-	clusterRoleBindingLister := lister.(v12.ClusterRoleBindingLister)
-
-	clusterRoleBindings, err := clusterRoleBindingLister.List(labels.Everything())
-
-	for _, clusterRoleBinding := range clusterRoleBindings {
-		length1 := len(clusterRoleBinding.Subjects)
-
-		for index, subject := range clusterRoleBinding.Subjects {
-			if subject.Kind == v1.UserKind && subject.Name == username {
-				clusterRoleBinding.Subjects = append(clusterRoleBinding.Subjects[:index], clusterRoleBinding.Subjects[index+1:]...)
-				index--
-			}
-		}
-
-		length2 := len(clusterRoleBinding.Subjects)
-		if length2 == 0 {
-			deletePolicy := meta_v1.DeletePropagationForeground
-			client.NewK8sClient().RbacV1().ClusterRoleBindings().Delete(clusterRoleBinding.Name, &meta_v1.DeleteOptions{PropagationPolicy: &deletePolicy})
-		} else if length2 < length1 {
-			client.NewK8sClient().RbacV1().ClusterRoleBindings().Update(clusterRoleBinding)
-		}
-	}
-
-	return nil
-}
-
 func GetRole(namespace string, name string) (*v1.Role, error) {
 	lister, err := controllers.GetLister(controllers.Roles)
 
@@ -331,8 +260,15 @@ func GetWorkspaceUsers(workspace string, workspaceRole string) ([]string, error)
 }
 
 func GetClusterRoleBindings(name string) ([]v1.ClusterRoleBinding, error) {
-	k8s := client.NewK8sClient()
-	roleBindingList, err := k8s.RbacV1().ClusterRoleBindings().List(meta_v1.ListOptions{})
+	lister, err := controllers.GetLister(controllers.ClusterRoleBindings)
+
+	if err != nil {
+		return nil, err
+	}
+
+	clusterRoleBindingLister := lister.(v12.ClusterRoleBindingLister)
+
+	clusterRoleBindingList, err := clusterRoleBindingLister.List(labels.Everything())
 
 	if err != nil {
 		return nil, err
@@ -340,9 +276,9 @@ func GetClusterRoleBindings(name string) ([]v1.ClusterRoleBinding, error) {
 
 	items := make([]v1.ClusterRoleBinding, 0)
 
-	for _, roleBinding := range roleBindingList.Items {
+	for _, roleBinding := range clusterRoleBindingList {
 		if roleBinding.RoleRef.Name == name {
-			items = append(items, roleBinding)
+			items = append(items, *roleBinding)
 		}
 	}
 
@@ -495,7 +431,7 @@ func GetClusterRoles(username string) ([]v1.ClusterRole, error) {
 	roles := make([]v1.ClusterRole, 0)
 
 	for _, roleBinding := range clusterRoleBindings {
-		for i, subject := range roleBinding.Subjects {
+		for _, subject := range roleBinding.Subjects {
 			if subject.Kind == v1.UserKind && subject.Name == username {
 				if roleBinding.RoleRef.Kind == ClusterRoleKind {
 					role, err := clusterRoleLister.Get(roleBinding.RoleRef.Name)
@@ -511,8 +447,7 @@ func GetClusterRoles(username string) ([]v1.ClusterRole, error) {
 						roles = append(roles, *role)
 						break
 					} else if apierrors.IsNotFound(err) {
-						roleBinding.Subjects = append(roleBinding.Subjects[:i], roleBinding.Subjects[i+1:]...)
-						client.NewK8sClient().RbacV1().ClusterRoleBindings().Update(roleBinding)
+						glog.Warning(err)
 						break
 					} else {
 						return nil, err
diff --git a/pkg/models/workspaces/workspaces.go b/pkg/models/workspaces/workspaces.go
index 5f1c650a..d80e4e75 100644
--- a/pkg/models/workspaces/workspaces.go
+++ b/pkg/models/workspaces/workspaces.go
@@ -156,6 +156,9 @@ func deleteDevopsRoleBinding(workspace string, projectId string, user string) {
 		if err != nil || resp.StatusCode > 200 {
 			glog.Warning("delete  devops role binding failed", workspace, project, user)
 		}
+		if resp != nil {
+			resp.Body.Close()
+		}
 	}
 }
 
@@ -183,6 +186,9 @@ func createDevopsRoleBinding(workspace string, projectId string, user string, ro
 		if err != nil || resp.StatusCode > 200 {
 			glog.Warning(fmt.Sprintf("create  devops role binding failed %s,%s,%s,%s", workspace, project, user, role))
 		}
+		if resp != nil {
+			resp.Body.Close()
+		}
 	}
 }
 
@@ -679,7 +685,7 @@ func ListDevopsProjectsByUser(username string, workspace string, keyword string,
 	}
 
 	if len(devOpsProjects) < offset {
-		return len(devOpsProjects), devOpsProjects, nil
+		return len(devOpsProjects), make([]DevopsProject, 0), nil
 	} else if len(devOpsProjects) < limit+offset {
 		return len(devOpsProjects), devOpsProjects[offset:], nil
 	} else {
@@ -842,9 +848,15 @@ func Roles(workspace *Workspace) ([]*v1.ClusterRole, error) {
 	return roles, nil
 }
 
-func GetWorkspaceMembers(workspace string) ([]iam.User, error) {
+func GetWorkspaceMembers(workspace string, keyword string) ([]iam.User, error) {
 
-	result, err := http.Get(fmt.Sprintf("http://%s/apis/account.kubesphere.io/v1alpha1/groups/%s/users", constants.AccountAPIServer, workspace))
+	url := fmt.Sprintf("http://%s/apis/account.kubesphere.io/v1alpha1/workspaces/%s/members", constants.AccountAPIServer, workspace)
+
+	if keyword != "" {
+		url = url + "?keyword=" + keyword
+	}
+
+	result, err := http.Get(url)
 
 	if err != nil {
 		return nil, err
-- 
GitLab