Skip to content
This repository has been archived by the owner on Mar 11, 2021. It is now read-only.

Commit

Permalink
feat(#686): add/remove user-edit rolebinding in che based on toggle (#…
Browse files Browse the repository at this point in the history 
…741)
  • Loading branch information
@MatousJobanek
MatousJobanek authored Feb 11, 2019
1 parent 9c2ea27 commit 5f58fb3
Show file tree
Hide file tree
Showing 10 changed files with 331 additions and 111 deletions.
17 changes: 0 additions & 17 deletions environment/templates/fabric8-tenant-che-mt.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,23 +87,6 @@ objects:
subjects:
- kind: ServiceAccount
name: che
- apiVersion: v1
kind: RoleBinding
metadata:
labels:
app: fabric8-tenant-che-mt
provider: fabric8
version: ${COMMIT}
version-quotas: ${COMMIT_QUOTAS}
name: user-edit
namespace: ${USER_NAME}-che
roleRef:
name: edit
subjects:
- kind: User
name: ${PROJECT_USER}
userNames:
- ${PROJECT_USER}
- apiVersion: v1
kind: RoleBinding
metadata:
Expand Down
73 changes: 53 additions & 20 deletions openshift/action.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,7 @@ type NamespaceAction interface {
MethodName() string
GetNamespaceEntity(nsTypeService EnvironmentTypeService) (*tenant.Namespace, error)
UpdateNamespace(env *environment.EnvData, cluster *cluster.Cluster, namespace *tenant.Namespace, failed bool)
GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error)
Filter() FilterFunc
GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error)
ForceMasterTokenGlobally() bool
HealingStrategy() HealingFuncGenerator
ManageAndUpdateResults(errorChan chan error, envTypes []environment.Type, healing Healing) error
Expand Down Expand Up @@ -91,11 +90,29 @@ func (c *commonNamespaceAction) MethodName() string {
return c.method
}

func (c *commonNamespaceAction) GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error) {
operationSets := OperationSet{}
sort.Sort(environment.ByKind(toSort))
operationSets[c.method] = toSort
return operationSets, nil
func (c *commonNamespaceAction) getOperationSets(envService EnvironmentTypeService, client Client, filterFunc FilterFunc) (*environment.EnvData, []OperationSet, error) {
env, objects, err := envService.GetEnvDataAndObjects(filterFunc)
if err != nil {
return env, nil, errors.Wrap(err, "getting environment data and objects failed")
}

operationSets := []OperationSet{NewOperationSet(c.method, objects)}

object, shouldBeAdded := envService.AdditionalObject()
if len(object) > 0 {
action := c.method
if !shouldBeAdded {
action = http.MethodDelete
}
if action == c.method {
operationSets[0].Objects = append(operationSets[0].Objects, object)
} else {
operationSets = append(operationSets, NewOperationSet(action, []environment.Object{object}))
}
}

sort.Sort(environment.ByKind(operationSets[0].Objects))
return env, operationSets, nil
}

func (c *commonNamespaceAction) Filter() FilterFunc {
Expand Down Expand Up @@ -210,6 +227,10 @@ func (c *CreateAction) ForceMasterTokenGlobally() bool {
return false
}

func (c *CreateAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
return c.getOperationSets(envService, client, c.Filter())
}

func NewDeleteAction(tenantRepo tenant.Repository, existingNamespaces []*tenant.Namespace, deleteOpts *DeleteActionOption) *DeleteAction {
return &DeleteAction{
withExistingNamespacesAction: &withExistingNamespacesAction{
Expand Down Expand Up @@ -269,50 +290,58 @@ var AllToGetAndDelete = []string{environment.ValKindService}

var AllKindsToClean = append(AllToDeleteAll, AllToGetAndDelete...)

func (d *DeleteAction) GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error) {
operationSets := OperationSet{}
func (d *DeleteAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
env, objectsToDelete, err := envService.GetEnvDataAndObjects(d.Filter())
if err != nil {
return env, nil, errors.Wrap(err, "getting environment data and objects failed")
}
var operationSets []OperationSet

if !d.deleteOptions.removeFromCluster {
var deleteAllSet environment.Objects
for _, kind := range AllToDeleteAll {
obj := newObject(kind, namespaceName, "")
obj := NewObject(kind, envService.GetNamespaceName(), "")
deleteAllSet = append(deleteAllSet, obj)
}
sort.Sort(sort.Reverse(environment.ByKind(deleteAllSet)))
operationSets[MethodDeleteAll] = deleteAllSet
operationSets = append(operationSets, NewOperationSet(MethodDeleteAll, deleteAllSet))

for _, kind := range AllToGetAndDelete {
kindToGet := newObject(kind, namespaceName, "")
kindToGet := NewObject(kind, envService.GetNamespaceName(), "")
result, err := Apply(client, http.MethodGet, kindToGet)
if err != nil {
return nil, errors.Wrapf(err, "unable to get list of current objects of kind %s in namespace %s", kindToGet, namespaceName)
return env, nil, errors.Wrapf(err,
"unable to get list of current objects of kind %s in namespace %s", kindToGet, envService.GetNamespaceName())
}
var returnedObj environment.Object
err = yaml.Unmarshal(result.Body, &returnedObj)
if err != nil {
return nil, errors.Wrapf(err,
"unable unmarshal object responded from OS while getting list of current objects of kind %s in namespace %s", kindToGet, namespaceName)
return env, nil, errors.Wrapf(err, "unable unmarshal object responded from OS "+
"while getting list of current objects of kind %s in namespace %s", kindToGet, envService.GetNamespaceName())
}

if items, itemsFound := returnedObj["items"]; itemsFound {
if objects, isSlice := items.([]interface{}); isSlice && len(objects) > 0 {
for _, obj := range objects {
if object, isObj := obj.(environment.Object); isObj {
if name := environment.GetName(object); name != "" {
toSort = append(toSort, newObject(kind, namespaceName, name))
objectsToDelete = append(objectsToDelete, NewObject(kind, envService.GetNamespaceName(), name))
}
}
}
}
}
}
}
sort.Sort(sort.Reverse(environment.ByKind(toSort)))
operationSets[d.method] = toSort

return operationSets, nil
sort.Sort(sort.Reverse(environment.ByKind(objectsToDelete)))
deleteOpSet := NewOperationSet(d.method, objectsToDelete)
operationSets = append(operationSets, deleteOpSet)

return env, operationSets, nil
}

func newObject(kind, namespaceName string, name string) environment.Object {
func NewObject(kind, namespaceName string, name string) environment.Object {
return environment.Object{
"kind": kind,
"metadata": environment.Object{
Expand Down Expand Up @@ -411,6 +440,10 @@ func (u *UpdateAction) Filter() FilterFunc {
return isNotOfKind(environment.ValKindProjectRequest)
}

func (u *UpdateAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
return u.getOperationSets(envService, client, u.Filter())
}

func (u *UpdateAction) HealingStrategy() HealingFuncGenerator {
return u.redoStrategy(func(openShiftService *ServiceBuilder, nsTypes []environment.Type, existingNamespaces []*tenant.Namespace) error {
return openShiftService.Update(nsTypes, existingNamespaces, u.actionOptions.DisableSelfHealing())
Expand Down
Loading

0 comments on commit 5f58fb3

Please sign in to comment.