Skip to content
This repository has been archived by the owner on Mar 11, 2021. It is now read-only.

feat(#686): add/remove user-edit rolebinding in che based on toggle #741

Merged
merged 12 commits into from
Feb 11, 2019
Merged

feat(#686): add/remove user-edit rolebinding in che based on toggle #741

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
5db658b
chore(#678): refactor core functionality to be more extensible and re…
MatousJobanek Jan 22, 2019
c10fdca
fix: when checks for presence of namespaces then 403 treat as it is n…
MatousJobanek Jan 22, 2019
8e657d9
fix: use creation token also for cheking if ns was created (#734)
MatousJobanek Jan 22, 2019
da299a7
fix: handle conflicts for resource quotas correctly (#735)
MatousJobanek Jan 22, 2019
9aaa7d0
fix: wait until PVC is removed or set to terminating state (#736)
MatousJobanek Jan 23, 2019
94f6c55
fix: just try to wait until is removed and don't fail when is not (#737)
MatousJobanek Jan 23, 2019
8e221ab
fix: reset result when either 404 or 409 is ignored (during deletion)…
MatousJobanek Jan 23, 2019
6a2111a
fix: clean should delete all resources (not only those that are in te…
MatousJobanek Jan 24, 2019
e839d84
chore: use callbacks as one nested function chain (#740)
MatousJobanek Jan 28, 2019
dbfc940
feat(#686): add/remove user-edit rolebinding in che based on toggle
MatousJobanek Jan 29, 2019
9d796d4
fix adding to original set of objects
MatousJobanek Jan 29, 2019
ddf4bcb
Merge branch 'master' into issue-686-che-user-edit
MatousJobanek Feb 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 0 additions & 17 deletions environment/templates/fabric8-tenant-che-mt.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,23 +87,6 @@ objects:
subjects:
- kind: ServiceAccount
name: che
- apiVersion: v1
kind: RoleBinding
metadata:
labels:
app: fabric8-tenant-che-mt
provider: fabric8
version: ${COMMIT}
version-quotas: ${COMMIT_QUOTAS}
name: user-edit
namespace: ${USER_NAME}-che
roleRef:
name: edit
subjects:
- kind: User
name: ${PROJECT_USER}
userNames:
- ${PROJECT_USER}
- apiVersion: v1
kind: RoleBinding
metadata:
Expand Down
73 changes: 53 additions & 20 deletions openshift/action.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,7 @@ type NamespaceAction interface {
MethodName() string
GetNamespaceEntity(nsTypeService EnvironmentTypeService) (*tenant.Namespace, error)
UpdateNamespace(env *environment.EnvData, cluster *cluster.Cluster, namespace *tenant.Namespace, failed bool)
GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error)
Filter() FilterFunc
GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error)
ForceMasterTokenGlobally() bool
HealingStrategy() HealingFuncGenerator
ManageAndUpdateResults(errorChan chan error, envTypes []environment.Type, healing Healing) error
Expand Down Expand Up @@ -91,11 +90,29 @@ func (c *commonNamespaceAction) MethodName() string {
return c.method
}

func (c *commonNamespaceAction) GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error) {
operationSets := OperationSet{}
sort.Sort(environment.ByKind(toSort))
operationSets[c.method] = toSort
return operationSets, nil
func (c *commonNamespaceAction) getOperationSets(envService EnvironmentTypeService, client Client, filterFunc FilterFunc) (*environment.EnvData, []OperationSet, error) {
env, objects, err := envService.GetEnvDataAndObjects(filterFunc)
if err != nil {
return env, nil, errors.Wrap(err, "getting environment data and objects failed")
}

operationSets := []OperationSet{NewOperationSet(c.method, objects)}

object, shouldBeAdded := envService.AdditionalObject()
if len(object) > 0 {
action := c.method
if !shouldBeAdded {
action = http.MethodDelete
}
if action == c.method {
operationSets[0].Objects = append(operationSets[0].Objects, object)
} else {
operationSets = append(operationSets, NewOperationSet(action, []environment.Object{object}))
}
}

sort.Sort(environment.ByKind(operationSets[0].Objects))
return env, operationSets, nil
}

func (c *commonNamespaceAction) Filter() FilterFunc {
Expand Down Expand Up @@ -210,6 +227,10 @@ func (c *CreateAction) ForceMasterTokenGlobally() bool {
return false
}

func (c *CreateAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
return c.getOperationSets(envService, client, c.Filter())
}

func NewDeleteAction(tenantRepo tenant.Repository, existingNamespaces []*tenant.Namespace, deleteOpts *DeleteActionOption) *DeleteAction {
return &DeleteAction{
withExistingNamespacesAction: &withExistingNamespacesAction{
Expand Down Expand Up @@ -269,50 +290,58 @@ var AllToGetAndDelete = []string{environment.ValKindService}

var AllKindsToClean = append(AllToDeleteAll, AllToGetAndDelete...)

func (d *DeleteAction) GetOperationSets(toSort environment.Objects, client Client, namespaceName string) (OperationSet, error) {
operationSets := OperationSet{}
func (d *DeleteAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
env, objectsToDelete, err := envService.GetEnvDataAndObjects(d.Filter())
if err != nil {
return env, nil, errors.Wrap(err, "getting environment data and objects failed")
}
var operationSets []OperationSet

if !d.deleteOptions.removeFromCluster {
var deleteAllSet environment.Objects
for _, kind := range AllToDeleteAll {
obj := newObject(kind, namespaceName, "")
obj := NewObject(kind, envService.GetNamespaceName(), "")
deleteAllSet = append(deleteAllSet, obj)
}
sort.Sort(sort.Reverse(environment.ByKind(deleteAllSet)))
operationSets[MethodDeleteAll] = deleteAllSet
operationSets = append(operationSets, NewOperationSet(MethodDeleteAll, deleteAllSet))

for _, kind := range AllToGetAndDelete {
kindToGet := newObject(kind, namespaceName, "")
kindToGet := NewObject(kind, envService.GetNamespaceName(), "")
result, err := Apply(client, http.MethodGet, kindToGet)
if err != nil {
return nil, errors.Wrapf(err, "unable to get list of current objects of kind %s in namespace %s", kindToGet, namespaceName)
return env, nil, errors.Wrapf(err,
"unable to get list of current objects of kind %s in namespace %s", kindToGet, envService.GetNamespaceName())
}
var returnedObj environment.Object
err = yaml.Unmarshal(result.Body, &returnedObj)
if err != nil {
return nil, errors.Wrapf(err,
"unable unmarshal object responded from OS while getting list of current objects of kind %s in namespace %s", kindToGet, namespaceName)
return env, nil, errors.Wrapf(err, "unable unmarshal object responded from OS "+
"while getting list of current objects of kind %s in namespace %s", kindToGet, envService.GetNamespaceName())
}

if items, itemsFound := returnedObj["items"]; itemsFound {
if objects, isSlice := items.([]interface{}); isSlice && len(objects) > 0 {
for _, obj := range objects {
if object, isObj := obj.(environment.Object); isObj {
if name := environment.GetName(object); name != "" {
toSort = append(toSort, newObject(kind, namespaceName, name))
objectsToDelete = append(objectsToDelete, NewObject(kind, envService.GetNamespaceName(), name))
}
}
}
}
}
}
}
sort.Sort(sort.Reverse(environment.ByKind(toSort)))
operationSets[d.method] = toSort

return operationSets, nil
sort.Sort(sort.Reverse(environment.ByKind(objectsToDelete)))
deleteOpSet := NewOperationSet(d.method, objectsToDelete)
operationSets = append(operationSets, deleteOpSet)

return env, operationSets, nil
}

func newObject(kind, namespaceName string, name string) environment.Object {
func NewObject(kind, namespaceName string, name string) environment.Object {
return environment.Object{
"kind": kind,
"metadata": environment.Object{
Expand Down Expand Up @@ -411,6 +440,10 @@ func (u *UpdateAction) Filter() FilterFunc {
return isNotOfKind(environment.ValKindProjectRequest)
}

func (u *UpdateAction) GetOperationSets(envService EnvironmentTypeService, client Client) (*environment.EnvData, []OperationSet, error) {
return u.getOperationSets(envService, client, u.Filter())
}

func (u *UpdateAction) HealingStrategy() HealingFuncGenerator {
return u.redoStrategy(func(openShiftService *ServiceBuilder, nsTypes []environment.Type, existingNamespaces []*tenant.Namespace) error {
return openShiftService.Update(nsTypes, existingNamespaces, u.actionOptions.DisableSelfHealing())
Expand Down
Loading