code refactoring

Signed-off-by: Roke Jung <roke@redhat.com>
open-cluster-management-io · Feb 16, 2022 · cdf9ac9 · cdf9ac9
1 parent 08a51fb
commit cdf9ac9
Showing 1 changed file with 28 additions and 32 deletions.
diff --git a/pkg/utils/gitrepo.go b/pkg/utils/gitrepo.go
@@ -980,23 +980,7 @@ func matchUserSubAdmin(client client.Client, userIdentity, userGroups string) bo
 	if err == nil {
 		klog.Infof("ClusterRoleBinding %s found.", appv1.SubscriptionAdmin)
 
-		for _, subject := range foundClusterRoleBinding.Subjects {
-			if strings.Trim(subject.Name, "") == strings.Trim(userIdentity, "") && strings.Trim(subject.Kind, "") == "User" {
-				klog.Info("User match. cluster-admin: true")
-
-				isUserSubAdmin = true
-			} else if subject.Kind == "Group" {
-				groupNames := strings.Split(userGroups, ",")
-
-				for _, groupName := range groupNames {
-					if strings.Trim(subject.Name, "") == strings.Trim(groupName, "") {
-						klog.Info("Group match. cluster-admin: true")
-
-						isUserSubAdmin = true
-					}
-				}
-			}
-		}
+		isUserSubAdmin = checkUserSubAdmin(foundClusterRoleBinding.Subjects, userIdentity, userGroups)
 	} else {
 		klog.Error(err)
 	}
@@ -1018,22 +1002,10 @@ func scanUserSubAdmin(client client.Client, userIdentity, userGroups string) boo
 			if binding.RoleRef.Kind == "ClusterRole" && binding.RoleRef.Name == "open-cluster-management:subscription-admin" {
 				klog.Infof("Found cluster role binding %s with open-cluster-management:subscription-admin cluster role.", binding.Name)
 
-				for _, subject := range binding.Subjects {
-					if strings.Trim(subject.Name, "") == strings.Trim(userIdentity, "") && strings.Trim(subject.Kind, "") == "User" {
-						klog.Info("User match. cluster-admin: true")
-
-						isUserSubAdmin = true
-					} else if subject.Kind == "Group" {
-						groupNames := strings.Split(userGroups, ",")
-
-						for _, groupName := range groupNames {
-							if strings.Trim(subject.Name, "") == strings.Trim(groupName, "") {
-								klog.Info("Group match. cluster-admin: true")
+				isUserSubAdmin = checkUserSubAdmin(binding.Subjects, userIdentity, userGroups)
 
-								isUserSubAdmin = true
-							}
-						}
-					}
+				if isUserSubAdmin {
+					break
 				}
 			}
 		}
@@ -1044,6 +1016,30 @@ func scanUserSubAdmin(client client.Client, userIdentity, userGroups string) boo
 	return isUserSubAdmin
 }
 
+func checkUserSubAdmin(subjects []rbacv1.Subject, userIdentity, userGroups string) bool {
+	isUserSubAdmin := false
+
+	for _, subject := range subjects {
+		if strings.Trim(subject.Name, "") == strings.Trim(userIdentity, "") && strings.Trim(subject.Kind, "") == "User" {
+			klog.Info("User match. cluster-admin: true")
+
+			isUserSubAdmin = true
+		} else if subject.Kind == "Group" {
+			groupNames := strings.Split(userGroups, ",")
+
+			for _, groupName := range groupNames {
+				if strings.Trim(subject.Name, "") == strings.Trim(groupName, "") {
+					klog.Info("Group match. cluster-admin: true")
+
+					isUserSubAdmin = true
+				}
+			}
+		}
+	}
+
+	return isUserSubAdmin
+}
+
 func Base64StringDecode(encodedStr string) string {
 	decodedBytes, err := base64.StdEncoding.DecodeString(encodedStr)
 	if err != nil {