From 7d0e20584007346ded8cfa793353583772180634 Mon Sep 17 00:00:00 2001
From: Marko Luksa <marko.luksa@gmail.com>
Date: Tue, 4 Sep 2018 18:54:53 +0200
Subject: [PATCH] Add namespaced servicebrokers, serviceclasses and
 serviceplans to admin/edit/view ClusterRoles

---
 .../components/service-catalog/service_catalog.go           | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkg/oc/clusteradd/components/service-catalog/service_catalog.go b/pkg/oc/clusteradd/components/service-catalog/service_catalog.go
index 9b21a6ad423b..805e508f4618 100644
--- a/pkg/oc/clusteradd/components/service-catalog/service_catalog.go
+++ b/pkg/oc/clusteradd/components/service-catalog/service_catalog.go
@@ -120,7 +120,7 @@ func getServiceCatalogClusterRoles() []rbacv1.ClusterRole {
 				Labels: map[string]string{"rbac.authorization.k8s.io/aggregate-to-admin": "true"},
 			},
 			Rules: []rbacv1.PolicyRule{
-				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch", "patch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings").RuleOrDie(),
+				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch", "patch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings", "servicebrokers", "serviceclasses", "serviceplans").RuleOrDie(),
 				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch").Groups("settings.k8s.io").Resources("podpresets").RuleOrDie(),
 			},
 		},
@@ -130,7 +130,7 @@ func getServiceCatalogClusterRoles() []rbacv1.ClusterRole {
 				Labels: map[string]string{"rbac.authorization.k8s.io/aggregate-to-edit": "true"},
 			},
 			Rules: []rbacv1.PolicyRule{
-				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch", "patch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings").RuleOrDie(),
+				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch", "patch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings", "servicebrokers", "serviceclasses", "serviceplans").RuleOrDie(),
 				rbacv1helpers.NewRule("create", "update", "delete", "get", "list", "watch").Groups("settings.k8s.io").Resources("podpresets").RuleOrDie(),
 			},
 		},
@@ -140,7 +140,7 @@ func getServiceCatalogClusterRoles() []rbacv1.ClusterRole {
 				Labels: map[string]string{"rbac.authorization.k8s.io/aggregate-to-view": "true"},
 			},
 			Rules: []rbacv1.PolicyRule{
-				rbacv1helpers.NewRule("get", "list", "watch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings").RuleOrDie(),
+				rbacv1helpers.NewRule("get", "list", "watch").Groups("servicecatalog.k8s.io").Resources("serviceinstances", "servicebindings", "servicebrokers", "serviceclasses", "serviceplans").RuleOrDie(),
 			},
 		},
 		{