37 Star 411 Fork 76

GVPrancher/rancher

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
克隆/下载
rtb_store.go 2.29 KB
一键复制 编辑 原始数据 按行查看 历史
package authn
import (
"github.com/sirupsen/logrus"
"k8s.io/apimachinery/pkg/api/errors"
"strings"
"context"
"github.com/rancher/norman/httperror"
"github.com/rancher/norman/store/transform"
"github.com/rancher/norman/types"
"github.com/rancher/norman/types/values"
"github.com/rancher/rancher/pkg/auth/providers"
"github.com/rancher/rancher/pkg/auth/requests"
"github.com/rancher/types/client/management/v3"
"github.com/rancher/types/config"
)
func SetRTBStore(ctx context.Context, schema *types.Schema, mgmt *config.ScaledContext) {
providers.Configure(ctx, mgmt)
userLister := mgmt.Management.Users("").Controller().Lister()
t := &transform.Store{
Store: schema.Store,
Transformer: func(apiContext *types.APIContext, schema *types.Schema, data map[string]interface{}, opt *types.QueryOptions) (map[string]interface{}, error) {
if id, ok := data[client.ClusterRoleTemplateBindingFieldUserID].(string); ok && id != "" {
u, err := userLister.Get("", id)
if err != nil {
if !errors.IsNotFound(err) {
logrus.Errorf("problem retrieving user for CRTB %v from cache during CRTB transformation: %v", data, err)
}
return data, nil
}
for _, pid := range u.PrincipalIDs {
if strings.HasPrefix(pid, "system://") {
if opt != nil && opt.Options["ByID"] == "true" {
return nil, httperror.NewAPIError(httperror.NotFound, "resource not found")
}
return nil, nil
}
}
}
return data, nil
},
}
s := &Store{
Store: t,
auth: requests.NewAuthenticator(ctx, mgmt),
}
schema.Store = s
}
type Store struct {
types.Store
auth requests.Authenticator
}
func (s *Store) Create(apiContext *types.APIContext, schema *types.Schema, data map[string]interface{}) (map[string]interface{}, error) {
if principalID, ok := data[client.ClusterRoleTemplateBindingFieldUserPrincipalID].(string); ok && principalID != "" && !strings.HasPrefix(principalID, "local://") {
token, err := s.auth.TokenFromRequest(apiContext.Request)
if err != nil {
return nil, err
}
princ, err := providers.GetPrincipal(principalID, *token)
if err != nil {
return nil, err
}
if princ.DisplayName != "" {
values.PutValue(data, princ.DisplayName, "annotations", "auth.cattle.io/principal-display-name")
}
}
return s.Store.Create(apiContext, schema, data)
}
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
Go
1
https://gitee.com/rancher/rancher.git
git@gitee.com:rancher/rancher.git
rancher
rancher
rancher
v2.2.4-rc23

搜索帮助

0d507c66 1850385 C8b1a773 1850385