fix ns switching bugs
derailed
parent
e2051d065c
commit
01bba387ef
|
|
@ -24,6 +24,21 @@ func NewMockConnection() *MockConnection {
|
|||
return &MockConnection{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) Config() *k8s.Config {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -322,6 +337,45 @@ type VerifierConnection struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *Connection_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &Connection_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_CanIAccess_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) Config() *Connection_Config_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "Config", params, verifier.timeout)
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
package config
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/rs/zerolog/log"
|
||||
)
|
||||
|
||||
|
|
@ -36,7 +34,6 @@ func (n *Namespace) Validate(c Connection, ks KubeSettings) {
|
|||
nn := ks.NamespaceNames(nns)
|
||||
if !n.isAllNamespace() && !InList(nn, n.Active) {
|
||||
log.Error().Msgf("[Config] Validation error active namespace `%s does not exists", n.Active)
|
||||
panic(fmt.Errorf("Invalid namespace. The provided namespace `%s does not exists", n.Active))
|
||||
}
|
||||
|
||||
for _, ns := range n.Favorites {
|
||||
|
|
|
|||
|
|
@ -24,12 +24,6 @@ func TestNSValidate(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestNSValidateMissing(t *testing.T) {
|
||||
defer func() {
|
||||
if err := recover(); err == nil {
|
||||
t.Fatalf("Expected panic on non existing namespace")
|
||||
}
|
||||
}()
|
||||
|
||||
mc := NewMockConnection()
|
||||
m.When(mc.ValidNamespaces()).ThenReturn(namespaces(), nil)
|
||||
mk := NewMockKubeSettings()
|
||||
|
|
|
|||
|
|
@ -1,47 +0,0 @@
|
|||
package k8s
|
||||
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/rs/zerolog"
|
||||
authorizationv1 "k8s.io/api/authorization/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
)
|
||||
|
||||
// CanIAccess checks if user has access to a certain resource.
|
||||
func CanIAccess(cfg *Config, log zerolog.Logger, ns, verb, name, resURL string) bool {
|
||||
_, gr := schema.ParseResourceArg(strings.ToLower(resURL))
|
||||
sar := &authorizationv1.SelfSubjectAccessReview{
|
||||
Spec: authorizationv1.SelfSubjectAccessReviewSpec{
|
||||
ResourceAttributes: &authorizationv1.ResourceAttributes{
|
||||
Namespace: ns,
|
||||
Verb: verb,
|
||||
Group: gr.Group,
|
||||
Resource: gr.Resource,
|
||||
Subresource: "",
|
||||
Name: name,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
rest, err := cfg.RESTConfig()
|
||||
if err != nil {
|
||||
log.Warn().Msgf("Access %s", err)
|
||||
return false
|
||||
}
|
||||
|
||||
auth, err := kubernetes.NewForConfig(rest)
|
||||
if err != nil {
|
||||
log.Warn().Msgf("Access %s", err)
|
||||
return false
|
||||
}
|
||||
|
||||
response, err := auth.AuthorizationV1().SelfSubjectAccessReviews().Create(sar)
|
||||
if err != nil {
|
||||
log.Warn().Msgf("Access %s", err)
|
||||
return false
|
||||
}
|
||||
|
||||
return response.Status.Allowed
|
||||
}
|
||||
|
|
@ -2,9 +2,11 @@ package k8s
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/rs/zerolog"
|
||||
"github.com/rs/zerolog/log"
|
||||
authorizationv1 "k8s.io/api/authorization/v1"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/fields"
|
||||
|
|
@ -61,6 +63,7 @@ type (
|
|||
ServerVersion() (*version.Info, error)
|
||||
FetchNodes() (*v1.NodeList, error)
|
||||
CurrentNamespaceName() (string, error)
|
||||
CanIAccess(ns, name, resURL string, verbs []string) bool
|
||||
}
|
||||
|
||||
// APIClient represents a Kubernetes api client.
|
||||
|
|
@ -84,6 +87,35 @@ func InitConnectionOrDie(config *Config, logger zerolog.Logger) *APIClient {
|
|||
return &conn
|
||||
}
|
||||
|
||||
// CanIAccess checks if user has access to a certain resource.
|
||||
func (a *APIClient) CanIAccess(ns, name, resURL string, verbs []string) bool {
|
||||
_, gr := schema.ParseResourceArg(strings.ToLower(resURL))
|
||||
sar := &authorizationv1.SelfSubjectAccessReview{
|
||||
Spec: authorizationv1.SelfSubjectAccessReviewSpec{
|
||||
ResourceAttributes: &authorizationv1.ResourceAttributes{
|
||||
Namespace: ns,
|
||||
Group: gr.Group,
|
||||
Resource: gr.Resource,
|
||||
Subresource: "",
|
||||
Name: name,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
var resp *authorizationv1.SelfSubjectAccessReview
|
||||
var err error
|
||||
for _, v := range verbs {
|
||||
sar.Spec.ResourceAttributes.Verb = v
|
||||
resp, err = a.DialOrDie().AuthorizationV1().SelfSubjectAccessReviews().Create(sar)
|
||||
if err != nil {
|
||||
log.Warn().Err(err).Msgf("CanIAccess")
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
return resp.Status.Allowed
|
||||
}
|
||||
|
||||
// CurrentNamespaceName return namespace name set via either cli arg or cluster config.
|
||||
func (a *APIClient) CurrentNamespaceName() (string, error) {
|
||||
return a.config.CurrentNamespaceName()
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ func (n *Namespace) List(_ string) (Collection, error) {
|
|||
for i, r := range rr.Items {
|
||||
cc[i] = r
|
||||
}
|
||||
|
||||
return cc, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,6 +24,21 @@ func NewMockClusterMeta() *MockClusterMeta {
|
|||
return &MockClusterMeta{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockClusterMeta) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockClusterMeta().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockClusterMeta) ClusterName() string {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockClusterMeta().")
|
||||
|
|
@ -405,6 +420,45 @@ type VerifierClusterMeta struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierClusterMeta) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *ClusterMeta_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &ClusterMeta_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type ClusterMeta_CanIAccess_OngoingVerification struct {
|
||||
mock *MockClusterMeta
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *ClusterMeta_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *ClusterMeta_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierClusterMeta) ClusterName() *ClusterMeta_ClusterName_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "ClusterName", params, verifier.timeout)
|
||||
|
|
|
|||
|
|
@ -24,6 +24,21 @@ func NewMockConnection() *MockConnection {
|
|||
return &MockConnection{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) Config() *k8s.Config {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -322,6 +337,45 @@ type VerifierConnection struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *Connection_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &Connection_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_CanIAccess_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) Config() *Connection_Config_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "Config", params, verifier.timeout)
|
||||
|
|
|
|||
|
|
@ -62,6 +62,21 @@ func (r *Namespace) Marshal(path string) (string, error) {
|
|||
return r.marshalObject(nss)
|
||||
}
|
||||
|
||||
// // List resources for a given namespace.
|
||||
// func (r *Namespace) List(ns string) (Columnars, error) {
|
||||
// r.Resource.
|
||||
// nss, err := r.Resource.List(ns)
|
||||
// if err != nil {
|
||||
// return nil, err
|
||||
// }
|
||||
// cc := make(Columnars, 0, len(nss))
|
||||
// for i := range nss {
|
||||
// cc = append(cc, r.New(&nss[i]).(*Namespace))
|
||||
// }
|
||||
|
||||
// return cc, nil
|
||||
// }
|
||||
|
||||
// Header returns resource header.
|
||||
func (*Namespace) Header(ns string) Row {
|
||||
return Row{"NAME", "STATUS", "AGE"}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,21 @@ func NewMockClusterMeta() *MockClusterMeta {
|
|||
return &MockClusterMeta{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockClusterMeta) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockClusterMeta().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockClusterMeta) ClusterName() string {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockClusterMeta().")
|
||||
|
|
@ -405,6 +420,45 @@ type VerifierClusterMeta struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierClusterMeta) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *ClusterMeta_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &ClusterMeta_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type ClusterMeta_CanIAccess_OngoingVerification struct {
|
||||
mock *MockClusterMeta
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *ClusterMeta_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *ClusterMeta_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierClusterMeta) ClusterName() *ClusterMeta_ClusterName_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "ClusterName", params, verifier.timeout)
|
||||
|
|
|
|||
|
|
@ -24,6 +24,21 @@ func NewMockConnection() *MockConnection {
|
|||
return &MockConnection{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) Config() *k8s.Config {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -39,6 +54,25 @@ func (mock *MockConnection) Config() *k8s.Config {
|
|||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) CurrentNamespaceName() (string, error) {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CurrentNamespaceName", params, []reflect.Type{reflect.TypeOf((*string)(nil)).Elem(), reflect.TypeOf((*error)(nil)).Elem()})
|
||||
var ret0 string
|
||||
var ret1 error
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(string)
|
||||
}
|
||||
if result[1] != nil {
|
||||
ret1 = result[1].(error)
|
||||
}
|
||||
}
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
func (mock *MockConnection) DialOrDie() kubernetes.Interface {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -152,6 +186,25 @@ func (mock *MockConnection) NSDialOrDie() dynamic.NamespaceableResourceInterface
|
|||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) NodePods(_param0 string) (*v1.PodList, error) {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("NodePods", params, []reflect.Type{reflect.TypeOf((**v1.PodList)(nil)).Elem(), reflect.TypeOf((*error)(nil)).Elem()})
|
||||
var ret0 *v1.PodList
|
||||
var ret1 error
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(*v1.PodList)
|
||||
}
|
||||
if result[1] != nil {
|
||||
ret1 = result[1].(error)
|
||||
}
|
||||
}
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
func (mock *MockConnection) RestConfigOrDie() *rest.Config {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -247,25 +300,6 @@ func (mock *MockConnection) ValidNamespaces() ([]v1.Namespace, error) {
|
|||
return ret0, ret1
|
||||
}
|
||||
|
||||
func (mock *MockConnection) ValidPods(_param0 string) ([]v1.Pod, error) {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("ValidPods", params, []reflect.Type{reflect.TypeOf((*[]v1.Pod)(nil)).Elem(), reflect.TypeOf((*error)(nil)).Elem()})
|
||||
var ret0 []v1.Pod
|
||||
var ret1 error
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].([]v1.Pod)
|
||||
}
|
||||
if result[1] != nil {
|
||||
ret1 = result[1].(error)
|
||||
}
|
||||
}
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
func (mock *MockConnection) VerifyWasCalledOnce() *VerifierConnection {
|
||||
return &VerifierConnection{
|
||||
mock: mock,
|
||||
|
|
@ -303,6 +337,45 @@ type VerifierConnection struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *Connection_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &Connection_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_CanIAccess_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) Config() *Connection_Config_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "Config", params, verifier.timeout)
|
||||
|
|
@ -320,6 +393,23 @@ func (c *Connection_Config_OngoingVerification) GetCapturedArguments() {
|
|||
func (c *Connection_Config_OngoingVerification) GetAllCapturedArguments() {
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) CurrentNamespaceName() *Connection_CurrentNamespaceName_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CurrentNamespaceName", params, verifier.timeout)
|
||||
return &Connection_CurrentNamespaceName_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_CurrentNamespaceName_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_CurrentNamespaceName_OngoingVerification) GetCapturedArguments() {
|
||||
}
|
||||
|
||||
func (c *Connection_CurrentNamespaceName_OngoingVerification) GetAllCapturedArguments() {
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) DialOrDie() *Connection_DialOrDie_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "DialOrDie", params, verifier.timeout)
|
||||
|
|
@ -449,6 +539,33 @@ func (c *Connection_NSDialOrDie_OngoingVerification) GetCapturedArguments() {
|
|||
func (c *Connection_NSDialOrDie_OngoingVerification) GetAllCapturedArguments() {
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) NodePods(_param0 string) *Connection_NodePods_OngoingVerification {
|
||||
params := []pegomock.Param{_param0}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "NodePods", params, verifier.timeout)
|
||||
return &Connection_NodePods_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_NodePods_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_NodePods_OngoingVerification) GetCapturedArguments() string {
|
||||
_param0 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_NodePods_OngoingVerification) GetAllCapturedArguments() (_param0 []string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) RestConfigOrDie() *Connection_RestConfigOrDie_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "RestConfigOrDie", params, verifier.timeout)
|
||||
|
|
@ -584,30 +701,3 @@ func (c *Connection_ValidNamespaces_OngoingVerification) GetCapturedArguments()
|
|||
|
||||
func (c *Connection_ValidNamespaces_OngoingVerification) GetAllCapturedArguments() {
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) ValidPods(_param0 string) *Connection_ValidPods_OngoingVerification {
|
||||
params := []pegomock.Param{_param0}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "ValidPods", params, verifier.timeout)
|
||||
return &Connection_ValidPods_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_ValidPods_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_ValidPods_OngoingVerification) GetCapturedArguments() string {
|
||||
_param0 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_ValidPods_OngoingVerification) GetAllCapturedArguments() (_param0 []string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,10 +5,8 @@ import (
|
|||
"regexp"
|
||||
|
||||
"github.com/derailed/k9s/internal/config"
|
||||
"github.com/derailed/k9s/internal/k8s"
|
||||
"github.com/derailed/k9s/internal/resource"
|
||||
"github.com/gdamore/tcell"
|
||||
"github.com/rs/zerolog/log"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
@ -79,7 +77,7 @@ func (*namespaceView) cleanser(s string) string {
|
|||
|
||||
func (v *namespaceView) decorate(data resource.TableData) resource.TableData {
|
||||
if _, ok := data.Rows[resource.AllNamespaces]; !ok {
|
||||
if k8s.CanIAccess(v.app.conn().Config(), log.Logger, "", "list", "namespaces", "namespace.v1") {
|
||||
if v.app.conn().CanIAccess("", "namespaces", "namespace.v1", []string{"list"}) {
|
||||
data.Rows[resource.AllNamespace] = &resource.RowEvent{
|
||||
Action: resource.Unchanged,
|
||||
Fields: resource.Row{resource.AllNamespace, "Active", "0"},
|
||||
|
|
@ -86,7 +86,7 @@ func (v *resourceView) init(ctx context.Context, ns string) {
|
|||
}
|
||||
v.getTV().setColorer(colorer)
|
||||
|
||||
v.nsListAccess = k8s.CanIAccess(v.app.conn().Config(), log.Logger, "", "list", "namespaces", "namespace.v1")
|
||||
v.nsListAccess = v.app.conn().CanIAccess("", "namespaces", "namespace.v1", []string{"list"})
|
||||
if v.nsListAccess {
|
||||
nn, err := k8s.NewNamespace(v.app.conn()).List(resource.AllNamespaces)
|
||||
if err != nil {
|
||||
|
|
@ -459,19 +459,17 @@ func namespaced(n string) (string, string) {
|
|||
|
||||
func (v *resourceView) refreshActions() {
|
||||
if v.list.Access(resource.NamespaceAccess) {
|
||||
if ns, err := v.app.conn().CurrentNamespaceName(); err != nil || ns == "" {
|
||||
v.namespaces = make(map[int]string, config.MaxFavoritesNS)
|
||||
v.actions[tcell.Key(numKeys[0])] = newKeyAction(resource.AllNamespace, v.switchNamespaceCmd, true)
|
||||
v.namespaces[0] = resource.AllNamespace
|
||||
index := 1
|
||||
for _, n := range v.app.config.FavNamespaces() {
|
||||
if n == resource.AllNamespace {
|
||||
continue
|
||||
}
|
||||
v.actions[tcell.Key(numKeys[index])] = newKeyAction(n, v.switchNamespaceCmd, true)
|
||||
v.namespaces[index] = n
|
||||
index++
|
||||
v.namespaces = make(map[int]string, config.MaxFavoritesNS)
|
||||
v.actions[tcell.Key(numKeys[0])] = newKeyAction(resource.AllNamespace, v.switchNamespaceCmd, true)
|
||||
v.namespaces[0] = resource.AllNamespace
|
||||
index := 1
|
||||
for _, n := range v.app.config.FavNamespaces() {
|
||||
if n == resource.AllNamespace {
|
||||
continue
|
||||
}
|
||||
v.actions[tcell.Key(numKeys[index])] = newKeyAction(n, v.switchNamespaceCmd, true)
|
||||
v.namespaces[index] = n
|
||||
index++
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type Meta struct {
|
|||
// NewMeta creates a new cluster resource informer
|
||||
func NewMeta(client k8s.Connection, ns string) *Meta {
|
||||
m := Meta{client: client, informers: map[string]StoreInformer{}}
|
||||
m.init(ns)
|
||||
m.init("")
|
||||
|
||||
return &m
|
||||
}
|
||||
|
|
@ -72,6 +72,18 @@ func (m *Meta) init(ns string) {
|
|||
}
|
||||
}
|
||||
|
||||
// CheckAccess checks if current user as enought RBAC fu to access watched resources.
|
||||
func (m *Meta) checkAccess(ns string) error {
|
||||
if !m.client.CanIAccess(ns, "nodes", "node.v1", []string{"list", "watch"}) {
|
||||
return fmt.Errorf("Not authorized to list/watch nodes")
|
||||
}
|
||||
if !m.client.CanIAccess(ns, "pods", "pod.v1", []string{"list", "watch"}) {
|
||||
return fmt.Errorf("Not authorized to list/watch pods in namespace %s", ns)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// List items from store.
|
||||
func (m *Meta) List(res, ns string, opts metav1.ListOptions) (k8s.Collection, error) {
|
||||
if m == nil {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,21 @@ func NewMockConnection() *MockConnection {
|
|||
return &MockConnection{fail: pegomock.GlobalFailHandler}
|
||||
}
|
||||
|
||||
func (mock *MockConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) bool {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
}
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
result := pegomock.GetGenericMockFrom(mock).Invoke("CanIAccess", params, []reflect.Type{reflect.TypeOf((*bool)(nil)).Elem()})
|
||||
var ret0 bool
|
||||
if len(result) != 0 {
|
||||
if result[0] != nil {
|
||||
ret0 = result[0].(bool)
|
||||
}
|
||||
}
|
||||
return ret0
|
||||
}
|
||||
|
||||
func (mock *MockConnection) Config() *k8s.Config {
|
||||
if mock == nil {
|
||||
panic("mock must not be nil. Use myMock := NewMockConnection().")
|
||||
|
|
@ -322,6 +337,45 @@ type VerifierConnection struct {
|
|||
timeout time.Duration
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) CanIAccess(_param0 string, _param1 string, _param2 string, _param3 []string) *Connection_CanIAccess_OngoingVerification {
|
||||
params := []pegomock.Param{_param0, _param1, _param2, _param3}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "CanIAccess", params, verifier.timeout)
|
||||
return &Connection_CanIAccess_OngoingVerification{mock: verifier.mock, methodInvocations: methodInvocations}
|
||||
}
|
||||
|
||||
type Connection_CanIAccess_OngoingVerification struct {
|
||||
mock *MockConnection
|
||||
methodInvocations []pegomock.MethodInvocation
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetCapturedArguments() (string, string, string, []string) {
|
||||
_param0, _param1, _param2, _param3 := c.GetAllCapturedArguments()
|
||||
return _param0[len(_param0)-1], _param1[len(_param1)-1], _param2[len(_param2)-1], _param3[len(_param3)-1]
|
||||
}
|
||||
|
||||
func (c *Connection_CanIAccess_OngoingVerification) GetAllCapturedArguments() (_param0 []string, _param1 []string, _param2 []string, _param3 [][]string) {
|
||||
params := pegomock.GetGenericMockFrom(c.mock).GetInvocationParams(c.methodInvocations)
|
||||
if len(params) > 0 {
|
||||
_param0 = make([]string, len(params[0]))
|
||||
for u, param := range params[0] {
|
||||
_param0[u] = param.(string)
|
||||
}
|
||||
_param1 = make([]string, len(params[1]))
|
||||
for u, param := range params[1] {
|
||||
_param1[u] = param.(string)
|
||||
}
|
||||
_param2 = make([]string, len(params[2]))
|
||||
for u, param := range params[2] {
|
||||
_param2[u] = param.(string)
|
||||
}
|
||||
_param3 = make([][]string, len(params[3]))
|
||||
for u, param := range params[3] {
|
||||
_param3[u] = param.([]string)
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (verifier *VerifierConnection) Config() *Connection_Config_OngoingVerification {
|
||||
params := []pegomock.Param{}
|
||||
methodInvocations := pegomock.GetGenericMockFrom(verifier.mock).Verify(verifier.inOrderContext, verifier.invocationCountMatcher, "Config", params, verifier.timeout)
|
||||
|
|
|
|||
Loading…
Reference in New Issue