feat(user_controller): create user -> sync three roles #3555
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🤖 Generated by Copilot at 62c5f74
Summary
🆕📦🔒
This pull request adds role-based access control for users in the sealos system by defining three user roles (
Owner
,Manager
, andDeveloper
) and updating the user controller and its dependencies accordingly. It also fixes some minor formatting and naming issues in the code.Walkthrough
UserRoleType
and three constants for different user roles (Owner
,Manager
, andDeveloper
) inuser_types.go
(link)userv1
package and use theUserRoleType
type inrbac.go
(link)GetUserRole
function inrbac.go
to return different policy rules based on the role type (link)syncRole
function inuser_controller.go
to create three roles for each user instead of one role with the same name as the user (link)createRole
and pass the role type as a parameter inuser_controller.go
(link)GetUserRole
function with the role type parameter to get the appropriate policy rules for each role inuser_controller.go
(link)OwnerRoleType
constant instead of the user name for the role reference in the role binding inuser_controller.go
(link)string
function to convert theUserRoleType
value to a string for the role name inuser_controller.go
(link)dev
tolatest
inkustomization.yaml
(link)k8s.io/api/rbac/v1
package fromv12
torbacv1
inuser_controller.go
(link, link, link)Watches
method calls and thesyncRoleBinding
function to use therbacv1
alias instead of thev12
alias for theRole
,RoleBinding
, andClusterRoleBinding
types inuser_controller.go
(link, link)golang.org/x/exp
package to thego.mod
file (link)github.com/vbauerster/mpb/v7
andgopkg.in/warnings.v0
packages to thego.sum
file (link, link)kustomization.yaml
file (link)syncRole
function inuser_controller.go
(link)