forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
/
project_store.go
59 lines (46 loc) · 1.43 KB
/
project_store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package project
import (
"encoding/json"
"github.com/rancher/norman/types"
"github.com/rancher/norman/types/values"
"github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/config"
"k8s.io/apimachinery/pkg/labels"
)
const roleTemplatesRequired = "authz.management.cattle.io/creator-role-bindings"
type projectStore struct {
types.Store
roleTemplateLister v3.RoleTemplateLister
}
func SetProjectStore(schema *types.Schema, mgmt *config.ScaledContext) {
store := &projectStore{
Store: schema.Store,
roleTemplateLister: mgmt.Management.RoleTemplates("").Controller().Lister(),
}
schema.Store = store
}
func (s *projectStore) Create(apiContext *types.APIContext, schema *types.Schema, data map[string]interface{}) (map[string]interface{}, error) {
annotation, err := s.createProjectAnnotation()
if err != nil {
return nil, err
}
values.PutValue(data, annotation, "annotations", roleTemplatesRequired)
return s.Store.Create(apiContext, schema, data)
}
func (s *projectStore) createProjectAnnotation() (string, error) {
rt, err := s.roleTemplateLister.List("", labels.NewSelector())
if err != nil {
return "", err
}
annoMap := make(map[string][]string)
for _, role := range rt {
if role.ProjectCreatorDefault && !role.Locked {
annoMap["required"] = append(annoMap["required"], role.Name)
}
}
d, err := json.Marshal(annoMap)
if err != nil {
return "", err
}
return string(d), nil
}