Skip to content

Commit

Permalink
Passing namespace in the SelfSubjectAccessReviews function (#17)
Browse files Browse the repository at this point in the history
  • Loading branch information
@SarthakJain26
SarthakJain26 authored Jul 27, 2022
1 parent afe2780 commit f0a101e
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 8 deletions.
4 changes: 2 additions & 2 deletions pkg/agent/ops.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -276,7 +276,7 @@ AGENT_NAME:
return newAgent, nil
}

func ValidateSAPermissions(mode string, kubeconfig *string) {
func ValidateSAPermissions(namespace string, mode string, kubeconfig *string) {
var (
pems [2]bool
err error
Expand All @@ -290,7 +290,7 @@ func ValidateSAPermissions(mode string, kubeconfig *string) {
}

for i, resource := range resources {
pems[i], err = k8s.CheckSAPermissions(k8s.CheckSAPermissionsParams{Verb: "create", Resource: resource, Print: true}, kubeconfig)
pems[i], err = k8s.CheckSAPermissions(k8s.CheckSAPermissionsParams{Verb: "create", Resource: resource, Print: true, Namespace: namespace}, kubeconfig)
if err != nil {
utils.Red.Println(err)
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/cmd/connect/agent.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ var agentCmd = &cobra.Command{

// Check if user has sufficient permissions based on mode
utils.White_B.Print("\n🏃 Running prerequisites check....")
agent.ValidateSAPermissions(newAgent.Mode, &kubeconfig)
agent.ValidateSAPermissions(newAgent.Namespace, newAgent.Mode, &kubeconfig)

agents, err := apis.GetAgentList(credentials, newAgent.ProjectId)
utils.PrintError(err)
Expand Down Expand Up @@ -214,7 +214,7 @@ var agentCmd = &cobra.Command{

// Check if user has sufficient permissions based on mode
utils.White_B.Print("\n🏃 Running prerequisites check....")
agent.ValidateSAPermissions(modeType, &kubeconfig)
agent.ValidateSAPermissions(newAgent.Namespace, modeType, &kubeconfig)
newAgent, err = agent.GetAgentDetails(modeType, newAgent.ProjectId, credentials, &kubeconfig)
utils.PrintError(err)

Expand Down
10 changes: 6 additions & 4 deletions pkg/k8s/operations.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,16 +70,18 @@ func NsExists(namespace string, kubeconfig *string) (bool, error) {
}

type CheckSAPermissionsParams struct {
Verb string
Resource string
Print bool
Verb string
Resource string
Print bool
Namespace string
}

func CheckSAPermissions(params CheckSAPermissionsParams, kubeconfig *string) (bool, error) {

var o CanIOptions
o.Verb = params.Verb
o.Resource.Resource = params.Resource
o.Namespace = params.Namespace
client, err := ClientSet(kubeconfig)
if err != nil {
return false, err
Expand Down Expand Up @@ -176,7 +178,7 @@ start:
utils.White_B.Println("👍 Continuing with", namespace, "namespace")
}
} else {
if val, _ := CheckSAPermissions(CheckSAPermissionsParams{"create", "namespace", false}, kubeconfig); !val {
if val, _ := CheckSAPermissions(CheckSAPermissionsParams{"create", "namespace", false, namespace}, kubeconfig); !val {
utils.Red.Println("🚫 You don't have permissions to create a namespace.\n Please enter an existing namespace.")
goto start
}
Expand Down

0 comments on commit f0a101e

Please sign in to comment.