@@ -112,8 +112,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalAddUpdate(w http.ResponseWriter,
112
112
113
113
//RBAC START
114
114
token := r .Header .Get ("token" )
115
- object := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
116
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate )
115
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
116
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate , appType )
117
117
if ! ok {
118
118
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
119
119
return
@@ -148,8 +148,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentAddUpdate(w http.ResponseWr
148
148
149
149
//RBAC START
150
150
token := r .Header .Get ("token" )
151
- object := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
152
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate )
151
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
152
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate , appType )
153
153
if ! ok {
154
154
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
155
155
return
@@ -189,8 +189,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalFetch(w http.ResponseWriter, r *
189
189
190
190
//RBAC START
191
191
token := r .Header .Get ("token" )
192
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
193
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
192
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
193
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
194
194
if ! ok {
195
195
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
196
196
return
@@ -226,8 +226,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalFetchForEdit(w http.ResponseWrit
226
226
return
227
227
}
228
228
token := r .Header .Get ("token" )
229
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
230
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
229
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
230
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
231
231
if ! ok {
232
232
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
233
233
return
@@ -269,8 +269,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetchForEdit(w http.Respons
269
269
return
270
270
}
271
271
token := r .Header .Get ("token" )
272
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
273
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
272
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
273
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
274
274
if ! ok {
275
275
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
276
276
return
@@ -316,8 +316,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetch(w http.ResponseWriter
316
316
317
317
//RBAC START
318
318
token := r .Header .Get ("token" )
319
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
320
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
319
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
320
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
321
321
if ! ok {
322
322
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
323
323
return
@@ -353,8 +353,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalAddUpdate(w http.ResponseWriter,
353
353
354
354
//RBAC START
355
355
token := r .Header .Get ("token" )
356
- object := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
357
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate )
356
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
357
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate , appType )
358
358
if ! ok {
359
359
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
360
360
return
@@ -390,8 +390,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentAddUpdate(w http.ResponseWr
390
390
391
391
//RBAC START
392
392
token := r .Header .Get ("token" )
393
- object := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
394
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate )
393
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (configMapRequest .AppId )
394
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionCreate , appType )
395
395
if ! ok {
396
396
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
397
397
return
@@ -431,8 +431,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalFetch(w http.ResponseWriter, r *
431
431
432
432
//RBAC START
433
433
token := r .Header .Get ("token" )
434
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
435
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
434
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
435
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
436
436
if ! ok {
437
437
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
438
438
return
@@ -470,8 +470,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentFetch(w http.ResponseWriter
470
470
471
471
//RBAC START
472
472
token := r .Header .Get ("token" )
473
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
474
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet )
473
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
474
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionGet , appType )
475
475
if ! ok {
476
476
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
477
477
return
@@ -511,8 +511,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalDelete(w http.ResponseWriter, r
511
511
512
512
//RBAC START
513
513
token := r .Header .Get ("token" )
514
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
515
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete )
514
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
515
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete , appType )
516
516
if ! ok {
517
517
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
518
518
return
@@ -558,8 +558,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentDelete(w http.ResponseWrite
558
558
559
559
//RBAC START
560
560
token := r .Header .Get ("token" )
561
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
562
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete )
561
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
562
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete , appType )
563
563
if ! ok {
564
564
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
565
565
return
@@ -607,8 +607,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalDelete(w http.ResponseWriter, r
607
607
608
608
//RBAC START
609
609
token := r .Header .Get ("token" )
610
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
611
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete )
610
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
611
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete , appType )
612
612
if ! ok {
613
613
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
614
614
return
@@ -654,8 +654,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentDelete(w http.ResponseWrite
654
654
655
655
//RBAC START
656
656
token := r .Header .Get ("token" )
657
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
658
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete )
657
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
658
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionDelete , appType )
659
659
if ! ok {
660
660
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
661
661
return
@@ -703,8 +703,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalFetchForEdit(w http.ResponseWrit
703
703
704
704
//RBAC START
705
705
token := r .Header .Get ("token" )
706
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
707
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionUpdate )
706
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
707
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionUpdate , appType )
708
708
if ! ok {
709
709
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
710
710
return
@@ -750,8 +750,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentFetchForEdit(w http.Respons
750
750
751
751
//RBAC START
752
752
token := r .Header .Get ("token" )
753
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
754
- ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionUpdate )
753
+ object , appType := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
754
+ ok := handler .enforcerUtil .CheckAppRbacForAppOrJob (token , object , casbin .ActionUpdate , appType )
755
755
if ! ok {
756
756
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), nil , http .StatusForbidden )
757
757
return
@@ -905,7 +905,7 @@ func (handler ConfigMapRestHandlerImpl) GetEnvironmentsForJob(w http.ResponseWri
905
905
}
906
906
//AUTH - check from casbin db
907
907
token := r .Header .Get ("token" )
908
- object := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
908
+ object , _ := handler .enforcerUtil .GetAppRBACNameByAppId (appId )
909
909
if ok := handler .enforcer .Enforce (token , casbin .ResourceJobs , casbin .ActionGet , object ); ! ok {
910
910
common .WriteJsonResp (w , fmt .Errorf ("unauthorized user" ), "Unauthorized User" , http .StatusForbidden )
911
911
return
0 commit comments