rbac ignore for superadmin and server version call commented (#5415)

kripanshdevtron · web-flow · commit bd3beb8a0fbd · 2024-07-05T15:44:36.000+05:30
diff --git a/api/k8s/application/k8sApplicationRestHandler.go b/api/k8s/application/k8sApplicationRestHandler.go
@@ -964,7 +964,15 @@ func (handler *K8sApplicationRestHandlerImpl) GetResourceList(w http.ResponseWri
 		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
 		return
 	}
-	response, err := handler.k8sApplicationService.GetResourceList(r.Context(), token, &request, handler.verifyRbacForCluster)
+	isSuperAdmin := false
+	if ok := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*"); ok {
+		isSuperAdmin = true
+	}
+	clusterRbacFunc := handler.verifyRbacForCluster
+	if isSuperAdmin {
+		clusterRbacFunc = nil
+	}
+	response, err := handler.k8sApplicationService.GetResourceList(r.Context(), token, &request, clusterRbacFunc)
 	if err != nil {
 		handler.logger.Errorw("error in getting resource list", "err", err)
 		if statusErr, ok := err.(*errors3.StatusError); ok && statusErr.Status().Code == 404 {
diff --git a/pkg/k8s/application/k8sApplicationService.go b/pkg/k8s/application/k8sApplicationService.go
@@ -674,6 +674,9 @@ func (impl *K8sApplicationServiceImpl) GetResourceList(ctx context.Context, toke
 		return resourceList, err
 	}
 	checkForResourceCallback := func(namespace, group, kind, resourceName string) bool {
+		if validateResourceAccess == nil { // if resource validate rbac func is nil then allow
+			return true
+		}
 		resourceIdentifier := resourceIdentifierCloned
 		resourceIdentifier.Name = resourceName
 		resourceIdentifier.Namespace = namespace
@@ -688,13 +691,15 @@ func (impl *K8sApplicationServiceImpl) GetResourceList(ctx context.Context, toke
 		impl.logger.Errorw("error on parsing for k8s resource", "err", err)
 		return resourceList, err
 	}
-	k8sServerVersion, err := impl.k8sCommonService.GetK8sServerVersion(clusterId)
-	if err != nil {
-		impl.logger.Errorw("error in getting k8s server version", "clusterId", clusterId, "err", err)
-		// return nil, err
-	} else {
-		resourceList.ServerVersion = k8sServerVersion.String()
-	}
+	// Not used in FE side
+
+	//k8sServerVersion, err := impl.k8sCommonService.GetK8sServerVersion(clusterId)
+	//if err != nil {
+	//	impl.logger.Errorw("error in getting k8s server version", "clusterId", clusterId, "err", err)
+	//	// return nil, err
+	//} else {
+	//	resourceList.ServerVersion = k8sServerVersion.String()
+	//}
 	return resourceList, nil
 }
 
