Skip to content

Commit 69ebc4f

Browse files
prkhrkatprkhrkat
committed
constants added
1 parent ff2b571 commit 69ebc4f

File tree

2 files changed

+14
-8
lines changed

2 files changed

+14
-8
lines changed

api/restHandler/ImageScanRestHandler.go

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,12 @@ import (
3434
"go.uber.org/zap"
3535
)
3636

37+
const (
38+
ObjectTypeApp = "app"
39+
ObjectTypeChart = "chart"
40+
ObjectTypePod = "pod"
41+
)
42+
3743
type ImageScanRestHandler interface {
3844
ScanExecutionList(w http.ResponseWriter, r *http.Request)
3945
FetchExecutionDetail(w http.ResponseWriter, r *http.Request)
@@ -100,7 +106,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
100106

101107
IdToAppEnvPairs := make(map[int][2]int)
102108
for _, item := range deployInfoList {
103-
if item.ScanObjectMetaId > 0 && (item.ObjectType == "app" || item.ObjectType == "chart") {
109+
if item.ScanObjectMetaId > 0 && (item.ObjectType == ObjectTypeApp || item.ObjectType == ObjectTypeChart) {
104110
IdToAppEnvPairs[item.Id] = [2]int{item.ScanObjectMetaId, item.EnvId}
105111
}
106112
}
@@ -112,7 +118,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
112118
}
113119

114120
for _, item := range deployInfoList {
115-
if item.ScanObjectMetaId > 0 && (item.ObjectType == "app" || item.ObjectType == "chart") {
121+
if item.ScanObjectMetaId > 0 && (item.ObjectType == ObjectTypeApp || item.ObjectType == ObjectTypeChart) {
116122
appObject := appObjects[item.Id]
117123
envObject := envObjects[item.Id]
118124
if appObject != "" {
@@ -121,7 +127,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
121127
if envObject != "" {
122128
envRBACObjects = append(envRBACObjects, envObject)
123129
}
124-
} else if item.ScanObjectMetaId > 0 && (item.ObjectType == "pod") {
130+
} else if item.ScanObjectMetaId > 0 && (item.ObjectType == ObjectTypePod) {
125131
environments, err := impl.environmentService.GetByClusterId(item.ClusterId)
126132
if err != nil {
127133
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
@@ -140,7 +146,7 @@ func (impl ImageScanRestHandlerImpl) ScanExecutionList(w http.ResponseWriter, r
140146
podResults := impl.enforcer.EnforceInBatch(token, casbin.ResourceGlobalEnvironment, casbin.ActionGet, podRBACObjects)
141147

142148
for _, item := range deployInfoList {
143-
if impl.enforcerUtil.IsAuthorizedForApp(item.ScanObjectMetaId, appResults, appIdtoApp) && impl.enforcerUtil.IsAuthorizedForEnv(item.ScanObjectMetaId, item.EnvId, envResults, appIdtoApp, envIdToEnv) {
149+
if impl.enforcerUtil.IsAuthorizedForAppInAppResults(item.ScanObjectMetaId, appResults, appIdtoApp) && impl.enforcerUtil.IsAuthorizedForEnvInEnvResults(item.ScanObjectMetaId, item.EnvId, envResults, appIdtoApp, envIdToEnv) {
144150
ids = append(ids, item.Id)
145151
}
146152
}

util/rbac/EnforcerUtil.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -38,8 +38,8 @@ import (
3838

3939
type EnforcerUtil interface {
4040
GetAppAndEnvRBACNamesByAppAndEnvIds(IdToAppEnvPairs map[int][2]int) (map[int]string, map[int]string, map[int]*app.App, map[int]*repository.Environment, error)
41-
IsAuthorizedForApp(appId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App) bool
42-
IsAuthorizedForEnv(appId int, envId int, appResults map[string]bool, appIdtoApp map[int]*app.App, envIdToEnv map[int]*repository.Environment) bool
41+
IsAuthorizedForAppInAppResults(appId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App) bool
42+
IsAuthorizedForEnvInEnvResults(appId int, envId int, appResults map[string]bool, appIdtoApp map[int]*app.App, envIdToEnv map[int]*repository.Environment) bool
4343
GetAppRBACName(appName string) string
4444
GetRbacObjectsForAllApps(appType helper.AppType) map[int]string
4545
GetRbacObjectsForAllAppsWithTeamID(teamID int, appType helper.AppType) map[int]string
@@ -114,7 +114,7 @@ func NewEnforcerUtilImpl(logger *zap.SugaredLogger, teamRepository team.TeamRepo
114114
}
115115
}
116116

117-
func (impl EnforcerUtilImpl) IsAuthorizedForApp(appId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App) bool {
117+
func (impl EnforcerUtilImpl) IsAuthorizedForAppInAppResults(appId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App) bool {
118118
app, appExists := appIdtoApp[appId]
119119
if !appExists {
120120
return false
@@ -127,7 +127,7 @@ func (impl EnforcerUtilImpl) IsAuthorizedForApp(appId int, rbacResults map[strin
127127
return false
128128
}
129129

130-
func (impl EnforcerUtilImpl) IsAuthorizedForEnv(appId int, envId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App, envIdToEnv map[int]*repository.Environment) bool {
130+
func (impl EnforcerUtilImpl) IsAuthorizedForEnvInEnvResults(appId int, envId int, rbacResults map[string]bool, appIdtoApp map[int]*app.App, envIdToEnv map[int]*repository.Environment) bool {
131131
app, appExists := appIdtoApp[appId]
132132
if !appExists {
133133
return false

0 commit comments

Comments
 (0)