Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-24 15:59:41 +02:00
Code Issues Releases Activity

feat(k8s): Introduce the ability to restrict access to default namespace (EE-745) (#5337)

Browse source
This commit is contained in:
dbuduev 2021-07-23 17:10:46 +12:00 committed by GitHub
parent c26af1449c
commit 7d6b1edd48
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 56 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

6
api/http/proxy/factory/kubernetes/transport.go
View file

@ -87,7 +87,7 @@ func (transport *baseTransport) executeKubernetesRequest(request *http.Request)
// #region ROUND TRIP
func (transport *baseTransport) prepareRoundTrip(request *http.Request) (string, error) {
token, err := getRoundTripToken(request, transport.tokenManager)
token, err := transport.getRoundTripToken(request, transport.tokenManager)
if err != nil {
return "", err
}
@ -102,7 +102,7 @@ func (transport *baseTransport) RoundTrip(request *http.Request) (*http.Response
return transport.proxyKubernetesRequest(request)
}
func getRoundTripToken(request *http.Request, tokenManager *tokenManager) (string, error) {
func (transport *baseTransport) getRoundTripToken(request *http.Request, tokenManager *tokenManager) (string, error) {
tokenData, err := security.RetrieveTokenData(request)
if err != nil {
return "", err
@ -112,7 +112,7 @@ func getRoundTripToken(request *http.Request, tokenManager *tokenManager) (strin
if tokenData.Role == portainer.AdministratorRole {
token = tokenManager.getAdminServiceAccountToken()
} else {
token, err = tokenManager.getUserServiceAccountToken(int(tokenData.ID))
token, err = tokenManager.getUserServiceAccountToken(int(tokenData.ID), transport.endpoint.ID)
if err != nil {
log.Printf("Failed retrieving service account token: %v", err)
return "", err