From 205406c5a5e8e803732e1f8133727e48297a92b7 Mon Sep 17 00:00:00 2001 From: leonarliu Date: Mon, 27 Dec 2021 17:08:27 +0800 Subject: [PATCH] fix(platform): block in tke-xx controller --- pkg/auth/registry/localgroup/storage/storage.go | 5 ----- pkg/auth/registry/localidentity/storage/storage.go | 4 ---- pkg/auth/registry/policy/storage/storage.go | 5 ----- pkg/auth/registry/projectpolicybinding/storage/storage.go | 5 ----- pkg/auth/registry/role/storage/storage.go | 5 ----- pkg/business/registry/chartgroup/storage/storage.go | 4 ---- pkg/business/registry/emigration/storage/storage.go | 4 ---- pkg/business/registry/imagenamespace/storage/storage.go | 4 ---- pkg/business/registry/namespace/storage/storage.go | 3 --- pkg/business/registry/platform/storage/storage.go | 5 ----- pkg/business/registry/project/storage/storage.go | 4 ---- pkg/logagent/registry/logagent/storage/storage.go | 5 ----- pkg/mesh/registry/meshmanager/storage/storage.go | 5 ----- pkg/monitor/registry/prometheus/storage/storage.go | 5 ----- pkg/notify/registry/channel/storage/storage.go | 4 ---- pkg/notify/registry/message/storage/storage.go | 5 ----- pkg/notify/registry/messagerequest/storage/storage.go | 5 ----- pkg/notify/registry/receiver/storage/storage.go | 5 ----- pkg/notify/registry/receivergroup/storage/storage.go | 5 ----- pkg/notify/registry/template/storage/storage.go | 5 ----- pkg/platform/registry/cluster/storage/storage.go | 4 ---- pkg/platform/registry/clustercredential/storage/storage.go | 5 ----- pkg/platform/registry/cronhpa/storage/storage.go | 5 ----- pkg/platform/registry/csioperator/storage/storage.go | 6 ------ pkg/platform/registry/machine/storage/storage.go | 4 ---- pkg/platform/registry/persistentevent/storage/storage.go | 5 ----- pkg/platform/registry/registry/storage/storage.go | 5 ----- pkg/platform/registry/tappcontroller/storage/storage.go | 5 ----- pkg/registry/registry/chart/storage/storage.go | 4 ---- pkg/registry/registry/chartgroup/storage/storage.go | 5 ----- pkg/registry/registry/namespace/storage/storage.go | 4 ---- pkg/registry/registry/repository/storage/storage.go | 5 ----- 32 files changed, 149 deletions(-) diff --git a/pkg/auth/registry/localgroup/storage/storage.go b/pkg/auth/registry/localgroup/storage/storage.go index af694ebf2..887c76fb1 100644 --- a/pkg/auth/registry/localgroup/storage/storage.go +++ b/pkg/auth/registry/localgroup/storage/storage.go @@ -38,7 +38,6 @@ import ( "k8s.io/apiserver/pkg/storage" storageerr "k8s.io/apiserver/pkg/storage/errors" "k8s.io/apiserver/pkg/util/dryrun" - "tkestack.io/tke/pkg/apiserver/authentication" "tkestack.io/tke/api/auth" apiserverutil "tkestack.io/tke/pkg/apiserver/util" @@ -191,10 +190,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(auth.Resource("groups"), "delete collection") - } - if listOptions == nil { listOptions = &metainternal.ListOptions{} } else { diff --git a/pkg/auth/registry/localidentity/storage/storage.go b/pkg/auth/registry/localidentity/storage/storage.go index 40744b913..4087bbe59 100644 --- a/pkg/auth/registry/localidentity/storage/storage.go +++ b/pkg/auth/registry/localidentity/storage/storage.go @@ -209,10 +209,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(auth.Resource("localIdentities"), "delete collection") - } - if listOptions == nil { listOptions = &metainternal.ListOptions{} } else { diff --git a/pkg/auth/registry/policy/storage/storage.go b/pkg/auth/registry/policy/storage/storage.go index 6bd034655..2b0deb6ab 100644 --- a/pkg/auth/registry/policy/storage/storage.go +++ b/pkg/auth/registry/policy/storage/storage.go @@ -37,7 +37,6 @@ import ( "k8s.io/apiserver/pkg/storage" storageerr "k8s.io/apiserver/pkg/storage/errors" "k8s.io/apiserver/pkg/util/dryrun" - "tkestack.io/tke/pkg/apiserver/authentication" "tkestack.io/tke/api/auth" authinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/auth/internalversion" @@ -174,10 +173,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(auth.Resource("policies"), "delete collection") - } - if listOptions == nil { listOptions = &metainternal.ListOptions{} } else { diff --git a/pkg/auth/registry/projectpolicybinding/storage/storage.go b/pkg/auth/registry/projectpolicybinding/storage/storage.go index 7582b881c..981a9e4d9 100644 --- a/pkg/auth/registry/projectpolicybinding/storage/storage.go +++ b/pkg/auth/registry/projectpolicybinding/storage/storage.go @@ -39,7 +39,6 @@ import ( "tkestack.io/tke/api/auth" authinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/auth/internalversion" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/auth/registry/projectpolicybinding" "tkestack.io/tke/pkg/auth/util" @@ -142,10 +141,6 @@ func (r *REST) ShortNames() []string { // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(auth.Resource("ProjectPolicyBindings"), "delete collection") - } - if listOptions == nil { listOptions = &metainternal.ListOptions{} } else { diff --git a/pkg/auth/registry/role/storage/storage.go b/pkg/auth/registry/role/storage/storage.go index 8db86d9a3..678b27d9d 100644 --- a/pkg/auth/registry/role/storage/storage.go +++ b/pkg/auth/registry/role/storage/storage.go @@ -38,7 +38,6 @@ import ( "k8s.io/apiserver/pkg/storage" storageerr "k8s.io/apiserver/pkg/storage/errors" "k8s.io/apiserver/pkg/util/dryrun" - "tkestack.io/tke/pkg/apiserver/authentication" "tkestack.io/tke/api/auth" apiserverutil "tkestack.io/tke/pkg/apiserver/util" @@ -170,10 +169,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(auth.Resource("roles"), "delete collection") - } - if listOptions == nil { listOptions = &metainternal.ListOptions{} } else { diff --git a/pkg/business/registry/chartgroup/storage/storage.go b/pkg/business/registry/chartgroup/storage/storage.go index 3097f0c68..ae0df9bd7 100644 --- a/pkg/business/registry/chartgroup/storage/storage.go +++ b/pkg/business/registry/chartgroup/storage/storage.go @@ -35,7 +35,6 @@ import ( "tkestack.io/tke/api/business" businessinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/business/internalversion" registryversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/registry/v1" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/business/registry/chartgroup" "tkestack.io/tke/pkg/business/util" @@ -117,9 +116,6 @@ func (r *REST) ShortNames() []string { // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(business.Resource("chartgroups"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/business/registry/emigration/storage/storage.go b/pkg/business/registry/emigration/storage/storage.go index 941344dcc..c3ba3555c 100644 --- a/pkg/business/registry/emigration/storage/storage.go +++ b/pkg/business/registry/emigration/storage/storage.go @@ -32,7 +32,6 @@ import ( "tkestack.io/tke/api/business" businessinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/business/internalversion" platformversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/platform/v1" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/business/registry/emigration" "tkestack.io/tke/pkg/business/util" @@ -113,9 +112,6 @@ func (r *REST) ShortNames() []string { // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(business.Resource("nsemigrations"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/business/registry/imagenamespace/storage/storage.go b/pkg/business/registry/imagenamespace/storage/storage.go index d0e41f2d2..74b5a941d 100644 --- a/pkg/business/registry/imagenamespace/storage/storage.go +++ b/pkg/business/registry/imagenamespace/storage/storage.go @@ -35,7 +35,6 @@ import ( "tkestack.io/tke/api/business" businessinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/business/internalversion" registryversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/registry/v1" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/business/registry/imagenamespace" "tkestack.io/tke/pkg/business/util" @@ -119,9 +118,6 @@ func (r *REST) ShortNames() []string { // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(business.Resource("imagenamespaces"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/business/registry/namespace/storage/storage.go b/pkg/business/registry/namespace/storage/storage.go index 06017404d..ade221c5c 100644 --- a/pkg/business/registry/namespace/storage/storage.go +++ b/pkg/business/registry/namespace/storage/storage.go @@ -144,9 +144,6 @@ func (r *REST) ShortNames() []string { // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(business.Resource("namespaces"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/business/registry/platform/storage/storage.go b/pkg/business/registry/platform/storage/storage.go index 7bab9122c..057e0ce21 100644 --- a/pkg/business/registry/platform/storage/storage.go +++ b/pkg/business/registry/platform/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/business" businessinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/business/internalversion" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" platformstrategy "tkestack.io/tke/pkg/business/registry/platform" "tkestack.io/tke/pkg/business/util" @@ -108,9 +106,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(business.Resource("platforms"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/business/registry/project/storage/storage.go b/pkg/business/registry/project/storage/storage.go index 16bd31713..3f4d2e0a2 100644 --- a/pkg/business/registry/project/storage/storage.go +++ b/pkg/business/registry/project/storage/storage.go @@ -37,7 +37,6 @@ import ( authversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/auth/v1" platformversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/platform/v1" "tkestack.io/tke/cmd/tke-business-api/app/options" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" projectstrategy "tkestack.io/tke/pkg/business/registry/project" "tkestack.io/tke/pkg/business/util" @@ -134,9 +133,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(business.Resource("projects"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/logagent/registry/logagent/storage/storage.go b/pkg/logagent/registry/logagent/storage/storage.go index 840faf4bf..ca94fd228 100644 --- a/pkg/logagent/registry/logagent/storage/storage.go +++ b/pkg/logagent/registry/logagent/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" platformversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/platform/v1" "tkestack.io/tke/api/logagent" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" registrylogagent "tkestack.io/tke/pkg/logagent/registry/logagent" "tkestack.io/tke/pkg/logagent/util" @@ -154,9 +152,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(logagent.Resource("logagents"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/mesh/registry/meshmanager/storage/storage.go b/pkg/mesh/registry/meshmanager/storage/storage.go index ac61492d8..36bce7548 100644 --- a/pkg/mesh/registry/meshmanager/storage/storage.go +++ b/pkg/mesh/registry/meshmanager/storage/storage.go @@ -22,7 +22,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/mesh" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" meshmanagerstrategy "tkestack.io/tke/pkg/mesh/registry/meshmanager" "tkestack.io/tke/pkg/mesh/util" @@ -137,9 +135,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(mesh.Resource("meshmanagers"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/monitor/registry/prometheus/storage/storage.go b/pkg/monitor/registry/prometheus/storage/storage.go index 1801e21c4..f4985040b 100644 --- a/pkg/monitor/registry/prometheus/storage/storage.go +++ b/pkg/monitor/registry/prometheus/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/monitor" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/monitor/registry/prometheus" "tkestack.io/tke/pkg/monitor/util" @@ -136,9 +134,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(monitor.Resource("prometheuses"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/channel/storage/storage.go b/pkg/notify/registry/channel/storage/storage.go index 9be4a51b8..e2b61ce9e 100644 --- a/pkg/notify/registry/channel/storage/storage.go +++ b/pkg/notify/registry/channel/storage/storage.go @@ -33,7 +33,6 @@ import ( storageerr "k8s.io/apiserver/pkg/storage/errors" "k8s.io/apiserver/pkg/util/dryrun" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" channelstrategy "tkestack.io/tke/pkg/notify/registry/channel" "tkestack.io/tke/pkg/notify/util" @@ -120,9 +119,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("channels"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/message/storage/storage.go b/pkg/notify/registry/message/storage/storage.go index d03ea3d2b..5432ff187 100644 --- a/pkg/notify/registry/message/storage/storage.go +++ b/pkg/notify/registry/message/storage/storage.go @@ -22,7 +22,6 @@ import ( "context" "time" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" messagestrategy "tkestack.io/tke/pkg/notify/registry/message" "tkestack.io/tke/pkg/notify/util" @@ -115,9 +113,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("messages"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/messagerequest/storage/storage.go b/pkg/notify/registry/messagerequest/storage/storage.go index f3dde5bb6..3a6304b22 100644 --- a/pkg/notify/registry/messagerequest/storage/storage.go +++ b/pkg/notify/registry/messagerequest/storage/storage.go @@ -22,7 +22,6 @@ import ( "context" "time" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -31,7 +30,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" notifyinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/notify/internalversion" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" messagerequeststrategy "tkestack.io/tke/pkg/notify/registry/messagerequest" "tkestack.io/tke/pkg/notify/util" @@ -109,9 +107,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("messagerequests"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/receiver/storage/storage.go b/pkg/notify/registry/receiver/storage/storage.go index bdd2a0728..2cdbf4430 100644 --- a/pkg/notify/registry/receiver/storage/storage.go +++ b/pkg/notify/registry/receiver/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" receiverstrategy "tkestack.io/tke/pkg/notify/registry/receiver" "tkestack.io/tke/pkg/notify/util" @@ -100,9 +98,6 @@ func (r *REST) ShortNames() []string { // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("receivers"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/receivergroup/storage/storage.go b/pkg/notify/registry/receivergroup/storage/storage.go index e861791eb..3abd0f55b 100644 --- a/pkg/notify/registry/receivergroup/storage/storage.go +++ b/pkg/notify/registry/receivergroup/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" notifyinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/notify/internalversion" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" receivergroupstrategy "tkestack.io/tke/pkg/notify/registry/receivergroup" "tkestack.io/tke/pkg/notify/util" @@ -107,9 +105,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("receivergroups"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/notify/registry/template/storage/storage.go b/pkg/notify/registry/template/storage/storage.go index 5f2bd7d4e..b89f253dc 100644 --- a/pkg/notify/registry/template/storage/storage.go +++ b/pkg/notify/registry/template/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -30,7 +29,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" notifyinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/notify/internalversion" "tkestack.io/tke/api/notify" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" templatestrategy "tkestack.io/tke/pkg/notify/registry/template" "tkestack.io/tke/pkg/notify/util" @@ -107,9 +105,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(notify.Resource("templates"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/cluster/storage/storage.go b/pkg/platform/registry/cluster/storage/storage.go index 5735449bb..66d9ecd1c 100644 --- a/pkg/platform/registry/cluster/storage/storage.go +++ b/pkg/platform/registry/cluster/storage/storage.go @@ -34,7 +34,6 @@ import ( "k8s.io/apiserver/pkg/util/dryrun" platforminternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/platform/internalversion" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" clusterstrategy "tkestack.io/tke/pkg/platform/registry/cluster" "tkestack.io/tke/pkg/platform/util" @@ -171,9 +170,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(platform.Resource("clusters"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/clustercredential/storage/storage.go b/pkg/platform/registry/clustercredential/storage/storage.go index 6b8a5da18..2763ba7bb 100644 --- a/pkg/platform/registry/clustercredential/storage/storage.go +++ b/pkg/platform/registry/clustercredential/storage/storage.go @@ -21,8 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" - metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" @@ -118,9 +116,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("clustercredentials"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/cronhpa/storage/storage.go b/pkg/platform/registry/cronhpa/storage/storage.go index b3c559b1a..715fd383d 100644 --- a/pkg/platform/registry/cronhpa/storage/storage.go +++ b/pkg/platform/registry/cronhpa/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/cronhpa" "tkestack.io/tke/pkg/platform/util" @@ -136,9 +134,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("cronhpas"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/csioperator/storage/storage.go b/pkg/platform/registry/csioperator/storage/storage.go index afea7dffa..9cf6d5c72 100644 --- a/pkg/platform/registry/csioperator/storage/storage.go +++ b/pkg/platform/registry/csioperator/storage/storage.go @@ -21,9 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" - "tkestack.io/tke/pkg/apiserver/authentication" - apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/csioperator" "tkestack.io/tke/pkg/platform/util" @@ -138,9 +135,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("csioperators"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/machine/storage/storage.go b/pkg/platform/registry/machine/storage/storage.go index 8857f49d6..d3fb54c57 100644 --- a/pkg/platform/registry/machine/storage/storage.go +++ b/pkg/platform/registry/machine/storage/storage.go @@ -34,7 +34,6 @@ import ( "k8s.io/apiserver/pkg/util/dryrun" platforminternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/platform/internalversion" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/machine" "tkestack.io/tke/pkg/platform/util" @@ -251,9 +250,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(platform.Resource("machines"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/persistentevent/storage/storage.go b/pkg/platform/registry/persistentevent/storage/storage.go index 02550c59b..0c3274f89 100644 --- a/pkg/platform/registry/persistentevent/storage/storage.go +++ b/pkg/platform/registry/persistentevent/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/persistentevent" "tkestack.io/tke/pkg/platform/util" @@ -135,9 +133,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("persistentevents"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/registry/storage/storage.go b/pkg/platform/registry/registry/storage/storage.go index 4fca1eaac..e7b5715de 100644 --- a/pkg/platform/registry/registry/storage/storage.go +++ b/pkg/platform/registry/registry/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/registry" "tkestack.io/tke/pkg/platform/util" @@ -135,9 +133,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("registries"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/platform/registry/tappcontroller/storage/storage.go b/pkg/platform/registry/tappcontroller/storage/storage.go index f3f1bf874..d8ab9e4b8 100644 --- a/pkg/platform/registry/tappcontroller/storage/storage.go +++ b/pkg/platform/registry/tappcontroller/storage/storage.go @@ -21,7 +21,6 @@ package storage import ( "context" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -29,7 +28,6 @@ import ( "k8s.io/apiserver/pkg/registry/generic/registry" "k8s.io/apiserver/pkg/registry/rest" "tkestack.io/tke/api/platform" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" "tkestack.io/tke/pkg/platform/registry/tappcontroller" "tkestack.io/tke/pkg/platform/util" @@ -136,9 +134,6 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(platform.Resource("tappcontrollers"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/registry/registry/chart/storage/storage.go b/pkg/registry/registry/chart/storage/storage.go index 655534a3a..1376dd780 100644 --- a/pkg/registry/registry/chart/storage/storage.go +++ b/pkg/registry/registry/chart/storage/storage.go @@ -37,7 +37,6 @@ import ( authversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/auth/v1" businessversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/business/v1" registryapi "tkestack.io/tke/api/registry" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" platformfilter "tkestack.io/tke/pkg/platform/apiserver/filter" chartstrategy "tkestack.io/tke/pkg/registry/registry/chart" @@ -174,9 +173,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(registryapi.Resource("charts"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/registry/registry/chartgroup/storage/storage.go b/pkg/registry/registry/chartgroup/storage/storage.go index 94ef030f4..9a0f43d4c 100644 --- a/pkg/registry/registry/chartgroup/storage/storage.go +++ b/pkg/registry/registry/chartgroup/storage/storage.go @@ -24,7 +24,6 @@ import ( "strings" "k8s.io/apimachinery/pkg/api/errors" - apierrors "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -38,7 +37,6 @@ import ( authversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/auth/v1" businessversionedclient "tkestack.io/tke/api/client/clientset/versioned/typed/business/v1" registryapi "tkestack.io/tke/api/registry" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" platformfilter "tkestack.io/tke/pkg/platform/apiserver/filter" chartgroupstrategy "tkestack.io/tke/pkg/registry/registry/chartgroup" @@ -173,9 +171,6 @@ func (r *GenericREST) List(ctx context.Context, options *metainternal.ListOption // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *GenericREST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(registryapi.Resource("chartgroups"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/registry/registry/namespace/storage/storage.go b/pkg/registry/registry/namespace/storage/storage.go index c10a10302..6460578c3 100644 --- a/pkg/registry/registry/namespace/storage/storage.go +++ b/pkg/registry/registry/namespace/storage/storage.go @@ -22,7 +22,6 @@ import ( "context" "fmt" - apierrors "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -116,9 +115,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, apierrors.NewMethodNotSupported(registryapi.Resource("namespaces"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) } diff --git a/pkg/registry/registry/repository/storage/storage.go b/pkg/registry/registry/repository/storage/storage.go index 51bde2116..44a6be0d6 100644 --- a/pkg/registry/registry/repository/storage/storage.go +++ b/pkg/registry/registry/repository/storage/storage.go @@ -22,7 +22,6 @@ import ( "context" "fmt" - "k8s.io/apimachinery/pkg/api/errors" metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -31,7 +30,6 @@ import ( "k8s.io/apiserver/pkg/registry/rest" registryinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/registry/internalversion" registryapi "tkestack.io/tke/api/registry" - "tkestack.io/tke/pkg/apiserver/authentication" apiserverutil "tkestack.io/tke/pkg/apiserver/util" harbor "tkestack.io/tke/pkg/registry/harbor/client" harborHandler "tkestack.io/tke/pkg/registry/harbor/handler" @@ -139,9 +137,6 @@ func (r *REST) List(ctx context.Context, options *metainternal.ListOptions) (run // DeleteCollection selects all resources in the storage matching given 'listOptions' // and deletes them. func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) { - if !authentication.IsAdministrator(ctx, r.privilegedUsername) { - return nil, errors.NewMethodNotSupported(registryapi.Resource("repositories"), "delete collection") - } return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions) }