Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove update flow
Browse files Browse the repository at this point in the history
anusha94 committed Apr 30, 2022
1 parent e38017c commit 23ea765
Showing 2 changed files with 2 additions and 99 deletions.
12 changes: 2 additions & 10 deletions apis/infrastructure/v1beta1/byohost_webhook.go
Original file line number Diff line number Diff line change
@@ -33,18 +33,10 @@ func (v *ByohHostValidator) Handle(ctx context.Context, req admission.Request) a
if byoHost.Status.MachineRef != nil {
return admission.Denied("cannot delete ByoHost when MachineRef is assigned")
}
} else {
byoHost := &ByoHost{}
err := v.decoder.Decode(req, byoHost)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}

if req.UserInfo.Username != "admin" && req.UserInfo.Username != byoHost.Name {
return admission.Denied("User does not have the permission to perform this operation")
}
}

// TODO: verify if req.UserInfo.Username has rbac permission to update the byohost

return admission.Allowed("")
}

89 changes: 0 additions & 89 deletions apis/infrastructure/v1beta1/byohost_webhook_test.go
Original file line number Diff line number Diff line change
@@ -18,95 +18,6 @@ import (

var _ = Describe("ByohostWebhook", func() {

Context("When ByoHost gets an update request", func() {
var (
byoHost *byohv1beta1.ByoHost
ctx context.Context
k8sClientUncached client.Client
)

BeforeEach(func() {
ctx = context.Background()
var clientErr error

k8sClientUncached, clientErr = client.New(cfg, client.Options{Scheme: scheme.Scheme})
Expect(clientErr).NotTo(HaveOccurred())

byoHost = &byohv1beta1.ByoHost{
TypeMeta: metav1.TypeMeta{
Kind: "ByoHost",
APIVersion: "infrastructure.cluster.x-k8s.io/v1beta1",
},
ObjectMeta: metav1.ObjectMeta{
GenerateName: "byohost-",
Namespace: "default",
},
Spec: byohv1beta1.ByoHostSpec{},
}
Expect(k8sClientUncached.Create(ctx, byoHost)).Should(Succeed())

})

It("should allow request coming from admin user", func() {
byoMachine := &byohv1beta1.ByoMachine{
TypeMeta: metav1.TypeMeta{
Kind: "ByoMachine",
APIVersion: "infrastructure.cluster.x-k8s.io/v1beta1",
},
ObjectMeta: metav1.ObjectMeta{
GenerateName: "byomachine-",
Namespace: "default",
},
Spec: byohv1beta1.ByoMachineSpec{},
}
Expect(k8sClientUncached.Create(ctx, byoMachine)).Should(Succeed())
ph, err := patch.NewHelper(byoHost, k8sClientUncached)
Expect(err).ShouldNot(HaveOccurred())
byoHost.Status.MachineRef = &corev1.ObjectReference{
Kind: "ByoMachine",
Namespace: byoMachine.Namespace,
Name: byoMachine.Name,
UID: byoMachine.UID,
APIVersion: byoHost.APIVersion,
}

err = ph.Patch(ctx, byoHost, patch.WithStatusObservedGeneration{})
Expect(err).ToNot(HaveOccurred())
})

It("should allow request coming from the right host agent user", func() {
byoMachine := &byohv1beta1.ByoMachine{
TypeMeta: metav1.TypeMeta{
Kind: "ByoMachine",
APIVersion: "infrastructure.cluster.x-k8s.io/v1beta1",
},
ObjectMeta: metav1.ObjectMeta{
GenerateName: "byomachine-",
Namespace: "default",
},
Spec: byohv1beta1.ByoMachineSpec{},
}
Expect(k8sClientUncached.Create(ctx, byoMachine)).Should(Succeed())
ph, err := patch.NewHelper(byoHost, testUserK8sClient)
Expect(err).ShouldNot(HaveOccurred())
byoHost.Status.MachineRef = &corev1.ObjectReference{
Kind: "ByoMachine",
Namespace: byoMachine.Namespace,
Name: byoMachine.Name,
UID: byoMachine.UID,
APIVersion: byoHost.APIVersion,
}

err = ph.Patch(ctx, byoHost, patch.WithStatusObservedGeneration{})
Expect(err).To(HaveOccurred())
// Expect(err).To(MatchError("admission webhook \"vbyohost.kb.io\" denied the request: User does not have the permission to perform this operation"))
})

It("should deny request coming from any other host agent user", func() {

})
})

Context("When ByoHost gets a delete request", func() {
var (
byoHost *byohv1beta1.ByoHost

0 comments on commit 23ea765

Please sign in to comment.