(c *gin.Context)
| 313 | } |
| 314 | |
| 315 | func OpenAPIListRoles(c *gin.Context) { |
| 316 | ctx := internalhandler.NewContext(c) |
| 317 | defer func() { internalhandler.JSONResponse(c, ctx) }() |
| 318 | |
| 319 | err := userhandler.GenerateUserAuthInfo(ctx) |
| 320 | if err != nil { |
| 321 | ctx.UnAuthorized = true |
| 322 | ctx.RespErr = fmt.Errorf("failed to generate user authorization info, error: %s", err) |
| 323 | return |
| 324 | } |
| 325 | |
| 326 | projectName := c.Query("namespace") |
| 327 | if projectName == "" { |
| 328 | ctx.RespErr = e.ErrInvalidParam.AddDesc("args namespace can't be empty") |
| 329 | return |
| 330 | } |
| 331 | |
| 332 | if !ctx.Resources.IsSystemAdmin { |
| 333 | if projectName == "*" { |
| 334 | ctx.UnAuthorized = true |
| 335 | return |
| 336 | } |
| 337 | |
| 338 | if _, ok := ctx.Resources.ProjectAuthInfo[projectName]; !ok { |
| 339 | ctx.UnAuthorized = true |
| 340 | return |
| 341 | } |
| 342 | |
| 343 | if !ctx.Resources.ProjectAuthInfo[projectName].IsProjectAdmin { |
| 344 | ctx.UnAuthorized = true |
| 345 | return |
| 346 | } |
| 347 | } |
| 348 | |
| 349 | uid := c.Query("uid") |
| 350 | if uid == "" { |
| 351 | ctx.Resp, ctx.RespErr = permission.ListRolesByNamespace(projectName, ctx.Logger) |
| 352 | } else { |
| 353 | ctx.Resp, ctx.RespErr = permission.ListRolesByNamespaceAndUserID(projectName, uid, ctx.Logger) |
| 354 | } |
| 355 | } |
| 356 | |
| 357 | func ListRoles(c *gin.Context) { |
| 358 | ctx := internalhandler.NewContext(c) |
nothing calls this directly
no test coverage detected