Fix kubecube authorization (#35)

* add cluster info when request to kubecube for pod authorization

* add changelog

Author: JiahuiZhao11

CHANGELOG.md

@@ -1,3 +1,10 @@
+# v1.2.4
+2022-8-31
+## Bugfix:
+- add cluster info when request to kubecube for pod authorization
+## Dependency:
+- kubecube 1.4.0
+
 # v1.2.3
 2022-7-19
 ## Enhance:

handler/auth.go

@@ -47,6 +47,7 @@ type attributes struct {
 	Name            string `json:"name"`
 	ResourceRequest bool   `json:"resourceRequest"`
 	Path            string `json:"path"`
+	Cluster         string `json:"cluster"`
 }
 
 // podAuthorityVerify verify whether current user could access to pod
@@ -76,8 +77,15 @@ func isAuthValid(request *restful.Request) bool {
 		return false
 	}
 	namespace := request.PathParameter(NamespaceKey)
-	attribute := &attributes{user, "get", namespace, "", "", "pods",
-		"", "", true, ""}
+	cluster := request.PathParameter(ClusterKey)
+	attribute := &attributes{
+		User:            user,
+		Verb:            "get",
+		Namespace:       namespace,
+		Resource:        "pods",
+		ResourceRequest: true,
+		Cluster:         cluster,
+	}
 	bytesData, err := json.Marshal(attribute)
 	if err != nil {
 		clog.Error("marshal json error: %s", err)

handler/metadata.go

@@ -32,6 +32,7 @@ const (
 	LeaderElectionKey       = "kubecube-webconsole-leader-election-key"
 	LeaderElectionNamespace = "kube-system"
 	NamespaceKey            = "namespace"
+	ClusterKey              = "cluster"
 	KubeCubeChrootShPath    = "/kubecube-chroot.sh"
 	CloudShellLabelKey      = "kubecube.io/app"
 )