Merge pull request #60 from sighupio/fix/delete-user

 fix delete user resource bug

internal/resources/user.go

@@ -101,7 +101,9 @@ func (r *resourcesService) CreateUser(ctx context.Context, username string) User
 // the PermissionManagerUser CRD object associated to the user with the given username.
 func (r *resourcesService) DeleteUser(ctx context.Context, username string) {
 	metadataName := "permissionmanager.user." + username
+
 	_, err := r.kubeclient.AppsV1().RESTClient().Delete().AbsPath(resourceURL + "/" + metadataName).DoRaw(ctx)
+
 	if err != nil {
 		log.Printf("Failed to delete user:%s\n %v\n", username, err)
 	}

web-client/src/components/edit-user.tsx

@@ -99,6 +99,7 @@ export default function EditUser({user}: EditUserParameters) {
    * delete all the user-resources currently in the k8s cluster
    */
   async function deleteUserResources() {
+
     await httpRequests.rolebindingRequests.delete.rolebinding(rbs);
     await httpRequests.rolebindingRequests.delete.clusterRolebinding(crbs);
   }

web-client/src/constants.tsx

@@ -63,6 +63,9 @@ export const VERBS = [
   'delete',
 ]
 
-export const templateNamespacedResourceRolePrefix = 'template-namespaced-resources___'
+export const resourceSeparator = '___'
+
+export const templateNamespacedResourceRolePrefix = 'template-namespaced-resources' + resourceSeparator
+
+export const templateClusterResourceRolePrefix = 'template-cluster-resources' + resourceSeparator
 
-export const templateClusterResourceRolePrefix = 'template-cluster-resources___'

web-client/src/services/role.tsx

@@ -1,4 +1,4 @@
-import {templateClusterResourceRolePrefix} from "../constants";
+import {resourceSeparator, templateClusterResourceRolePrefix} from "../constants";
 import uuid from "uuid";
 import {ClusterRoleBinding, RoleBinding} from "../hooks/useRbac";
 
@@ -49,11 +49,21 @@ export interface ExtractedUserRoles {
  */
 export function extractUsersRoles(roleBindings: RoleBinding[], clusterRoleBindings: ClusterRoleBinding[], username: string): ExtractedUserRoles {
   const rbs = (roleBindings || []).filter(rb => {
-    return rb.metadata.name.startsWith(username)
+    const separatedResourceName = rb.metadata.name.split(resourceSeparator);
+
+    if (separatedResourceName.length === 0) return false
+
+    // the first split always contains the name of the user
+    return separatedResourceName[0] === username
   })
 
   const crbs = (clusterRoleBindings || []).filter(crb => {
-    return crb.metadata.name.startsWith(username)
+    const separatedResourceName = crb.metadata.name.split(resourceSeparator);
+
+    if (separatedResourceName.length === 0) return false
+
+    // the first split always contains the name of the user
+    return separatedResourceName[0] === username
   })
 
   const normalizedRoleBindings: NormalizedRoleBinding[] = [...rbs, ...crbs]

web-client/src/services/rolebindingCreateRequests.tsx

@@ -1,4 +1,4 @@
-import {templateClusterResourceRolePrefix} from "../constants";
+import {resourceSeparator, templateClusterResourceRolePrefix} from "../constants";
 import {ClusterAccess} from "../components/types";
 import {AxiosInstance, AxiosResponse} from "axios";
 import {AggregatedRoleBinding} from "./role";
@@ -144,7 +144,7 @@ export class RolebindingCreateRequests {
     // we grab all the 'ALL_NAMESPACE' rolebindings and create them on the backend
     for (const allNamespaceRolebinding of aggregatedRoleBindings.filter(e => e.namespaces === 'ALL_NAMESPACES')) {
       // we construct the resource name
-      const clusterRolebindingName = username + '___' + allNamespaceRolebinding.roleName + 'all_namespaces'
+      const clusterRolebindingName = username + resourceSeparator + allNamespaceRolebinding.roleName + 'all_namespaces'
 
       // means that we already created the resource
       if (consumed.includes(clusterRolebindingName)) continue;
@@ -165,8 +165,8 @@ export class RolebindingCreateRequests {
       for (const namespace of namespacedRoleBinding.namespaces) {
 
         // we construct the resource name
-        const rolebindingName = username + '___' + namespacedRoleBinding.roleName + '___' + namespace
-
+        const rolebindingName = username + resourceSeparator + namespacedRoleBinding.roleName + resourceSeparator + namespace
+        
         // means that we already created the resource
         if (consumed.includes(rolebindingName)) continue;
 
@@ -191,9 +191,9 @@ export class RolebindingCreateRequests {
       return;
     }
 
-    const roleName = username + '___' + this.getRoleName(clusterAccess);
+    const roleName = username + resourceSeparator + this.getRoleName(clusterAccess);
 
-    const clusterRolebindingName = username + '___' + roleName
+    const clusterRolebindingName = username + resourceSeparator + roleName
 
     //todo this must be changed in the future to support dynamic cluster roles. Right now it's just a single api call based on a radio select
     await this.clusterRolebinding({