From f0a101e8fbd42e66a97ef36bc12cb07b52573152 Mon Sep 17 00:00:00 2001
From: Sarthak Jain <sarthak@chaosnative.com>
Date: Wed, 27 Jul 2022 23:23:18 +0530
Subject: [PATCH] Passing namespace in the SelfSubjectAccessReviews function
 (#17)

---
 pkg/agent/ops.go         |  4 ++--
 pkg/cmd/connect/agent.go |  4 ++--
 pkg/k8s/operations.go    | 10 ++++++----
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/pkg/agent/ops.go b/pkg/agent/ops.go
index 538b0f8..9262413 100644
--- a/pkg/agent/ops.go
+++ b/pkg/agent/ops.go
@@ -276,7 +276,7 @@ AGENT_NAME:
 	return newAgent, nil
 }
 
-func ValidateSAPermissions(mode string, kubeconfig *string) {
+func ValidateSAPermissions(namespace string, mode string, kubeconfig *string) {
 	var (
 		pems      [2]bool
 		err       error
@@ -290,7 +290,7 @@ func ValidateSAPermissions(mode string, kubeconfig *string) {
 	}
 
 	for i, resource := range resources {
-		pems[i], err = k8s.CheckSAPermissions(k8s.CheckSAPermissionsParams{Verb: "create", Resource: resource, Print: true}, kubeconfig)
+		pems[i], err = k8s.CheckSAPermissions(k8s.CheckSAPermissionsParams{Verb: "create", Resource: resource, Print: true, Namespace: namespace}, kubeconfig)
 		if err != nil {
 			utils.Red.Println(err)
 		}
diff --git a/pkg/cmd/connect/agent.go b/pkg/cmd/connect/agent.go
index 22f4e32..b4f637d 100644
--- a/pkg/cmd/connect/agent.go
+++ b/pkg/cmd/connect/agent.go
@@ -185,7 +185,7 @@ var agentCmd = &cobra.Command{
 
 			// Check if user has sufficient permissions based on mode
 			utils.White_B.Print("\n🏃 Running prerequisites check....")
-			agent.ValidateSAPermissions(newAgent.Mode, &kubeconfig)
+			agent.ValidateSAPermissions(newAgent.Namespace, newAgent.Mode, &kubeconfig)
 
 			agents, err := apis.GetAgentList(credentials, newAgent.ProjectId)
 			utils.PrintError(err)
@@ -214,7 +214,7 @@ var agentCmd = &cobra.Command{
 
 			// Check if user has sufficient permissions based on mode
 			utils.White_B.Print("\n🏃 Running prerequisites check....")
-			agent.ValidateSAPermissions(modeType, &kubeconfig)
+			agent.ValidateSAPermissions(newAgent.Namespace, modeType, &kubeconfig)
 			newAgent, err = agent.GetAgentDetails(modeType, newAgent.ProjectId, credentials, &kubeconfig)
 			utils.PrintError(err)
 
diff --git a/pkg/k8s/operations.go b/pkg/k8s/operations.go
index 4b92c9c..693d500 100644
--- a/pkg/k8s/operations.go
+++ b/pkg/k8s/operations.go
@@ -70,9 +70,10 @@ func NsExists(namespace string, kubeconfig *string) (bool, error) {
 }
 
 type CheckSAPermissionsParams struct {
-	Verb     string
-	Resource string
-	Print    bool
+	Verb      string
+	Resource  string
+	Print     bool
+	Namespace string
 }
 
 func CheckSAPermissions(params CheckSAPermissionsParams, kubeconfig *string) (bool, error) {
@@ -80,6 +81,7 @@ func CheckSAPermissions(params CheckSAPermissionsParams, kubeconfig *string) (bo
 	var o CanIOptions
 	o.Verb = params.Verb
 	o.Resource.Resource = params.Resource
+	o.Namespace = params.Namespace
 	client, err := ClientSet(kubeconfig)
 	if err != nil {
 		return false, err
@@ -176,7 +178,7 @@ start:
 			utils.White_B.Println("👍 Continuing with", namespace, "namespace")
 		}
 	} else {
-		if val, _ := CheckSAPermissions(CheckSAPermissionsParams{"create", "namespace", false}, kubeconfig); !val {
+		if val, _ := CheckSAPermissions(CheckSAPermissionsParams{"create", "namespace", false, namespace}, kubeconfig); !val {
 			utils.Red.Println("🚫 You don't have permissions to create a namespace.\n Please enter an existing namespace.")
 			goto start
 		}