github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(kubectl): EE-1342 non-admin users cannot connect to the local kube cluster using kubectl shell (#5475) 

Co-authored-by: Simon Meng <simon.meng@portainer.io>
pull/5506/head
cong meng 2021-08-26 11:31:22 +12:00 committed by GitHub
parent ab30793c48
commit d6e291db15
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
api/http/handler/websocket/shell_pod.go
View File

@ -86,17 +86,12 @@ func (handler *Handler) websocketShellPodExec(w http.ResponseWriter, r *http.Req
return nil return nil
} }
serviceAccountToken, isAdminToken, err := handler.getToken(r, endpoint, false)
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to get user service account token", err}
}
handlerErr := handler.hijackPodExecStartOperation( handlerErr := handler.hijackPodExecStartOperation(
w, w,
r, r,
cli, cli,
serviceAccountToken, "",
isAdminToken, true,
endpoint, endpoint,
shellPod.Namespace, shellPod.Namespace,
shellPod.PodName, shellPod.PodName,