From 7fa68ab76e104f97ed428071e122a3e0f05db714 Mon Sep 17 00:00:00 2001
From: Jordan Pellizzari <jordan@weave.works>
Date: Wed, 1 Nov 2023 12:22:50 -0700
Subject: [PATCH] Add tenant field to Explorer objects

---
 pkg/query/server/server.go | 38 +++++++++++++++++++++++++++++++++++---
 1 file changed, 35 insertions(+), 3 deletions(-)

diff --git a/pkg/query/server/server.go b/pkg/query/server/server.go
index d08f178e96..b58471555e 100644
--- a/pkg/query/server/server.go
+++ b/pkg/query/server/server.go
@@ -27,6 +27,7 @@ import (
 	store "github.com/weaveworks/weave-gitops-enterprise/pkg/query/store"
 	"github.com/weaveworks/weave-gitops/core/clustersmngr"
 	"github.com/weaveworks/weave-gitops/pkg/server/auth"
+	v1 "k8s.io/api/core/v1"
 )
 
 type server struct {
@@ -39,6 +40,7 @@ type server struct {
 	cancelCollection context.CancelFunc
 	cleaner          cleaner.ObjectCleaner
 	enabledFor       []string
+	clustersManager  clustersmngr.ClustersManager
 }
 
 func (s *server) StopCollection() error {
@@ -75,11 +77,22 @@ type ServerOpts struct {
 
 func (s *server) DoQuery(ctx context.Context, msg *pb.DoQueryRequest) (*pb.DoQueryResponse, error) {
 	objs, err := s.qs.RunQuery(ctx, msg, msg)
-
 	if err != nil {
 		return nil, fmt.Errorf("failed to run query: %w", err)
 	}
 
+	user := auth.Principal(ctx)
+	// Force update the cluster manager cache
+	// It appears this gets called every request by the GetImpersonatedClient call,
+	// which does not get called in the Query code path.
+	// It should be safe to call on every request here.
+	s.clustersManager.UpdateUserNamespaces(ctx, user)
+
+	// Existing tenants machinery requires that we know the user's available namespaces.
+	// We check those tenant namespaces against the object's namespace.
+	userNamespaces := s.clustersManager.GetUserNamespaces(user)
+	objs = withTenants(objs, userNamespaces)
+
 	return &pb.DoQueryResponse{
 		Objects: convertToPbObject(objs),
 	}, nil
@@ -215,8 +228,9 @@ func NewServer(opts ServerOpts) (_ pb.QueryServer, _ func() error, reterr error)
 	debug.Info("query service created")
 
 	serv := &server{
-		qs:         qs,
-		enabledFor: opts.EnabledFor,
+		qs:              qs,
+		enabledFor:      opts.EnabledFor,
+		clustersManager: opts.ClustersManager,
 	}
 
 	if !opts.SkipCollection {
@@ -356,3 +370,21 @@ func convertToPbFacet(facets store.Facets) []*pb.Facet {
 
 	return pbFacets
 }
+
+// Replicating the logic from here:
+// https://github.com/weaveworks/weave-gitops/blob/8b293044e6afec872453fee40923da3d2f066f12/core/server/utils.go#L13
+func withTenants(objs []models.Object, nsList map[string][]v1.Namespace) []models.Object {
+	out := []models.Object{}
+	for _, obj := range objs {
+		namespaces := nsList[obj.Cluster]
+		for _, ns := range namespaces {
+			if ns.GetName() == obj.Namespace {
+				obj.Tenant = ns.Labels["toolkit.fluxcd.io/tenant"]
+
+			}
+		}
+		out = append(out, obj)
+	}
+
+	return out
+}