From 370b44f9b5f45a62e1e87effff2799bd0052899d Mon Sep 17 00:00:00 2001
From: Ryan Wang <i@ryanc.cc>
Date: Tue, 1 Aug 2023 10:46:20 +0800
Subject: [PATCH] fix: not reset permission after cloning a role (#4333)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

#### What type of PR is this?

/area console
/kind bug
/milestone 2.8.x

#### What this PR does / why we need it:

修复创建角色时，如果基于某个角色创建，实际权限可能不会更新的问题。

#### Special notes for your reviewer:

需要测试：

1. 基于超级管理员创建新角色。
2. 取消勾选一些角色模板。
3. 测试此角色是否存在取消了勾选的角色模板。

#### Does this PR introduce a user-facing change?

```release-note
修复创建角色时，如果基于某个角色创建，实际权限可能不会更新的问题。
```
---
 console/src/modules/system/roles/RoleList.vue | 24 ++++++++++++-------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/console/src/modules/system/roles/RoleList.vue b/console/src/modules/system/roles/RoleList.vue
index 02269807a7..d0a3c88425 100644
--- a/console/src/modules/system/roles/RoleList.vue
+++ b/console/src/modules/system/roles/RoleList.vue
@@ -29,7 +29,6 @@ import { formatDatetime } from "@/utils/date";
 import { useFetchRole } from "@/modules/system/roles/composables/use-role";
 
 // libs
-import cloneDeep from "lodash.clonedeep";
 import { apiClient } from "@/utils/api-client";
 import Fuse from "fuse.js";
 import { usePermission } from "@/utils/permission";
@@ -97,13 +96,22 @@ const onEditingModalClose = () => {
 };
 
 const handleCloneRole = async (role: Role) => {
-  const roleToCreate = cloneDeep<Role>(role);
-  roleToCreate.metadata.name = "";
-  roleToCreate.metadata.generateName = "role-";
-  roleToCreate.metadata.creationTimestamp = undefined;
-
-  // 移除系统保留标识
-  delete roleToCreate.metadata.labels?.[roleLabels.SYSTEM_RESERVED];
+  const roleToCreate: Role = {
+    apiVersion: "v1alpha1",
+    kind: "Role",
+    metadata: {
+      name: "",
+      generateName: "role-",
+      labels: {},
+      annotations: {
+        [rbacAnnotations.DEPENDENCIES]:
+          role.metadata.annotations?.[rbacAnnotations.DEPENDENCIES] || "",
+        [rbacAnnotations.DISPLAY_NAME]:
+          role.metadata.annotations?.[rbacAnnotations.DISPLAY_NAME] || "",
+      },
+    },
+    rules: [],
+  };
 
   // 如果是超级管理员角色，那么需要获取到所有角色模板并填充到表单
   if (role.metadata.name === SUPER_ROLE_NAME) {