api

package

v0.2.2 Latest Latest Go to latest Published: Feb 4, 2015 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gsson/origin

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Policy
- func (*Policy) IsAnAPIObject()
type PolicyBinding
- func (*PolicyBinding) IsAnAPIObject()
type PolicyBindingList
- func (*PolicyBindingList) IsAnAPIObject()
type PolicyList
- func (*PolicyList) IsAnAPIObject()
type PolicyRule
type Role
- func (*Role) IsAnAPIObject()
type RoleBinding
- func (*RoleBinding) IsAnAPIObject()

Constants ¶

View Source

const (
	// Policy is a singleton and this is its name
	PolicyName  = "default"
	ResourceAll = "*"
	VerbAll     = "*"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Policy ¶

type Policy struct {
	kapi.TypeMeta   `json:",inline"`
	kapi.ObjectMeta `json:"metadata,omitempty" `

	// LastModified is the last time that any part of the Policy was created, updated, or deleted
	LastModified kutil.Time `json:"lastModified"`

	// Roles holds all the Roles held by this Policy, mapped by Role.Name
	Roles map[string]Role `json:"roles"`
}

Policy is a object that holds all the Roles for a particular namespace. There is at most one Policy document per namespace.

func (*Policy) IsAnAPIObject ¶

func (*Policy) IsAnAPIObject()

type PolicyBinding ¶

type PolicyBinding struct {
	kapi.TypeMeta   `json:",inline"`
	kapi.ObjectMeta `json:"metadata,omitempty"`

	// LastModified is the last time that any part of the PolicyBinding was created, updated, or deleted
	LastModified kutil.Time `json:"lastModified"`

	// PolicyRef is a reference to the Policy that contains all the Roles that this PolicyBinding's RoleBindings may reference
	PolicyRef kapi.ObjectReference `json:"policyRef"`
	// RoleBindings holds all the RoleBindings held by this PolicyBinding, mapped by RoleBinding.Name
	RoleBindings map[string]RoleBinding `json:"roleBindings"`
}

PolicyBinding is a object that holds all the RoleBindings for a particular namespace. There is one PolicyBinding document per referenced Policy namespace

func (*PolicyBinding) IsAnAPIObject ¶

func (*PolicyBinding) IsAnAPIObject()

type PolicyBindingList ¶

type PolicyBindingList struct {
	kapi.TypeMeta `json:",inline"`
	kapi.ListMeta `json:"metadata,omitempty"`
	Items         []PolicyBinding `json:"items"`
}

PolicyBindingList is a collection of PolicyBindings

func (*PolicyBindingList) IsAnAPIObject ¶

func (*PolicyBindingList) IsAnAPIObject()

type PolicyList ¶

type PolicyList struct {
	kapi.TypeMeta `json:",inline"`
	kapi.ListMeta `json:"metadata,omitempty"`
	Items         []Policy `json:"items"`
}

PolicyList is a collection of Policies

func (*PolicyList) IsAnAPIObject ¶

func (*PolicyList) IsAnAPIObject()

type PolicyRule ¶

type PolicyRule struct {
	// Deny is true if any request matching this rule should be denied.  If false, any request matching this rule is allowed.
	Deny bool `json:"deny"`
	// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule.  VerbAll represents all kinds.
	Verbs []string `json:"verbs"`
	// AttributeRestrictions will vary depending on what the Authorizer/AuthorizationAttributeBuilder pair supports.
	// If the Authorizer does not recognize how to handle the AttributeRestrictions, the Authorizer should report an error.
	AttributeRestrictions kruntime.EmbeddedObject `json:"attributeRestrictions"`
	// ResourceKinds is a list of kinds this rule applies to.  ResourceAll represents all kinds.
	ResourceKinds []string `json:"resourceKinds"`
}

PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.

type Role ¶

type Role struct {
	kapi.TypeMeta   `json:",inline"`
	kapi.ObjectMeta `json:"metadata,omitempty"`

	// Rules holds all the PolicyRules for this Role
	Rules []PolicyRule `json:"rules"`
}

Role is a logical grouping of PolicyRules that can be referenced as a unit by RoleBindings.

func (*Role) IsAnAPIObject ¶

func (*Role) IsAnAPIObject()

type RoleBinding ¶

type RoleBinding struct {
	kapi.TypeMeta   `json:",inline"`
	kapi.ObjectMeta `json:"metadata,omitempty"`

	// UserNames holds all the usernames directly bound to the role
	UserNames []string `json:"userNames"`
	// GroupNames holds all the groups directly bound to the role
	GroupNames []string `json:"groupNames"`

	// Since Policy is a singleton, this is sufficient knowledge to locate a role
	// RoleRefs can only reference the current namespace and the global namespace
	// If the RoleRef cannot be resolved, the Authorizer must return an error.
	RoleRef kapi.ObjectReference `json:"roleRef"`
}

RoleBinding references a Role, but not contain it. It adds who and namespace information. It can reference any Role in the same namespace or in the global namespace.

func (*RoleBinding) IsAnAPIObject ¶

func (*RoleBinding) IsAnAPIObject()

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
v1beta1
validation

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL