rbac

package

v0.2.11 Latest Latest Go to latest Published: Nov 23, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/loft-sh/kiosk

Links

Open Source Insights

Documentation ¶

Overview ¶

Package rbac implements the authorizer.Authorizer interface using roles base access control.

Index ¶

func ConvertSubject(namespace string, subject *rbacv1.Subject) string
func RuleAllows(requestAttributes authorizer.Attributes, rule *rbacv1.PolicyRule) bool
type ClusterRoleBindingLister
- func (l *ClusterRoleBindingLister) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error)
type ClusterRoleGetter
- func (g *ClusterRoleGetter) GetClusterRole(name string) (*rbacv1.ClusterRole, error)
type DefaultRuleResolver
- func NewDefaultRuleResolver(client client.Client) *DefaultRuleResolver
- func (r *DefaultRuleResolver) GetRoleReferenceRules(ctx context.Context, roleRef rbacv1.RoleRef, bindingNamespace string) ([]rbacv1.PolicyRule, error)
- func (r *DefaultRuleResolver) VisitRulesFor(ctx context.Context, user user.Info, namespace string, ...)
type RBACAuthorizer
- func New(client client.Client) *RBACAuthorizer
- func (r *RBACAuthorizer) Authorize(ctx context.Context, requestAttributes authorizer.Attributes) (authorizer.Decision, string, error)
type RoleBindingLister
- func (l *RoleBindingLister) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error)
type RoleGetter
- func (g *RoleGetter) GetRole(namespace, name string) (*rbacv1.Role, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertSubject ¶

func ConvertSubject(namespace string, subject *rbacv1.Subject) string

ConvertSubject converts the given subject into an unqiue id string

func RuleAllows ¶

func RuleAllows(requestAttributes authorizer.Attributes, rule *rbacv1.PolicyRule) bool

Types ¶

type ClusterRoleBindingLister ¶

type ClusterRoleBindingLister struct {
	Lister rbaclisters.ClusterRoleBindingLister
}

func (*ClusterRoleBindingLister) ListClusterRoleBindings ¶

func (l *ClusterRoleBindingLister) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error)

type ClusterRoleGetter ¶

type ClusterRoleGetter struct {
	Lister rbaclisters.ClusterRoleLister
}

func (*ClusterRoleGetter) GetClusterRole ¶

func (g *ClusterRoleGetter) GetClusterRole(name string) (*rbacv1.ClusterRole, error)

type DefaultRuleResolver ¶

type DefaultRuleResolver struct {
	ListAll bool
	Client  client.Client
}

func NewDefaultRuleResolver ¶

func NewDefaultRuleResolver(client client.Client) *DefaultRuleResolver

func (*DefaultRuleResolver) GetRoleReferenceRules ¶

func (r *DefaultRuleResolver) GetRoleReferenceRules(ctx context.Context, roleRef rbacv1.RoleRef, bindingNamespace string) ([]rbacv1.PolicyRule, error)

GetRoleReferenceRules attempts to resolve the RoleBinding or ClusterRoleBinding.

func (*DefaultRuleResolver) VisitRulesFor ¶

func (r *DefaultRuleResolver) VisitRulesFor(ctx context.Context, user user.Info, namespace string, visitor func(source fmt.Stringer, rule *rbacv1.PolicyRule, err error) bool)

type RBACAuthorizer ¶

type RBACAuthorizer struct {
	AuthorizationRuleResolver *DefaultRuleResolver
}

func New ¶

func New(client client.Client) *RBACAuthorizer

func (*RBACAuthorizer) Authorize ¶

func (r *RBACAuthorizer) Authorize(ctx context.Context, requestAttributes authorizer.Attributes) (authorizer.Decision, string, error)

type RoleBindingLister ¶

type RoleBindingLister struct {
	Lister rbaclisters.RoleBindingLister
}

func (*RoleBindingLister) ListRoleBindings ¶

func (l *RoleBindingLister) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error)

type RoleGetter ¶

type RoleGetter struct {
	Lister rbaclisters.RoleLister
}

func (*RoleGetter) GetRole ¶

func (g *RoleGetter) GetRole(namespace, name string) (*rbacv1.Role, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL