Version: v0.5.3 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: May 28, 2015 License: Apache-2.0 Imports: 15 Imported by: 0



Package auth provides mechanisms for enforcing authorization to Project resources in OpenShift



This section is empty.


This section is empty.


This section is empty.


type AuthorizationCache

type AuthorizationCache struct {
	// contains filtered or unexported fields

AuthorizationCache maintains a cache on the set of namespaces a user or group can access.

func NewAuthorizationCache

func NewAuthorizationCache(reviewer Reviewer,
	namespaceInterface kclient.NamespaceInterface, policyBindingsNamespacer client.PolicyBindingsNamespacer, policiesNamespacer client.PoliciesNamespacer,
	clusterPolicyBindingInterface client.ClusterPolicyBindingsInterface, clusterPolicyInterface client.ClusterPoliciesInterface) *AuthorizationCache

NewAuthorizationCache creates a new AuthorizationCache

func (*AuthorizationCache) List

func (ac *AuthorizationCache) List(userInfo user.Info) (*kapi.NamespaceList, error)

List returns the set of namespace names the user has access to view

func (*AuthorizationCache) Run

func (ac *AuthorizationCache) Run(period time.Duration)

Run begins watching and synchronizing the cache

type Lister

type Lister interface {
	// List returns the list of Namespace items that the user can access
	List(user user.Info) (*kapi.NamespaceList, error)

Lister enforces ability to enumerate a resource based on policy

type Review

type Review interface {
	Users() []string
	Groups() []string

Review is a list of users and groups that can access a resource

type Reviewer

type Reviewer interface {
	Review(name string) (Review, error)

Reviewer performs access reviews for a project by name

func NewReviewer

func NewReviewer(resourceAccessReviewsNamespacer client.ResourceAccessReviewsNamespacer) Reviewer

NewReviewer knows how to make access control reviews for a resource by name

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL