missingDir.allowGet()

        def m = mavenHttpRepo.module("org.utils", "impl", '1.3')
            .allowAll()
            .publish()
        m.rootMetaData.file.delete()
        m.rootMetaData.allowGetOrHead()
        def dir = mavenHttpRepo.directory("org.utils", "impl")
        dir.allowGet()

        buildFile << """
            repositories {

            ivy()
        }
        buildFile << """
            dependencies {
                conf "org:foo:+"
            }
        """

        when:
        ivyDirectoryList.allowGet()
        mod.ivy.expectGet()
        mod.artifact.expectGet()

        run 'checkDeps'

        then:
        resolve.expectGraph {
            root(':', ':test:') {

Required by:
""")

        when:
        def projectA2 = ivyHttpRepo.module("group", "projectA", "2.2").publish()

        and:
        server.resetExpectations()
        dirListRepo1.allowGet()
        dirListRepo2.allowGet()
        projectA2.ivy.expectGet()
        projectA2.jar.expectGet()

        then:
        checkResolve "group:projectA:2.+": ["group:projectA:2.2", "didn't match versions 3.0, 1.2, 1.1, 4.4"]

			},
			expectAllowed: true,
		},
		// Allowed mutating
		{
			name:     "v1beta1 allowed mutating",
			uid:      "123",
			mutating: true,
			review: &admissionv1beta1.AdmissionReview{
				Response: &admissionv1beta1.AdmissionResponse{Allowed: true},
			},
			expectAllowed: true,
		},
		{
			name:     "v1 allowed mutating",
			uid:      "123",

        'resolve()'                  | 'dependencyScope' | 'resolve()'                                                                                                                          || "Resolving dependency configuration 'custom' is not allowed as it is defined as 'canBeResolved=false'."

			p.InspectFeatureGates(feature.DefaultFeatureGate)

			err := p.Validate(context.Background(), tc.attributes, nil)
			if err == nil && !tc.allowed {
				t.Errorf("Expected authorization policy to reject ClusterTrustBundle but it was allowed")
			}
			if err != nil && tc.allowed {
				t.Errorf("Expected authorization policy to accept ClusterTrustBundle but it was rejected: %v", err)
			}
		})
	}
}

	"":                "SubjectAccessReviewStatus",
	"allowed":         "Allowed is required. True if the action would be allowed, false otherwise.",
	"denied":          "Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.",

  repeated AllowedCSIDriver allowedCSIDrivers = 23;

  // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
  // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
  // as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
  // Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
  //
  // Examples:

}

// SubjectAccessReviewStatus
type SubjectAccessReviewStatus struct {
	// Allowed is required. True if the action would be allowed, false otherwise.
	Allowed bool `json:"allowed" protobuf:"varint,1,opt,name=allowed"`
	// Denied is optional. True if the action would be denied, otherwise
	// false. If both allowed is false and denied is false, then the
	// authorizer has no opinion on whether to authorize the action. Denied

message SubjectAccessReviewStatus {
  // Allowed is required. True if the action would be allowed, false otherwise.
  optional bool allowed = 1;

  // Denied is optional. True if the action would be denied, otherwise
  // false. If both allowed is false and denied is false, then the
  // authorizer has no opinion on whether to authorize the action. Denied
  // may not be true if Allowed is true.
  // +optional