- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for IsAllowed (0.2 sec)
-
cmd/bucket-policy.go
policy, _, err := globalBucketMetadataSys.GetPolicyConfig(bucket) return policy, err } // IsAllowed - checks given policy args is allowed to continue the Rest API. func (sys *PolicySys) IsAllowed(args policy.BucketPolicyArgs) bool { p, err := sys.Get(args.BucketName) if err == nil { return p.IsAllowed(args) } // Log unhandled errors. if _, ok := err.(BucketPolicyNotFound); !ok {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 8K bytes - Viewed (0) -
internal/config/policy/opa/config.go
return nil } return &Opa{ args: args, client: &http.Client{Transport: args.Transport}, } } // IsAllowed - checks given policy args is allowed to continue the REST API. func (o *Opa) IsAllowed(args policy.Args) (bool, error) { if o == nil { return false, nil } // OPA input body := make(map[string]interface{}) body["input"] = args
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Sep 14 21:50:16 GMT 2023 - 5.2K bytes - Viewed (1) -
cmd/auth-handler.go
byPassSet = globalIAMSys.IsAllowed(policy.Args{ AccountName: cred.AccessKey, Groups: cred.Groups, Action: policy.BypassGovernanceRetentionAction, BucketName: bucketName, ObjectName: objectName, ConditionValues: conditions, IsOwner: owner, Claims: cred.Claims, }) } if globalIAMSys.IsAllowed(policy.Args{
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 26K bytes - Viewed (0) -
cmd/iam.go
} // Sub policy not set, this is most common since subPolicy // is optional, use the inherited policies. return isOwnerDerived || combinedPolicy.IsAllowed(args) } func isAllowedBySessionPolicyForServiceAccount(args policy.Args) (hasSessionPolicy bool, isAllowed bool) { hasSessionPolicy = false isAllowed = false
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 25 21:28:16 GMT 2024 - 71.1K bytes - Viewed (1) -
internal/config/policy/plugin/config.go
return nil } return &AuthZPlugin{ args: args, client: &http.Client{Transport: args.Transport}, } } // IsAllowed - checks given policy args is allowed to continue the REST API. func (o *AuthZPlugin) IsAllowed(args policy.Args) (bool, error) { if o == nil { return false, nil } // Access Management Plugin Input body := make(map[string]interface{})
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Sep 14 21:50:16 GMT 2023 - 5.8K bytes - Viewed (0) -
cmd/admin-handlers-users.go
} checkDenyOnly := false if name == cred.AccessKey { // Check that there is no explicit deny - otherwise it's allowed // to view one's own info. checkDenyOnly = true } if !globalIAMSys.IsAllowed(policy.Args{ AccountName: cred.AccessKey, Groups: cred.Groups, Action: policy.GetUserAdminAction, ConditionValues: getConditionValues(r, "", cred), IsOwner: owner,
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Wed May 01 12:41:13 GMT 2024 - 77.5K bytes - Viewed (0) -
cmd/s3-zip-handlers.go
// error. // * if you don’t have the s3:ListBucket // permission, Amazon S3 will return an HTTP // status code 403 ("access denied") error.` if globalPolicySys.IsAllowed(policy.BucketPolicyArgs{ Action: policy.ListBucketAction, BucketName: bucket, ConditionValues: getConditionValues(r, "", auth.AnonymousCredentials), IsOwner: false, }) {
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Tue Apr 09 10:41:25 GMT 2024 - 15.8K bytes - Viewed (0) -
cmd/admin-handlers-idp-ldap.go
// If listing is requested for a specific user (who is not the request // sender), check that the user has permissions. if userDN != "" && userDN != cred.ParentUser { if !globalIAMSys.IsAllowed(policy.Args{ AccountName: cred.AccessKey, Groups: cred.Groups, Action: policy.ListServiceAccountsAdminAction, ConditionValues: getConditionValues(r, "", cred),
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 25 15:50:16 GMT 2024 - 13.3K bytes - Viewed (0) -
cmd/metrics.go
} cred := auth.Credentials{ AccessKey: claims.AccessKey, Claims: claims.Map(), Groups: groups, } // For authenticated users apply IAM policy. if !globalIAMSys.IsAllowed(policy.Args{ AccountName: cred.AccessKey, Groups: cred.Groups, Action: policy.PrometheusAdminAction, ConditionValues: getConditionValues(r, "", cred), IsOwner: owner,
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Tue Apr 02 06:48:36 GMT 2024 - 16.9K bytes - Viewed (0) -
cmd/bucket-handlers.go
readable := globalPolicySys.IsAllowed(policy.BucketPolicyArgs{ Action: policy.ListBucketAction, BucketName: bucket, ConditionValues: getConditionValues(r, "", auth.AnonymousCredentials), IsOwner: false, }) // Check if anonymous (non-owner) has access to upload objects. writable := globalPolicySys.IsAllowed(policy.BucketPolicyArgs{
Go - Registered: Sun May 05 19:28:20 GMT 2024 - Last Modified: Thu Apr 25 16:27:27 GMT 2024 - 61.6K bytes - Viewed (0)