- Sort Score
- Result 10 results
- Languages All
Results 1 - 7 of 7 for ListAuthorizationPolicies (0.48 sec)
-
pilot/pkg/security/authz/builder/fuzz_test.go
push := fuzz.Struct[*model.PushContext](fg, validatePush) node := fuzz.Struct[*model.Proxy](fg) selectionOpts := model.PolicyMatcherForProxy(node) policies := push.AuthzPolicies.ListAuthorizationPolicies(selectionOpts) option := fuzz.Struct[Option](fg) b := New(bundle, push, policies, option) if b == nil { fg.T().Skip() return // To help linter } b.BuildHTTP() }) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 1.9K bytes - Viewed (0) -
pilot/pkg/model/authorization.go
Custom []AuthorizationPolicy Deny []AuthorizationPolicy Allow []AuthorizationPolicy Audit []AuthorizationPolicy } // ListAuthorizationPolicies returns authorization policies applied to the workload in the given namespace. func (policy *AuthorizationPolicies) ListAuthorizationPolicies(selectionOpts WorkloadPolicyMatcher) AuthorizationPoliciesResult { configs := AuthorizationPoliciesResult{} if policy == nil { return configs
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 4.2K bytes - Viewed (0) -
pilot/pkg/networking/plugin/authz/authorization.go
UseFilterState: useFilterState, UseExtendedJwt: proxy.SupportsEnvoyExtendedJwt(), } selectionOpts := model.PolicyMatcherForProxy(proxy).WithService(svc) policies := push.AuthzPolicies.ListAuthorizationPolicies(selectionOpts) b := builder.New(tdBundle, push, policies, option) return &Builder{builder: b} } func (b *Builder) BuildTCP() []*listener.Filter { if b == nil || b.builder == nil { return nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 2.7K bytes - Viewed (0) -
pkg/fuzz/README.md
option := fuzz.Struct[Option](fg) // Run our actual test code. In this case, we are just checking nothing crashes. // In other tests, explicit assertions may be helpful. policies := push.AuthzPolicies.ListAuthorizationPolicies(selectionOpts) New(bundle, push, policies, option).BuildHTTP() }) } ``` ## Running tests Fuzz tests can be run using standard Go tooling: ```shell
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Oct 05 21:25:25 UTC 2023 - 1.9K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder_test.go
UseExtendedJwt: extended, } push := push(t, baseDir+tc.input, tc.meshConfig) proxy := node(tc.version) selectionOpts := model.PolicyMatcherForProxy(proxy) policies := push.AuthzPolicies.ListAuthorizationPolicies(selectionOpts) g := New(tc.tdBundle, push, policies, option) if g == nil { t.Fatalf("failed to create generator") } got := g.BuildHTTP() wants := tc.want if extended {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/model/authorization_test.go
}, }, } for _, tc := range cases { t.Run(tc.name, func(t *testing.T) { authzPolicies := createFakeAuthorizationPolicies(tc.configs) result := authzPolicies.ListAuthorizationPolicies(tc.selectionOpts) if !reflect.DeepEqual(tc.wantAllow, result.Allow) { t.Errorf("wantAllow:%v\n but got: %v\n", tc.wantAllow, result.Allow) } if !reflect.DeepEqual(tc.wantDeny, result.Deny) {Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 12.7K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// grpc supports ALLOW and DENY actions (fail if it is not one of them), so we can't use the normal generator selectionOpts := model.PolicyMatcherForProxy(node) policies := push.AuthzPolicies.ListAuthorizationPolicies(selectionOpts) if len(policies.Deny)+len(policies.Allow) > 0 { rules := buildRBAC(node, push, nameSuffix, tlsContext, rbacpb.RBAC_DENY, policies.Deny) if rules != nil && len(rules.Policies) > 0 {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0)