Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 5 of 5 for NewTestRuleResolver (0.24 sec)

  2. github.com/kubernetes/kubernetes

    plugin/pkg/auth/authorizer/rbac/subject_locator_test.go 

    						{Kind: rbacv1.GroupKind, APIGroup: rbacv1.GroupName, Name: "super-admins"},
					},
				},
			},
		},
	}
	for _, tt := range tests {
		ruleResolver, lister := rbacregistryvalidation.NewTestRuleResolver(tt.roles, tt.roleBindings, tt.clusterRoles, tt.clusterRoleBindings)
		a := SubjectAccessEvaluator{tt.superUser, lister, lister, ruleResolver}
		for i, action := range tt.actionsToSubjects {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue May 22 12:17:05 UTC 2018
    - 5.6K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/registry/rbac/validation/rule.go 

    		return serviceaccount.MatchesUsername(saNamespace, subject.Name, user.GetName())
	default:
		return false
	}
}

// NewTestRuleResolver returns a rule resolver from lists of role objects.
func NewTestRuleResolver(roles []*rbacv1.Role, roleBindings []*rbacv1.RoleBinding, clusterRoles []*rbacv1.ClusterRole, clusterRoleBindings []*rbacv1.ClusterRoleBinding) (AuthorizationRuleResolver, *StaticRoles) {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Nov 02 16:51:16 UTC 2020
    - 11.6K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    pkg/registry/rbac/clusterrole/policybased/storage_test.go 

    		authzCalled++
		if attr.GetUser().GetName() == "steve" {
			return authorizer.DecisionAllow, "", nil
		}
		return authorizer.DecisionNoOpinion, "", nil
	})
	fakeRuleResolver, _ := validation.NewTestRuleResolver(
		nil,
		nil,
		[]*rbacv1.ClusterRole{{ObjectMeta: metav1.ObjectMeta{Name: "alice-role"}, Rules: []rbacv1.PolicyRule{{APIGroups: []string{"*"}, Resources: []string{"*"}, Verbs: []string{"*"}}}}},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Apr 09 13:47:19 UTC 2021
    - 6.2K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/registry/rbac/role/policybased/storage_test.go 

    		authzCalled++
		if attr.GetUser().GetName() == "steve" {
			return authorizer.DecisionAllow, "", nil
		}
		return authorizer.DecisionNoOpinion, "", nil
	})
	fakeRuleResolver, _ := validation.NewTestRuleResolver(
		nil,
		nil,
		[]*rbacv1.ClusterRole{{ObjectMeta: metav1.ObjectMeta{Name: "alice-role"}, Rules: []rbacv1.PolicyRule{{APIGroups: []string{"*"}, Resources: []string{"*"}, Verbs: []string{"*"}}}}},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Apr 09 13:47:19 UTC 2021
    - 6.3K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    plugin/pkg/auth/authorizer/rbac/rbac_test.go 

    			},
			shouldFail: []authorizer.Attributes{
				&defaultAttributes{"admin", "", "get", "pods", "", "ns1", ""},
			},
		},
	}
	for i, tt := range tests {
		ruleResolver, _ := rbacregistryvalidation.NewTestRuleResolver(tt.roles, tt.roleBindings, tt.clusterRoles, tt.clusterRoleBindings)
		a := RBACAuthorizer{ruleResolver}
		for _, attr := range tt.shouldPass {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Sep 24 15:14:54 UTC 2019
    - 21.1K bytes
    - Viewed (0)
Back to top