Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 13 for RulesFor (0.17 sec)

  2. github.com/kubernetes/kubernetes

    plugin/pkg/auth/authorizer/rbac/rbac.go 

    )

type RequestToRuleMapper interface {
	// RulesFor returns all known PolicyRules and any errors that happened while locating those rules.
	// Any rule returned is still valid, since rules are deny by default.  If you can pass with the rules
	// supplied, you do not have to fail the request.  If you cannot, you should indicate the error along
	// with your denial.
	RulesFor(subject user.Info, namespace string) ([]rbacv1.PolicyRule, error)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Mar 24 10:13:50 UTC 2022
    - 7.8K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authorization/union/union.go 

    	return unionAuthzRulesHandler(authorizationHandlers)
}

// RulesFor against a chain of authorizer.RuleResolver objects and returns nil if successful and returns error if unsuccessful
func (authzHandler unionAuthzRulesHandler) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {
	var (
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sun Jun 28 20:27:28 UTC 2020
    - 3.9K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authorization/union/union_test.go 

    	}
}

type mockAuthzRuleHandler struct {
	resourceRules    []authorizer.ResourceRuleInfo
	nonResourceRules []authorizer.NonResourceRuleInfo
	err              error
}

func (mock *mockAuthzRuleHandler) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {
	if mock.err != nil {
		return []authorizer.ResourceRuleInfo{}, []authorizer.NonResourceRuleInfo{}, false, mock.err
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Sep 24 15:14:54 UTC 2019
    - 7.7K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/builtin.go 

    func (alwaysAllowAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) {
	return authorizer.DecisionAllow, "", nil
}

func (alwaysAllowAuthorizer) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {
	return []authorizer.ResourceRuleInfo{
			&authorizer.DefaultResourceRuleInfo{
				Verbs:     []string{"*"},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Sep 24 15:14:54 UTC 2019
    - 3.2K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/registry/rbac/validation/rule.go 

    	// RulesFor returns the list of rules that apply to a given user in a given namespace and error.  If an error is returned, the slice of
	// PolicyRules may not be complete, but it contains all retrievable rules.  This is done because policy rules are purely additive and policy determinations
	// can be made on the basis of those rules that are found.
	RulesFor(user user.Info, namespace string) ([]rbacv1.PolicyRule, error)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Nov 02 16:51:16 UTC 2020
    - 11.6K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go 

    }

// RuleResolver provides a mechanism for resolving the list of rules that apply to a given user within a namespace.
type RuleResolver interface {
	// RulesFor get the list of cluster wide rules, the list of rules in the specific namespace, incomplete status and errors.
	RulesFor(user user.Info, namespace string) ([]ResourceRuleInfo, []NonResourceRuleInfo, bool, error)
}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Jun 06 14:36:14 UTC 2023
    - 4.8K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    pkg/kubeapiserver/authorizer/reload.go 

    	return r.current.Load().authorizer.Authorize(ctx, a)
}

func (r *reloadableAuthorizerResolver) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {
	return r.current.Load().ruleResolver.RulesFor(user, namespace)
}

// newForConfig constructs
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Mar 04 19:01:15 UTC 2024
    - 9.3K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    pkg/registry/authorization/selfsubjectrulesreview/rest.go 

    	}

	if createValidation != nil {
		if err := createValidation(ctx, obj.DeepCopyObject()); err != nil {
			return nil, err
		}
	}

	resourceInfo, nonResourceInfo, incomplete, err := r.ruleResolver.RulesFor(user, namespace)

	ret := &authorizationapi.SelfSubjectRulesReview{
		Status: authorizationapi.SubjectRulesReviewStatus{
			ResourceRules:    getResourceRules(resourceInfo),
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Nov 18 09:21:13 UTC 2022
    - 3.7K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    pkg/auth/authorizer/abac/abac.go 

    	// policy file, compared to other steps such as encoding/decoding.
	// Then, add Caching only if needed.
}

// RulesFor returns rules for the given user and namespace.
func (pl PolicyList) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {
	var (
		resourceRules    []authorizer.ResourceRuleInfo
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Oct 11 03:11:30 UTC 2021
    - 7.4K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    pkg/registry/rbac/validation/rule_test.go 

    			user:           &user.DefaultInfo{},
			effectiveRules: nil,
		},
	}

	for i, tc := range tests {
		ruleResolver := newMockRuleResolver(&tc.StaticRoles)
		rules, err := ruleResolver.RulesFor(tc.user, tc.namespace)
		if err != nil {
			t.Errorf("case %d: GetEffectivePolicyRules(context)=%v", i, err)
			continue
		}

		// Sort for deep equals
		sort.Sort(byHash(rules))
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Apr 12 15:46:12 UTC 2023
    - 7.9K bytes
    - Viewed (0)
Back to top