- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 13 for RulesFor (0.39 sec)
-
plugin/pkg/auth/authorizer/rbac/rbac.go
) type RequestToRuleMapper interface { // RulesFor returns all known PolicyRules and any errors that happened while locating those rules. // Any rule returned is still valid, since rules are deny by default. If you can pass with the rules // supplied, you do not have to fail the request. If you cannot, you should indicate the error along // with your denial. RulesFor(subject user.Info, namespace string) ([]rbacv1.PolicyRule, error)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 24 10:13:50 UTC 2022 - 7.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/union/union.go
return unionAuthzRulesHandler(authorizationHandlers) } // RulesFor against a chain of authorizer.RuleResolver objects and returns nil if successful and returns error if unsuccessful func (authzHandler unionAuthzRulesHandler) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { var (
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Jun 28 20:27:28 UTC 2020 - 3.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/union/union_test.go
} } type mockAuthzRuleHandler struct { resourceRules []authorizer.ResourceRuleInfo nonResourceRules []authorizer.NonResourceRuleInfo err error } func (mock *mockAuthzRuleHandler) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { if mock.err != nil { return []authorizer.ResourceRuleInfo{}, []authorizer.NonResourceRuleInfo{}, false, mock.err
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Sep 24 15:14:54 UTC 2019 - 7.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/authorizerfactory/builtin.go
func (alwaysAllowAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { return authorizer.DecisionAllow, "", nil } func (alwaysAllowAuthorizer) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { return []authorizer.ResourceRuleInfo{ &authorizer.DefaultResourceRuleInfo{ Verbs: []string{"*"},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Sep 24 15:14:54 UTC 2019 - 3.2K bytes - Viewed (0) -
pkg/registry/rbac/validation/rule.go
// RulesFor returns the list of rules that apply to a given user in a given namespace and error. If an error is returned, the slice of // PolicyRules may not be complete, but it contains all retrievable rules. This is done because policy rules are purely additive and policy determinations // can be made on the basis of those rules that are found. RulesFor(user user.Info, namespace string) ([]rbacv1.PolicyRule, error)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Nov 02 16:51:16 UTC 2020 - 11.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
} // RuleResolver provides a mechanism for resolving the list of rules that apply to a given user within a namespace. type RuleResolver interface { // RulesFor get the list of cluster wide rules, the list of rules in the specific namespace, incomplete status and errors. RulesFor(user user.Info, namespace string) ([]ResourceRuleInfo, []NonResourceRuleInfo, bool, error) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jun 06 14:36:14 UTC 2023 - 4.8K bytes - Viewed (0) -
pkg/kubeapiserver/authorizer/reload.go
return r.current.Load().authorizer.Authorize(ctx, a) } func (r *reloadableAuthorizerResolver) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { return r.current.Load().ruleResolver.RulesFor(user, namespace) } // newForConfig constructs
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 19:01:15 UTC 2024 - 9.3K bytes - Viewed (0) -
pkg/registry/authorization/selfsubjectrulesreview/rest.go
} if createValidation != nil { if err := createValidation(ctx, obj.DeepCopyObject()); err != nil { return nil, err } } resourceInfo, nonResourceInfo, incomplete, err := r.ruleResolver.RulesFor(user, namespace) ret := &authorizationapi.SelfSubjectRulesReview{ Status: authorizationapi.SubjectRulesReviewStatus{ ResourceRules: getResourceRules(resourceInfo),
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 09:21:13 UTC 2022 - 3.7K bytes - Viewed (0) -
pkg/auth/authorizer/abac/abac.go
// policy file, compared to other steps such as encoding/decoding. // Then, add Caching only if needed. } // RulesFor returns rules for the given user and namespace. func (pl PolicyList) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { var ( resourceRules []authorizer.ResourceRuleInfo
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 11 03:11:30 UTC 2021 - 7.4K bytes - Viewed (0) -
pkg/registry/rbac/validation/rule_test.go
user: &user.DefaultInfo{}, effectiveRules: nil, }, } for i, tc := range tests { ruleResolver := newMockRuleResolver(&tc.StaticRoles) rules, err := ruleResolver.RulesFor(tc.user, tc.namespace) if err != nil { t.Errorf("case %d: GetEffectivePolicyRules(context)=%v", i, err) continue } // Sort for deep equals sort.Sort(byHash(rules))
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 12 15:46:12 UTC 2023 - 7.9K bytes - Viewed (0)