- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 583 for authorizer (0.16 sec)
-
pkg/kubeapiserver/authorizer/config.go
} seenModes.Insert(authorizer.Type) expectedName := GetNameForAuthorizerMode(string(authorizer.Type)) if expectedName != authorizer.Name { allErrors = append(allErrors, fmt.Errorf("expected name %s for authorizer %s instead of %s", expectedName, authorizer.Type, authorizer.Name)) } } if missingTypes := requireNonWebhookTypes.Difference(seenModes); missingTypes.Len() > 0 {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 8K bytes - Viewed (0) -
pkg/registry/admissionregistration/validatingadmissionpolicybinding/authz_test.go
auth: func(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { return authorizer.DecisionDeny, "", nil }, }, { name: "authorized", userInfo: &user.DefaultInfo{Groups: []string{user.AllAuthenticated}}, auth: func(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Jul 20 16:30:09 UTC 2023 - 5.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go
return } authorized, reason, err := a.Authorize(ctx, attributes) authorizationFinish := time.Now() defer func() { metrics(ctx, authorized, err, authorizationStart, authorizationFinish) }() // an authorizer like RBAC could encounter evaluation errors and still allow the request, so authorizer decision is checked before error here. if authorized == authorizer.DecisionAllow {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Apr 20 13:35:55 UTC 2023 - 3.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/authorization.go
} func (s *DelegatingAuthorizationOptions) toAuthorizer(client kubernetes.Interface) (authorizer.Authorizer, error) { var authorizers []authorizer.Authorizer if len(s.AlwaysAllowGroups) > 0 { authorizers = append(authorizers, authorizerfactory.NewPrivilegedGroups(s.AlwaysAllowGroups...)) } if len(s.AlwaysAllowPaths) > 0 { a, err := path.NewAuthorizer(s.AlwaysAllowPaths) if err != nil { return nil, err }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Dec 18 04:27:38 UTC 2022 - 9.3K bytes - Viewed (0) -
plugin/pkg/admission/certificates/util.go
func IsAuthorizedForSignerName(ctx context.Context, authz authorizer.Authorizer, info user.Info, verb, signerName string) bool { // First check if the user has explicit permission to 'verb' for the given signerName. attr := buildAttributes(info, verb, signerName) decision, reason, err := authz.Authorize(ctx, attr) switch { case err != nil: klog.V(3).Infof("cannot authorize %q %q for policy: %v,%v", verb, attr.GetName(), reason, err)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 16 11:54:27 UTC 2020 - 2.6K bytes - Viewed (0) -
pkg/auth/authorizer/abac/abac.go
return true } } } } return false } // Authorize implements authorizer.Authorize func (pl PolicyList) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) { for _, p := range pl { if matches(*p, a) { return authorizer.DecisionAllow, "", nil } } return authorizer.DecisionNoOpinion, "No policy matched.", nil
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 11 03:11:30 UTC 2021 - 7.4K bytes - Viewed (0) -
pkg/registry/rbac/escalation_check.go
)) } return decision == authorizer.DecisionAllow } // BindingAuthorized returns true if the user associated with the context is explicitly authorized to bind the specified roleRef func BindingAuthorized(ctx context.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool { if a == nil { return false }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Sep 24 15:14:54 UTC 2019 - 4.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/metrics/metrics.go
RegisterMetrics() return &instrumentedAuthorizer{ authorizerType: string(authorizerType), authorizerName: authorizerName, delegate: delegate, } } type instrumentedAuthorizer struct { authorizerType string authorizerName string delegate authorizer.Authorizer }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Feb 16 13:20:59 UTC 2024 - 2.7K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/node/node_authorizer_test.go
User user.Info Secret string ConfigMap string Decision authorizer.Decision }{ {User: node1, Decision: authorizer.DecisionAllow, Secret: "node1-only"}, {User: node1, Decision: authorizer.DecisionAllow, Secret: "node1-node2-only"}, {User: node1, Decision: authorizer.DecisionAllow, Secret: "shared-all"}, {User: node2, Decision: authorizer.DecisionNoOpinion, Secret: "node1-only"},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 40.5K bytes - Viewed (0) -
plugin/pkg/admission/certificates/approval/admission_test.go
verb string allowedName string decision authorizer.Decision err error } func (f fakeAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) { if f.err != nil { return f.decision, "forced error", f.err } if a.GetVerb() != f.verb { return authorizer.DecisionDeny, fmt.Sprintf("unrecognised verb '%s'", a.GetVerb()), nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Feb 27 15:50:14 UTC 2020 - 6.3K bytes - Viewed (0)