authorizer - Code Search

pkg/kubelet/server/auth.go

	authorizer.Authorizer
}

// NewKubeletAuth returns a kubelet.AuthInterface composed of the given authenticator, attribute getter, and authorizer
func NewKubeletAuth(authenticator authenticator.Request, authorizerAttributeGetter authorizer.RequestAttributesGetter, authorizer authorizer.Authorizer) AuthInterface {
	return &KubeletAuth{authenticator, authorizerAttributeGetter, authorizer}
}

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Mon Feb 19 18:09:38 UTC 2024

- 4K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apiserver/pkg/admission/plugin/cel/filter_test.go

type authorizerMatch struct {
	authorizerResult
	match authorizer.AttributesRecord
}

func (f fakeAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) {
	if f.match != nil {
		other, ok := a.(*authorizer.AttributesRecord)
		if !ok {
			panic(fmt.Sprintf("unsupported type: %T", a))
		}
		if reflect.DeepEqual(f.match.match, *other) {

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri May 10 22:07:40 UTC 2024

- 40.4K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/registry/admissionregistration/validatingadmissionpolicy/strategy.go

type validatingAdmissionPolicyStrategy struct {
	runtime.ObjectTyper
	names.NameGenerator
	authorizer       authorizer.Authorizer
	resourceResolver resolver.ResourceResolver
}

// NewStrategy is the default logic that applies when creating and updating validatingAdmissionPolicy objects.
func NewStrategy(authorizer authorizer.Authorizer, resourceResolver resolver.ResourceResolver) *validatingAdmissionPolicyStrategy {

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Wed Mar 06 00:00:21 UTC 2024

- 7.8K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apiserver/pkg/authorization/cel/metrics.go

	RecordAuthorizationMatchConditionEvaluation(ctx context.Context, authorizerType, authorizerName string, elapsed time.Duration)
	// RecordAuthorizationMatchConditionEvaluationFailure increments if any evaluation error was encountered evaluating matchConditions for an Authorize() call to the given authorizer

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Mar 01 22:41:27 UTC 2024

- 4.9K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/registry/admissionregistration/validatingadmissionpolicybinding/strategy.go

func NewStrategy(authorizer authorizer.Authorizer, policyGetter PolicyGetter, resourceResolver resolver.ResourceResolver) *validatingAdmissionPolicyBindingStrategy {
	return &validatingAdmissionPolicyBindingStrategy{
		ObjectTyper:      legacyscheme.Scheme,
		NameGenerator:    names.SimpleNameGenerator,
		authorizer:       authorizer,
		policyGetter:     policyGetter,
		resourceResolver: resourceResolver,

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Mon Nov 07 21:29:56 UTC 2022

- 5.5K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apiserver/pkg/authorization/path/path.go

		} else {
			paths.Insert(p)
		}
	}

	return authorizer.AuthorizerFunc(func(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) {
		if a.IsResourceRequest() {
			return authorizer.DecisionNoOpinion, "", nil
		}

		pth := strings.TrimPrefix(a.GetPath(), "/")
		if paths.Has(pth) {
			return authorizer.DecisionAllow, "", nil
		}

		for _, prefix := range prefixes {

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Apr 09 13:47:19 UTC 2021

- 1.9K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/registry/rbac/clusterrolebinding/policybased/storage.go

type Storage struct {
	rest.StandardStorage

	authorizer authorizer.Authorizer

	ruleResolver rbacregistryvalidation.AuthorizationRuleResolver
}

func NewStorage(s rest.StandardStorage, authorizer authorizer.Authorizer, ruleResolver rbacregistryvalidation.AuthorizationRuleResolver) *Storage {
	return &Storage{s, authorizer, ruleResolver}
}

// Destroy cleans up resources on shutdown.

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Nov 18 10:11:16 UTC 2022

- 4.9K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation_test.go

	"k8s.io/apiserver/pkg/authorization/authorizer"
	"k8s.io/apiserver/pkg/endpoints/request"
)

type impersonateAuthorizer struct{}

func (impersonateAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) {
	user := a.GetUser()

	switch {
	case user.GetName() == "system:admin":
		return authorizer.DecisionAllow, "", nil

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Tue Jul 06 17:13:16 UTC 2021

- 17.2K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/registry/rbac/clusterrole/policybased/storage.go

type Storage struct {
	rest.StandardStorage

	authorizer authorizer.Authorizer

	ruleResolver rbacregistryvalidation.AuthorizationRuleResolver
}

func NewStorage(s rest.StandardStorage, authorizer authorizer.Authorizer, ruleResolver rbacregistryvalidation.AuthorizationRuleResolver) *Storage {
	return &Storage{s, authorizer, ruleResolver}
}

// Destroy cleans up resources on shutdown.

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Nov 18 10:11:16 UTC 2022

- 5.2K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/registry/rbac/rolebinding/policybased/storage.go

type Storage struct {
	rest.StandardStorage

	authorizer authorizer.Authorizer

	ruleResolver rbacregistryvalidation.AuthorizationRuleResolver
}

func NewStorage(s rest.StandardStorage, authorizer authorizer.Authorizer, ruleResolver rbacregistryvalidation.AuthorizationRuleResolver) *Storage {
	return &Storage{s, authorizer, ruleResolver}
}

// Destroy cleans up resources on shutdown.

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Fri Nov 18 10:11:16 UTC 2022

- 5.5K bytes

- Viewed (0)

Search Options