- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 623 for authorizes (0.18 sec)
-
staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go
// TestAuthorizer is a test stub that fulfills the WantsAuthorizer interface. type TestAuthorizer struct{} func (t *TestAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { return authorizer.DecisionNoOpinion, "", nil } func TestRESTMapperAdmissionPlugin(t *testing.T) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 00:00:21 UTC 2024 - 8.2K bytes - Viewed (0) -
pkg/registry/admissionregistration/validatingadmissionpolicybinding/authz.go
// identical paramRef and policy to old object return nil } return v.authorize(ctx, binding) } func (v *validatingAdmissionPolicyBindingStrategy) authorize(ctx context.Context, binding *admissionregistration.ValidatingAdmissionPolicyBinding) error { if v.authorizer == nil || v.resourceResolver == nil || binding.Spec.ParamRef == nil { return nil } // for superuser, skip all checks
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 01 12:19:03 UTC 2024 - 3.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/handlers/update.go
func withAuthorization(validate rest.ValidateObjectFunc, a authorizer.Authorizer, attributes authorizer.Attributes) rest.ValidateObjectFunc { var once sync.Once var authorizerDecision authorizer.Decision var authorizerReason string var authorizerErr error return func(ctx context.Context, obj runtime.Object) error { if a == nil { return errors.NewInternalError(fmt.Errorf("no authorizer provided, unable to authorize a create on update")) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon May 01 20:19:46 UTC 2023 - 11.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
func (w *WebhookAuthorizer) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) { var ( resourceRules []authorizer.ResourceRuleInfo nonResourceRules []authorizer.NonResourceRuleInfo ) incomplete := true return resourceRules, nonResourceRules, incomplete, fmt.Errorf("webhook authorizer does not support user rule resolution") }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 19:01:15 UTC 2024 - 18.4K bytes - Viewed (0) -
pkg/registry/admissionregistration/validatingadmissionpolicy/authz.go
Resource: resource, } d, _, err := v.authorizer.Authorize(ctx, attrs) if err != nil { return err } if d != authorizer.DecisionAllow { return fmt.Errorf(`user %v must have "get" permission on all objects of the referenced paramKind (kind=%s, apiVersion=%s)`, user, paramKind.Kind, paramKind.APIVersion) } return nil
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Nov 07 21:29:56 UTC 2022 - 3.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/metrics/metrics.go
RegisterMetrics() return &instrumentedAuthorizer{ authorizerType: string(authorizerType), authorizerName: authorizerName, delegate: delegate, } } type instrumentedAuthorizer struct { authorizerType string authorizerName string delegate authorizer.Authorizer }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Feb 16 13:20:59 UTC 2024 - 2.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/types.go
type AuthorizationConfiguration struct { metav1.TypeMeta // Authorizers is an ordered list of authorizers to // authorize requests against. // This is similar to the --authorization-modes kube-apiserver flag // Must be at least one. Authorizers []AuthorizerConfiguration `json:"authorizers"` } const ( TypeWebhook AuthorizerType = "Webhook"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 17:59:05 UTC 2024 - 25.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/path/path_test.go
for _, cases := range []struct { paths []string want authorizer.Decision }{ {tt.allowed, authorizer.DecisionAllow}, {tt.denied, authorizer.DecisionDeny}, {tt.noOpinion, authorizer.DecisionNoOpinion}, } { for _, pth := range cases.paths { info := authorizer.AttributesRecord{ Path: pth, } if got, _, err := a.Authorize(context.Background(), info); err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Sep 24 15:14:54 UTC 2019 - 2.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/metrics.go
func recordAuthorizationMetrics(ctx context.Context, authorized authorizer.Decision, err error, authStart time.Time, authFinish time.Time) { var resultLabel string switch { case authorized == authorizer.DecisionAllow: resultLabel = allowedLabel case err != nil: resultLabel = errorLabel case authorized == authorizer.DecisionDeny: resultLabel = deniedLabel case authorized == authorizer.DecisionNoOpinion:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Apr 20 13:35:55 UTC 2023 - 5.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go
"k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/server/httplog" ) // WithImpersonation is a filter that will inspect and check requests that attempt to change the user.Info for their requests func WithImpersonation(handler http.Handler, a authorizer.Authorizer, s runtime.NegotiatedSerializer) http.Handler {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Aug 07 10:10:35 UTC 2023 - 9.5K bytes - Viewed (0)