Documentation ¶
Index ¶
- func BindingAuthorized(ctx context.Context, roleRef rbac.RoleRef, bindingNamespace string, ...) bool
- func EscalationAllowed(ctx context.Context) bool
- func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool
- func RoleEscalationAuthorized(ctx context.Context, a authorizer.Authorizer) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BindingAuthorized ¶
func BindingAuthorized(ctx context.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool
BindingAuthorized returns true if the user associated with the context is explicitly authorized to bind the specified roleRef
func EscalationAllowed ¶
EscalationAllowed checks if the user associated with the context is a superuser
func IsOnlyMutatingGCFields ¶
func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool
IsOnlyMutatingGCFields checks finalizers and ownerrefs which GC manipulates and indicates that only those fields are changing
func RoleEscalationAuthorized ¶
func RoleEscalationAuthorized(ctx context.Context, a authorizer.Authorizer) bool
RoleEscalationAuthorized checks if the user associated with the context is explicitly authorized to escalate the role resource associated with the context
Types ¶
This section is empty.
Directories ¶
Path | Synopsis |
---|---|
Package clusterrole provides Registry interface and its RESTStorage implementation for storing ClusterRole objects.
|
Package clusterrole provides Registry interface and its RESTStorage implementation for storing ClusterRole objects. |
policybased
Package policybased implements a standard storage for ClusterRole that prevents privilege escalation.
|
Package policybased implements a standard storage for ClusterRole that prevents privilege escalation. |
Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects.
|
Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects. |
policybased
Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation.
|
Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation. |
Package role provides Registry interface and its RESTStorage implementation for storing Role objects.
|
Package role provides Registry interface and its RESTStorage implementation for storing Role objects. |
policybased
Package policybased implements a standard storage for Role that prevents privilege escalation.
|
Package policybased implements a standard storage for Role that prevents privilege escalation. |
Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects.
|
Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects. |
policybased
Package policybased implements a standard storage for RoleBinding that prevents privilege escalation.
|
Package policybased implements a standard storage for RoleBinding that prevents privilege escalation. |
Click to show internal directories.
Click to hide internal directories.