userinfo

package

v0.3.0 Latest Latest Go to latest Published: Dec 30, 2024 License: Apache-2.0 Imports: 6 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/UiP9AV6Y/go-k8s-user-authz

README ¶

userinfo

Authorization logic making decisions based on user properties.

Documentation ¶

Index ¶

func NewV1Beta1UserInfo(i v1beta1.UserInfo) user.Info
func NewV1UserInfo(i v1.UserInfo) user.Info
func RejectAllGroups(g []string) userauthz.Authorizer
func RejectAnyGroups(g []string) userauthz.Authorizer
func RejectAnyNames(n []string) userauthz.Authorizer
func RejectAnyUIDs(n []string) userauthz.Authorizer
func RejectExtra(k, v string) userauthz.Authorizer
func RejectGroup(g string) userauthz.Authorizer
func RejectName(n string) userauthz.Authorizer
func RequireAllGroups(g []string) userauthz.Authorizer
func RequireAnyGroups(g []string) userauthz.Authorizer
func RequireAnyNames(n []string) userauthz.Authorizer
func RequireAnyUIDs(n []string) userauthz.Authorizer
func RequireExtra(k, v string) userauthz.Authorizer
func RequireGroup(g string) userauthz.Authorizer
func RequireName(n string) userauthz.Authorizer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewV1Beta1UserInfo ¶

func NewV1Beta1UserInfo(i v1beta1.UserInfo) user.Info

NewV1UserInfo returns a user.Info proxy for v1beta1.UserInfo objects.

func NewV1UserInfo ¶

func NewV1UserInfo(i v1.UserInfo) user.Info

NewV1UserInfo returns a user.Info proxy for [v1.UserInfo] objects.

func RejectAllGroups ¶ added in v0.3.0

func RejectAllGroups(g []string) userauthz.Authorizer

RejectAllGroups returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied if the group memberships match every one of the given items. An empty filter returns an [userauthz.Authorizer] rejecting everything.

func RejectAnyGroups ¶ added in v0.3.0

func RejectAnyGroups(g []string) userauthz.Authorizer

RejectAnyGroups returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied if the group memberships match any of the given items. An empty filter returns [userauthz.AlwaysAllowAuthorizer].

func RejectAnyNames ¶ added in v0.3.0

func RejectAnyNames(n []string) userauthz.Authorizer

RejectAnyNames returns an [userauthz.Authorizer] inspecting the user.Info username information. Access is denied if the username matches any of the given items. An empty filter returns [userauthz.AlwaysAllowAuthorizer].

func RejectAnyUIDs ¶ added in v0.3.0

func RejectAnyUIDs(n []string) userauthz.Authorizer

RejectAnyUIDs returns an [userauthz.Authorizer] inspecting the user.Info identifier information. Access is denied if the UID matches any of the given items. An empty filter returns [userauthz.AlwaysAllowAuthorizer].

func RejectExtra ¶

func RejectExtra(k, v string) userauthz.Authorizer

RejectExtra returns an [userauthz.Authorizer] inspecting the user.Info extra values. Access is denied if the given key exists with the matching value. An absence of the key is treated as mismatch, resulting in [userauthz.DecisionAllow].

func RejectGroup ¶

func RejectGroup(g string) userauthz.Authorizer

RejectGroup returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied if the given value is found in the group list.

func RejectName ¶

func RejectName(n string) userauthz.Authorizer

RejectName returns an [userauthz.Authorizer] inspecting the user.Info username information. Access is denied if the username matches.

func RequireAllGroups ¶ added in v0.3.0

func RequireAllGroups(g []string) userauthz.Authorizer

RequireAllGroups returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied unless the group memberships match every one of the given items. An empty filter returns [userauthz.AlwaysAllowAuthorizer].

func RequireAnyGroups ¶ added in v0.3.0

func RequireAnyGroups(g []string) userauthz.Authorizer

RequireAnyGroups returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied unless the group memberships match at least one of the given items. An empty filter returns an [userauthz.Authorizer] rejecting everything.

func RequireAnyNames ¶ added in v0.3.0

func RequireAnyNames(n []string) userauthz.Authorizer

RequireAnyNames returns an [userauthz.Authorizer] inspecting the user.Info username information. Access is denied unless the username matches at least one of the given items. An empty filter returns an [userauthz.Authorizer] rejecting everything.

func RequireAnyUIDs ¶ added in v0.3.0

func RequireAnyUIDs(n []string) userauthz.Authorizer

RequireAnyUIDs returns an [userauthz.Authorizer] inspecting the user.Info identifier information. Access is denied unless the UID matches at least one of the given items. An empty filter returns an [userauthz.Authorizer] rejecting everything.

func RequireExtra ¶

func RequireExtra(k, v string) userauthz.Authorizer

RejectExtra returns an [userauthz.Authorizer] inspecting the user.Info extra values. Access is denied unless the given key exists with the matching value. An absence of the key is treated as mismatch, resulting in rejection.

func RequireGroup ¶

func RequireGroup(g string) userauthz.Authorizer

RejectGroup returns an [userauthz.Authorizer] inspecting the user.Info group information. Access is denied unless the group is found.

func RequireName ¶

func RequireName(n string) userauthz.Authorizer

RejectName returns an [userauthz.Authorizer] inspecting the user.Info username information. Access is denied unless the username matches.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
usertest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL