authorizer

package

v3.6.152-1+incompatible Latest Latest Go to latest Published: Jul 17, 2017 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bparees/origin

Documentation ¶

Index ¶

Constants
func IsPersonalAccessReviewFromSAR(sar *authorizationapi.SubjectAccessReview) bool
func RuleMatches(a authorizer.Attributes, rule authorizationapi.PolicyRule) (bool, error)
func ToDefaultAuthorizationAttributes(user user.Info, namespace string, in authorizationapi.Action) authorizer.Attributes
type AuthorizationAttributeBuilder
- func NewAuthorizationAttributeBuilder(contextMapper apirequest.RequestContextMapper, infoFactory RequestInfoFactory) AuthorizationAttributeBuilder
type ForbiddenMessageMaker
type ForbiddenMessageResolver
- func NewForbiddenMessageResolver(projectRequestForbiddenTemplate string) *ForbiddenMessageResolver
- func (m *ForbiddenMessageResolver) MakeMessage(attrs authorizer.Attributes) (string, error)
type RequestInfoFactory
type SubjectLocator
- func NewAuthorizer(ruleResolver rulevalidation.AuthorizationRuleResolver, ...) (authorizer.Authorizer, SubjectLocator)

Constants ¶

View Source

const DefaultProjectRequestForbidden = "You may not request a new project via this API."

Variables ¶

This section is empty.

Functions ¶

func IsPersonalAccessReviewFromSAR ¶

func IsPersonalAccessReviewFromSAR(sar *authorizationapi.SubjectAccessReview) bool

IsPersonalAccessReviewFromSAR this variant handles the case where we have an SAR

func RuleMatches ¶

func RuleMatches(a authorizer.Attributes, rule authorizationapi.PolicyRule) (bool, error)

func ToDefaultAuthorizationAttributes ¶ added in v1.0.5

func ToDefaultAuthorizationAttributes(user user.Info, namespace string, in authorizationapi.Action) authorizer.Attributes

ToDefaultAuthorizationAttributes coerces Action to authorizer.Attributes.

Types ¶

type AuthorizationAttributeBuilder ¶

type AuthorizationAttributeBuilder interface {
	GetAttributes(request *http.Request) (authorizer.Attributes, error)
}

func NewAuthorizationAttributeBuilder ¶

func NewAuthorizationAttributeBuilder(contextMapper apirequest.RequestContextMapper, infoFactory RequestInfoFactory) AuthorizationAttributeBuilder

type ForbiddenMessageMaker ¶ added in v0.5.3

type ForbiddenMessageMaker interface {
	MakeMessage(attrs authorizer.Attributes) (string, error)
}

ForbiddenMessageMaker creates a forbidden message from Attributes

type ForbiddenMessageResolver ¶ added in v0.5.3

type ForbiddenMessageResolver struct {
	// contains filtered or unexported fields
}

func NewForbiddenMessageResolver ¶ added in v0.5.3

func NewForbiddenMessageResolver(projectRequestForbiddenTemplate string) *ForbiddenMessageResolver

func (*ForbiddenMessageResolver) MakeMessage ¶ added in v0.5.3

func (m *ForbiddenMessageResolver) MakeMessage(attrs authorizer.Attributes) (string, error)

type RequestInfoFactory ¶ added in v1.5.0

type RequestInfoFactory interface {
	NewRequestInfo(req *http.Request) (*apirequest.RequestInfo, error)
}

func NewBrowserSafeRequestInfoResolver ¶ added in v1.2.0

func NewBrowserSafeRequestInfoResolver(contextMapper apirequest.RequestContextMapper, authenticatedGroups sets.String, infoFactory RequestInfoFactory) RequestInfoFactory

func NewPersonalSARRequestInfoResolver ¶

func NewPersonalSARRequestInfoResolver(infoFactory RequestInfoFactory) RequestInfoFactory

func NewProjectRequestInfoResolver ¶

func NewProjectRequestInfoResolver(infoFactory RequestInfoFactory) RequestInfoFactory

type SubjectLocator ¶

type SubjectLocator interface {
	GetAllowedSubjects(attributes authorizer.Attributes) (sets.String, sets.String, error)
}

func NewAuthorizer ¶

func NewAuthorizer(ruleResolver rulevalidation.AuthorizationRuleResolver, forbiddenMessageMaker ForbiddenMessageMaker) (authorizer.Authorizer, SubjectLocator)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
scope

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL