authorizer

package
v3.6.0-alpha.0+incompa... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 21, 2017 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const DefaultProjectRequestForbidden = "You may not request a new project via this API."

Variables

This section is empty.

Functions

func IsPersonalAccessReviewFromSAR

func IsPersonalAccessReviewFromSAR(sar *authorizationapi.SubjectAccessReview) bool

IsPersonalAccessReviewFromSAR this variant handles the case where we have an SAR

func ToDefaultAuthorizationAttributes added in v1.0.5

func ToDefaultAuthorizationAttributes(user user.Info, namespace string, in authorizationapi.Action) authorizer.Attributes

ToDefaultAuthorizationAttributes coerces Action to authorizer.Attributes.

Types

type AuthorizationAttributeBuilder

type AuthorizationAttributeBuilder interface {
	GetAttributes(request *http.Request) (authorizer.Attributes, error)
}

func NewAuthorizationAttributeBuilder

func NewAuthorizationAttributeBuilder(contextMapper kapi.RequestContextMapper, infoFactory RequestInfoFactory) AuthorizationAttributeBuilder

type ForbiddenMessageMaker added in v0.5.3

type ForbiddenMessageMaker interface {
	MakeMessage(ctx MessageContext) (string, error)
}

ForbiddenMessageMaker creates a forbidden message from a MessageContext

type ForbiddenMessageResolver added in v0.5.3

type ForbiddenMessageResolver struct {
	// contains filtered or unexported fields
}

func NewForbiddenMessageResolver added in v0.5.3

func NewForbiddenMessageResolver(projectRequestForbiddenTemplate string) *ForbiddenMessageResolver

func (*ForbiddenMessageResolver) MakeMessage added in v0.5.3

func (m *ForbiddenMessageResolver) MakeMessage(ctx MessageContext) (string, error)

type MessageContext added in v0.5.3

type MessageContext struct {
	Attributes authorizer.Attributes
}

MessageContext contains sufficient information to create a forbidden message. It is bundled in this one object to make it easy and obvious how to build a golang template

type RequestInfoFactory added in v1.5.0

type RequestInfoFactory interface {
	NewRequestInfo(req *http.Request) (*request.RequestInfo, error)
}

func NewBrowserSafeRequestInfoResolver added in v1.2.0

func NewBrowserSafeRequestInfoResolver(contextMapper kapi.RequestContextMapper, authenticatedGroups sets.String, infoFactory RequestInfoFactory) RequestInfoFactory

func NewPersonalSARRequestInfoResolver

func NewPersonalSARRequestInfoResolver(infoFactory RequestInfoFactory) RequestInfoFactory

func NewProjectRequestInfoResolver

func NewProjectRequestInfoResolver(infoFactory RequestInfoFactory) RequestInfoFactory

type SubjectLocator

type SubjectLocator interface {
	GetAllowedSubjects(attributes authorizer.Attributes) (sets.String, sets.String, error)
}

func NewAuthorizer

func NewAuthorizer(ruleResolver rulevalidation.AuthorizationRuleResolver, forbiddenMessageMaker ForbiddenMessageMaker) (authorizer.Authorizer, SubjectLocator)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL