Documentation
¶
Overview ¶
Package matching contains useful functionality for matching users
Index ¶
- Constants
- func ConvertUserInfoToSubject(userInfo authenticationv1.UserInfo, namespace string) (subject rbacv1.Subject)
- func IsRightUser(userInfo authenticationv1.UserInfo, subject rbacv1.Subject) bool
- func ServiceAccountMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
- func UserGroupMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
- func UserMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
Constants ¶
View Source
const WildcardAll = "*"
WildcardAll is a character which represents all elements in a set.
Variables ¶
This section is empty.
Functions ¶
func ConvertUserInfoToSubject ¶ added in v0.3.0
func ConvertUserInfoToSubject(userInfo authenticationv1.UserInfo, namespace string) (subject rbacv1.Subject)
func IsRightUser ¶
func IsRightUser(userInfo authenticationv1.UserInfo, subject rbacv1.Subject) bool
IsRightUser determine whether the two types of users match
func ServiceAccountMatches ¶
func ServiceAccountMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
ServiceAccountMatches returns `true` if the given service account in the subject has a match in the given userConfig. Supports `WildcardAll` in subject name.
func UserGroupMatches ¶
func UserGroupMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
UserGroupMatches returns `true` if the given group in the subject has a match in the given userConfig. Always returns true if `WildcardAll` is used in subject.
func UserMatches ¶
func UserMatches(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool
UserMatches returns `true` if the given user in the subject has a match in the given userConfig.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.