v1beta1

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2016 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

+groupName=authorization.k8s.io

Package v1beta1 is a generated protocol buffer package.

It is generated from these files:
	k8s.io/kubernetes/pkg/apis/authorization/v1beta1/generated.proto

It has these top-level messages:
	ExtraValue
	LocalSubjectAccessReview
	NonResourceAttributes
	ResourceAttributes
	SelfSubjectAccessReview
	SelfSubjectAccessReviewSpec
	SubjectAccessReview
	SubjectAccessReviewSpec
	SubjectAccessReviewStatus

Index

Constants

View Source
const GroupName = "authorization.k8s.io"

GroupName is the group name use in this package

Variables

View Source
var (
	ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowGenerated   = fmt.Errorf("proto: integer overflow")
)
View Source
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes, addDefaultingFuncs, addConversionFuncs)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: "v1beta1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Convert_authorization_LocalSubjectAccessReview_To_v1beta1_LocalSubjectAccessReview added in v1.3.0

func Convert_authorization_LocalSubjectAccessReview_To_v1beta1_LocalSubjectAccessReview(in *authorization.LocalSubjectAccessReview, out *LocalSubjectAccessReview, s conversion.Scope) error

func Convert_authorization_NonResourceAttributes_To_v1beta1_NonResourceAttributes added in v1.3.0

func Convert_authorization_NonResourceAttributes_To_v1beta1_NonResourceAttributes(in *authorization.NonResourceAttributes, out *NonResourceAttributes, s conversion.Scope) error

func Convert_authorization_ResourceAttributes_To_v1beta1_ResourceAttributes added in v1.3.0

func Convert_authorization_ResourceAttributes_To_v1beta1_ResourceAttributes(in *authorization.ResourceAttributes, out *ResourceAttributes, s conversion.Scope) error

func Convert_authorization_SelfSubjectAccessReviewSpec_To_v1beta1_SelfSubjectAccessReviewSpec added in v1.3.0

func Convert_authorization_SelfSubjectAccessReviewSpec_To_v1beta1_SelfSubjectAccessReviewSpec(in *authorization.SelfSubjectAccessReviewSpec, out *SelfSubjectAccessReviewSpec, s conversion.Scope) error

func Convert_authorization_SelfSubjectAccessReview_To_v1beta1_SelfSubjectAccessReview added in v1.3.0

func Convert_authorization_SelfSubjectAccessReview_To_v1beta1_SelfSubjectAccessReview(in *authorization.SelfSubjectAccessReview, out *SelfSubjectAccessReview, s conversion.Scope) error

func Convert_authorization_SubjectAccessReviewSpec_To_v1beta1_SubjectAccessReviewSpec added in v1.3.0

func Convert_authorization_SubjectAccessReviewSpec_To_v1beta1_SubjectAccessReviewSpec(in *authorization.SubjectAccessReviewSpec, out *SubjectAccessReviewSpec, s conversion.Scope) error

func Convert_authorization_SubjectAccessReviewStatus_To_v1beta1_SubjectAccessReviewStatus added in v1.3.0

func Convert_authorization_SubjectAccessReviewStatus_To_v1beta1_SubjectAccessReviewStatus(in *authorization.SubjectAccessReviewStatus, out *SubjectAccessReviewStatus, s conversion.Scope) error

func Convert_authorization_SubjectAccessReview_To_v1beta1_SubjectAccessReview added in v1.3.0

func Convert_authorization_SubjectAccessReview_To_v1beta1_SubjectAccessReview(in *authorization.SubjectAccessReview, out *SubjectAccessReview, s conversion.Scope) error

func Convert_v1beta1_LocalSubjectAccessReview_To_authorization_LocalSubjectAccessReview added in v1.3.0

func Convert_v1beta1_LocalSubjectAccessReview_To_authorization_LocalSubjectAccessReview(in *LocalSubjectAccessReview, out *authorization.LocalSubjectAccessReview, s conversion.Scope) error

func Convert_v1beta1_NonResourceAttributes_To_authorization_NonResourceAttributes added in v1.3.0

func Convert_v1beta1_NonResourceAttributes_To_authorization_NonResourceAttributes(in *NonResourceAttributes, out *authorization.NonResourceAttributes, s conversion.Scope) error

func Convert_v1beta1_ResourceAttributes_To_authorization_ResourceAttributes added in v1.3.0

func Convert_v1beta1_ResourceAttributes_To_authorization_ResourceAttributes(in *ResourceAttributes, out *authorization.ResourceAttributes, s conversion.Scope) error

func Convert_v1beta1_SelfSubjectAccessReviewSpec_To_authorization_SelfSubjectAccessReviewSpec added in v1.3.0

func Convert_v1beta1_SelfSubjectAccessReviewSpec_To_authorization_SelfSubjectAccessReviewSpec(in *SelfSubjectAccessReviewSpec, out *authorization.SelfSubjectAccessReviewSpec, s conversion.Scope) error

func Convert_v1beta1_SelfSubjectAccessReview_To_authorization_SelfSubjectAccessReview added in v1.3.0

func Convert_v1beta1_SelfSubjectAccessReview_To_authorization_SelfSubjectAccessReview(in *SelfSubjectAccessReview, out *authorization.SelfSubjectAccessReview, s conversion.Scope) error

func Convert_v1beta1_SubjectAccessReviewSpec_To_authorization_SubjectAccessReviewSpec added in v1.3.0

func Convert_v1beta1_SubjectAccessReviewSpec_To_authorization_SubjectAccessReviewSpec(in *SubjectAccessReviewSpec, out *authorization.SubjectAccessReviewSpec, s conversion.Scope) error

func Convert_v1beta1_SubjectAccessReviewStatus_To_authorization_SubjectAccessReviewStatus added in v1.3.0

func Convert_v1beta1_SubjectAccessReviewStatus_To_authorization_SubjectAccessReviewStatus(in *SubjectAccessReviewStatus, out *authorization.SubjectAccessReviewStatus, s conversion.Scope) error

func Convert_v1beta1_SubjectAccessReview_To_authorization_SubjectAccessReview added in v1.3.0

func Convert_v1beta1_SubjectAccessReview_To_authorization_SubjectAccessReview(in *SubjectAccessReview, out *authorization.SubjectAccessReview, s conversion.Scope) error

func DeepCopy_v1beta1_LocalSubjectAccessReview added in v1.3.0

func DeepCopy_v1beta1_LocalSubjectAccessReview(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_NonResourceAttributes added in v1.3.0

func DeepCopy_v1beta1_NonResourceAttributes(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_ResourceAttributes added in v1.3.0

func DeepCopy_v1beta1_ResourceAttributes(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_SelfSubjectAccessReview added in v1.3.0

func DeepCopy_v1beta1_SelfSubjectAccessReview(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_SelfSubjectAccessReviewSpec added in v1.3.0

func DeepCopy_v1beta1_SelfSubjectAccessReviewSpec(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_SubjectAccessReview added in v1.3.0

func DeepCopy_v1beta1_SubjectAccessReview(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_SubjectAccessReviewSpec added in v1.3.0

func DeepCopy_v1beta1_SubjectAccessReviewSpec(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1beta1_SubjectAccessReviewStatus added in v1.3.0

func DeepCopy_v1beta1_SubjectAccessReviewStatus(in interface{}, out interface{}, c *conversion.Cloner) error

func RegisterConversions added in v1.4.1

func RegisterConversions(scheme *runtime.Scheme) error

RegisterConversions adds conversion functions to the given scheme. Public to allow building arbitrary schemes.

func RegisterDeepCopies added in v1.4.1

func RegisterDeepCopies(scheme *runtime.Scheme) error

RegisterDeepCopies adds deep-copy functions to the given scheme. Public to allow building arbitrary schemes.

Types

type ExtraValue added in v1.4.1

type ExtraValue []string

ExtraValue masks the value so protobuf can generate +protobuf.nullable=true +protobuf.options.(gogoproto.goproto_stringer)=false

func (*ExtraValue) CodecDecodeSelf added in v1.4.1

func (x *ExtraValue) CodecDecodeSelf(d *codec1978.Decoder)

func (ExtraValue) CodecEncodeSelf added in v1.4.1

func (x ExtraValue) CodecEncodeSelf(e *codec1978.Encoder)

func (*ExtraValue) Descriptor added in v1.4.1

func (*ExtraValue) Descriptor() ([]byte, []int)

func (ExtraValue) Marshal added in v1.4.1

func (m ExtraValue) Marshal() (data []byte, err error)

func (ExtraValue) MarshalTo added in v1.4.1

func (m ExtraValue) MarshalTo(data []byte) (int, error)

func (*ExtraValue) ProtoMessage added in v1.4.1

func (*ExtraValue) ProtoMessage()

func (*ExtraValue) Reset added in v1.4.1

func (m *ExtraValue) Reset()

func (ExtraValue) Size added in v1.4.1

func (m ExtraValue) Size() (n int)

func (ExtraValue) String added in v1.4.1

func (t ExtraValue) String() string

func (*ExtraValue) Unmarshal added in v1.4.1

func (m *ExtraValue) Unmarshal(data []byte) error

type LocalSubjectAccessReview

type LocalSubjectAccessReview struct {
	unversioned.TypeMeta `json:",inline"`
	v1.ObjectMeta        `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Spec holds information about the request being evaluated.  spec.namespace must be equal to the namespace
	// you made the request against.  If empty, it is defaulted.
	Spec SubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`

	// Status is filled in by the server and indicates whether the request is allowed or not
	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.

func (*LocalSubjectAccessReview) CodecDecodeSelf

func (x *LocalSubjectAccessReview) CodecDecodeSelf(d *codec1978.Decoder)

func (*LocalSubjectAccessReview) CodecEncodeSelf

func (x *LocalSubjectAccessReview) CodecEncodeSelf(e *codec1978.Encoder)

func (*LocalSubjectAccessReview) Descriptor added in v1.4.1

func (*LocalSubjectAccessReview) Descriptor() ([]byte, []int)

func (*LocalSubjectAccessReview) GetObjectKind

func (obj *LocalSubjectAccessReview) GetObjectKind() unversioned.ObjectKind

func (*LocalSubjectAccessReview) Marshal added in v1.4.1

func (m *LocalSubjectAccessReview) Marshal() (data []byte, err error)

func (*LocalSubjectAccessReview) MarshalTo added in v1.4.1

func (m *LocalSubjectAccessReview) MarshalTo(data []byte) (int, error)

func (*LocalSubjectAccessReview) ProtoMessage added in v1.4.1

func (*LocalSubjectAccessReview) ProtoMessage()

func (*LocalSubjectAccessReview) Reset added in v1.4.1

func (m *LocalSubjectAccessReview) Reset()

func (*LocalSubjectAccessReview) Size added in v1.4.1

func (m *LocalSubjectAccessReview) Size() (n int)

func (*LocalSubjectAccessReview) String added in v1.4.1

func (this *LocalSubjectAccessReview) String() string

func (LocalSubjectAccessReview) SwaggerDoc

func (LocalSubjectAccessReview) SwaggerDoc() map[string]string

func (*LocalSubjectAccessReview) Unmarshal added in v1.4.1

func (m *LocalSubjectAccessReview) Unmarshal(data []byte) error

type NonResourceAttributes

type NonResourceAttributes struct {
	// Path is the URL path of the request
	Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"`
	// Verb is the standard HTTP verb
	Verb string `json:"verb,omitempty" protobuf:"bytes,2,opt,name=verb"`
}

NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface

func (*NonResourceAttributes) CodecDecodeSelf

func (x *NonResourceAttributes) CodecDecodeSelf(d *codec1978.Decoder)

func (*NonResourceAttributes) CodecEncodeSelf

func (x *NonResourceAttributes) CodecEncodeSelf(e *codec1978.Encoder)

func (*NonResourceAttributes) Descriptor added in v1.4.1

func (*NonResourceAttributes) Descriptor() ([]byte, []int)

func (*NonResourceAttributes) Marshal added in v1.4.1

func (m *NonResourceAttributes) Marshal() (data []byte, err error)

func (*NonResourceAttributes) MarshalTo added in v1.4.1

func (m *NonResourceAttributes) MarshalTo(data []byte) (int, error)

func (*NonResourceAttributes) ProtoMessage added in v1.4.1

func (*NonResourceAttributes) ProtoMessage()

func (*NonResourceAttributes) Reset added in v1.4.1

func (m *NonResourceAttributes) Reset()

func (*NonResourceAttributes) Size added in v1.4.1

func (m *NonResourceAttributes) Size() (n int)

func (*NonResourceAttributes) String added in v1.4.1

func (this *NonResourceAttributes) String() string

func (NonResourceAttributes) SwaggerDoc

func (NonResourceAttributes) SwaggerDoc() map[string]string

func (*NonResourceAttributes) Unmarshal added in v1.4.1

func (m *NonResourceAttributes) Unmarshal(data []byte) error

type ResourceAttributes

type ResourceAttributes struct {
	// Namespace is the namespace of the action being requested.  Currently, there is no distinction between no namespace and all namespaces
	// "" (empty) is defaulted for LocalSubjectAccessReviews
	// "" (empty) is empty for cluster-scoped resources
	// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
	Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"`
	// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy.  "*" means all.
	Verb string `json:"verb,omitempty" protobuf:"bytes,2,opt,name=verb"`
	// Group is the API Group of the Resource.  "*" means all.
	Group string `json:"group,omitempty" protobuf:"bytes,3,opt,name=group"`
	// Version is the API Version of the Resource.  "*" means all.
	Version string `json:"version,omitempty" protobuf:"bytes,4,opt,name=version"`
	// Resource is one of the existing resource types.  "*" means all.
	Resource string `json:"resource,omitempty" protobuf:"bytes,5,opt,name=resource"`
	// Subresource is one of the existing resource types.  "" means none.
	Subresource string `json:"subresource,omitempty" protobuf:"bytes,6,opt,name=subresource"`
	// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
	Name string `json:"name,omitempty" protobuf:"bytes,7,opt,name=name"`
}

ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface

func (*ResourceAttributes) CodecDecodeSelf

func (x *ResourceAttributes) CodecDecodeSelf(d *codec1978.Decoder)

func (*ResourceAttributes) CodecEncodeSelf

func (x *ResourceAttributes) CodecEncodeSelf(e *codec1978.Encoder)

func (*ResourceAttributes) Descriptor added in v1.4.1

func (*ResourceAttributes) Descriptor() ([]byte, []int)

func (*ResourceAttributes) Marshal added in v1.4.1

func (m *ResourceAttributes) Marshal() (data []byte, err error)

func (*ResourceAttributes) MarshalTo added in v1.4.1

func (m *ResourceAttributes) MarshalTo(data []byte) (int, error)

func (*ResourceAttributes) ProtoMessage added in v1.4.1

func (*ResourceAttributes) ProtoMessage()

func (*ResourceAttributes) Reset added in v1.4.1

func (m *ResourceAttributes) Reset()

func (*ResourceAttributes) Size added in v1.4.1

func (m *ResourceAttributes) Size() (n int)

func (*ResourceAttributes) String added in v1.4.1

func (this *ResourceAttributes) String() string

func (ResourceAttributes) SwaggerDoc

func (ResourceAttributes) SwaggerDoc() map[string]string

func (*ResourceAttributes) Unmarshal added in v1.4.1

func (m *ResourceAttributes) Unmarshal(data []byte) error

type SelfSubjectAccessReview

type SelfSubjectAccessReview struct {
	unversioned.TypeMeta `json:",inline"`
	v1.ObjectMeta        `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Spec holds information about the request being evaluated.  user and groups must be empty
	Spec SelfSubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`

	// Status is filled in by the server and indicates whether the request is allowed or not
	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means "in all namespaces". Self is a special case, because users should always be able to check whether they can perform an action

func (*SelfSubjectAccessReview) CodecDecodeSelf

func (x *SelfSubjectAccessReview) CodecDecodeSelf(d *codec1978.Decoder)

func (*SelfSubjectAccessReview) CodecEncodeSelf

func (x *SelfSubjectAccessReview) CodecEncodeSelf(e *codec1978.Encoder)

func (*SelfSubjectAccessReview) Descriptor added in v1.4.1

func (*SelfSubjectAccessReview) Descriptor() ([]byte, []int)

func (*SelfSubjectAccessReview) GetObjectKind

func (obj *SelfSubjectAccessReview) GetObjectKind() unversioned.ObjectKind

func (*SelfSubjectAccessReview) Marshal added in v1.4.1

func (m *SelfSubjectAccessReview) Marshal() (data []byte, err error)

func (*SelfSubjectAccessReview) MarshalTo added in v1.4.1

func (m *SelfSubjectAccessReview) MarshalTo(data []byte) (int, error)

func (*SelfSubjectAccessReview) ProtoMessage added in v1.4.1

func (*SelfSubjectAccessReview) ProtoMessage()

func (*SelfSubjectAccessReview) Reset added in v1.4.1

func (m *SelfSubjectAccessReview) Reset()

func (*SelfSubjectAccessReview) Size added in v1.4.1

func (m *SelfSubjectAccessReview) Size() (n int)

func (*SelfSubjectAccessReview) String added in v1.4.1

func (this *SelfSubjectAccessReview) String() string

func (SelfSubjectAccessReview) SwaggerDoc

func (SelfSubjectAccessReview) SwaggerDoc() map[string]string

func (*SelfSubjectAccessReview) Unmarshal added in v1.4.1

func (m *SelfSubjectAccessReview) Unmarshal(data []byte) error

type SelfSubjectAccessReviewSpec

type SelfSubjectAccessReviewSpec struct {
	// ResourceAuthorizationAttributes describes information for a resource access request
	ResourceAttributes *ResourceAttributes `json:"resourceAttributes,omitempty" protobuf:"bytes,1,opt,name=resourceAttributes"`
	// NonResourceAttributes describes information for a non-resource access request
	NonResourceAttributes *NonResourceAttributes `json:"nonResourceAttributes,omitempty" protobuf:"bytes,2,opt,name=nonResourceAttributes"`
}

SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

func (*SelfSubjectAccessReviewSpec) CodecDecodeSelf

func (x *SelfSubjectAccessReviewSpec) CodecDecodeSelf(d *codec1978.Decoder)

func (*SelfSubjectAccessReviewSpec) CodecEncodeSelf

func (x *SelfSubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder)

func (*SelfSubjectAccessReviewSpec) Descriptor added in v1.4.1

func (*SelfSubjectAccessReviewSpec) Descriptor() ([]byte, []int)

func (*SelfSubjectAccessReviewSpec) Marshal added in v1.4.1

func (m *SelfSubjectAccessReviewSpec) Marshal() (data []byte, err error)

func (*SelfSubjectAccessReviewSpec) MarshalTo added in v1.4.1

func (m *SelfSubjectAccessReviewSpec) MarshalTo(data []byte) (int, error)

func (*SelfSubjectAccessReviewSpec) ProtoMessage added in v1.4.1

func (*SelfSubjectAccessReviewSpec) ProtoMessage()

func (*SelfSubjectAccessReviewSpec) Reset added in v1.4.1

func (m *SelfSubjectAccessReviewSpec) Reset()

func (*SelfSubjectAccessReviewSpec) Size added in v1.4.1

func (m *SelfSubjectAccessReviewSpec) Size() (n int)

func (*SelfSubjectAccessReviewSpec) String added in v1.4.1

func (this *SelfSubjectAccessReviewSpec) String() string

func (SelfSubjectAccessReviewSpec) SwaggerDoc

func (SelfSubjectAccessReviewSpec) SwaggerDoc() map[string]string

func (*SelfSubjectAccessReviewSpec) Unmarshal added in v1.4.1

func (m *SelfSubjectAccessReviewSpec) Unmarshal(data []byte) error

type SubjectAccessReview

type SubjectAccessReview struct {
	unversioned.TypeMeta `json:",inline"`
	v1.ObjectMeta        `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Spec holds information about the request being evaluated
	Spec SubjectAccessReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`

	// Status is filled in by the server and indicates whether the request is allowed or not
	Status SubjectAccessReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

SubjectAccessReview checks whether or not a user or group can perform an action.

func (*SubjectAccessReview) CodecDecodeSelf

func (x *SubjectAccessReview) CodecDecodeSelf(d *codec1978.Decoder)

func (*SubjectAccessReview) CodecEncodeSelf

func (x *SubjectAccessReview) CodecEncodeSelf(e *codec1978.Encoder)

func (*SubjectAccessReview) Descriptor added in v1.4.1

func (*SubjectAccessReview) Descriptor() ([]byte, []int)

func (*SubjectAccessReview) GetObjectKind

func (obj *SubjectAccessReview) GetObjectKind() unversioned.ObjectKind

func (*SubjectAccessReview) Marshal added in v1.4.1

func (m *SubjectAccessReview) Marshal() (data []byte, err error)

func (*SubjectAccessReview) MarshalTo added in v1.4.1

func (m *SubjectAccessReview) MarshalTo(data []byte) (int, error)

func (*SubjectAccessReview) ProtoMessage added in v1.4.1

func (*SubjectAccessReview) ProtoMessage()

func (*SubjectAccessReview) Reset added in v1.4.1

func (m *SubjectAccessReview) Reset()

func (*SubjectAccessReview) Size added in v1.4.1

func (m *SubjectAccessReview) Size() (n int)

func (*SubjectAccessReview) String added in v1.4.1

func (this *SubjectAccessReview) String() string

func (SubjectAccessReview) SwaggerDoc

func (SubjectAccessReview) SwaggerDoc() map[string]string

func (*SubjectAccessReview) Unmarshal added in v1.4.1

func (m *SubjectAccessReview) Unmarshal(data []byte) error

type SubjectAccessReviewSpec

type SubjectAccessReviewSpec struct {
	// ResourceAuthorizationAttributes describes information for a resource access request
	ResourceAttributes *ResourceAttributes `json:"resourceAttributes,omitempty" protobuf:"bytes,1,opt,name=resourceAttributes"`
	// NonResourceAttributes describes information for a non-resource access request
	NonResourceAttributes *NonResourceAttributes `json:"nonResourceAttributes,omitempty" protobuf:"bytes,2,opt,name=nonResourceAttributes"`

	// User is the user you're testing for.
	// If you specify "User" but not "Group", then is it interpreted as "What if User were not a member of any groups
	User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=verb"`
	// Groups is the groups you're testing for.
	Groups []string `json:"group,omitempty" protobuf:"bytes,4,rep,name=group"`
	// Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
	// it needs a reflection here.
	Extra map[string]ExtraValue `json:"extra,omitempty" protobuf:"bytes,5,rep,name=extra"`
}

SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

func (*SubjectAccessReviewSpec) CodecDecodeSelf

func (x *SubjectAccessReviewSpec) CodecDecodeSelf(d *codec1978.Decoder)

func (*SubjectAccessReviewSpec) CodecEncodeSelf

func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder)

func (*SubjectAccessReviewSpec) Descriptor added in v1.4.1

func (*SubjectAccessReviewSpec) Descriptor() ([]byte, []int)

func (*SubjectAccessReviewSpec) Marshal added in v1.4.1

func (m *SubjectAccessReviewSpec) Marshal() (data []byte, err error)

func (*SubjectAccessReviewSpec) MarshalTo added in v1.4.1

func (m *SubjectAccessReviewSpec) MarshalTo(data []byte) (int, error)

func (*SubjectAccessReviewSpec) ProtoMessage added in v1.4.1

func (*SubjectAccessReviewSpec) ProtoMessage()

func (*SubjectAccessReviewSpec) Reset added in v1.4.1

func (m *SubjectAccessReviewSpec) Reset()

func (*SubjectAccessReviewSpec) Size added in v1.4.1

func (m *SubjectAccessReviewSpec) Size() (n int)

func (*SubjectAccessReviewSpec) String added in v1.4.1

func (this *SubjectAccessReviewSpec) String() string

func (SubjectAccessReviewSpec) SwaggerDoc

func (SubjectAccessReviewSpec) SwaggerDoc() map[string]string

func (*SubjectAccessReviewSpec) Unmarshal added in v1.4.1

func (m *SubjectAccessReviewSpec) Unmarshal(data []byte) error

type SubjectAccessReviewStatus

type SubjectAccessReviewStatus struct {
	// Allowed is required.  True if the action would be allowed, false otherwise.
	Allowed bool `json:"allowed" protobuf:"varint,1,opt,name=allowed"`
	// Reason is optional.  It indicates why a request was allowed or denied.
	Reason string `json:"reason,omitempty" protobuf:"bytes,2,opt,name=reason"`
	// EvaluationError is an indication that some error occurred during the authorization check.
	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
	EvaluationError string `json:"evaluationError,omitempty" protobuf:"bytes,3,opt,name=evaluationError"`
}

SubjectAccessReviewStatus

func (*SubjectAccessReviewStatus) CodecDecodeSelf

func (x *SubjectAccessReviewStatus) CodecDecodeSelf(d *codec1978.Decoder)

func (*SubjectAccessReviewStatus) CodecEncodeSelf

func (x *SubjectAccessReviewStatus) CodecEncodeSelf(e *codec1978.Encoder)

func (*SubjectAccessReviewStatus) Descriptor added in v1.4.1

func (*SubjectAccessReviewStatus) Descriptor() ([]byte, []int)

func (*SubjectAccessReviewStatus) Marshal added in v1.4.1

func (m *SubjectAccessReviewStatus) Marshal() (data []byte, err error)

func (*SubjectAccessReviewStatus) MarshalTo added in v1.4.1

func (m *SubjectAccessReviewStatus) MarshalTo(data []byte) (int, error)

func (*SubjectAccessReviewStatus) ProtoMessage added in v1.4.1

func (*SubjectAccessReviewStatus) ProtoMessage()

func (*SubjectAccessReviewStatus) Reset added in v1.4.1

func (m *SubjectAccessReviewStatus) Reset()

func (*SubjectAccessReviewStatus) Size added in v1.4.1

func (m *SubjectAccessReviewStatus) Size() (n int)

func (*SubjectAccessReviewStatus) String added in v1.4.1

func (this *SubjectAccessReviewStatus) String() string

func (SubjectAccessReviewStatus) SwaggerDoc

func (SubjectAccessReviewStatus) SwaggerDoc() map[string]string

func (*SubjectAccessReviewStatus) Unmarshal added in v1.4.1

func (m *SubjectAccessReviewStatus) Unmarshal(data []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL