Documentation ¶
Overview ¶
Package auth provides mechanisms for enforcing authorization to Project resources in OpenShift
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizationCache ¶
type AuthorizationCache struct {
// contains filtered or unexported fields
}
AuthorizationCache maintains a cache on the set of namespaces a user or group can access.
func NewAuthorizationCache ¶
func NewAuthorizationCache(reviewer Reviewer, namespaceInterface kclient.NamespaceInterface, policyBindingsNamespacer client.PolicyBindingsNamespacer, policiesNamespacer client.PoliciesNamespacer, clusterPolicyBindingInterface client.ClusterPolicyBindingsInterface, clusterPolicyInterface client.ClusterPoliciesInterface) *AuthorizationCache
NewAuthorizationCache creates a new AuthorizationCache
func (*AuthorizationCache) List ¶
func (ac *AuthorizationCache) List(userInfo user.Info) (*kapi.NamespaceList, error)
List returns the set of namespace names the user has access to view
func (*AuthorizationCache) Run ¶
func (ac *AuthorizationCache) Run(period time.Duration)
Run begins watching and synchronizing the cache
type Lister ¶
type Lister interface { // List returns the list of Namespace items that the user can access List(user user.Info) (*kapi.NamespaceList, error) }
Lister enforces ability to enumerate a resource based on policy
type Reviewer ¶
Reviewer performs access reviews for a project by name
func NewReviewer ¶
func NewReviewer(resourceAccessReviewsNamespacer client.ResourceAccessReviewsNamespacer) Reviewer
NewReviewer knows how to make access control reviews for a resource by name
Click to show internal directories.
Click to hide internal directories.