Documentation ¶
Index ¶
Constants ¶
View Source
const ( InOperator operator = "IN" NotInOperator operator = "NOT_IN" EqualsOperator operator = "EQUAL" NotEqualOperator operator = "NOT_EQUAL" ExistsOperator operator = "EXISTS" DoesNotExistOperator operator = "DOES_NOT_EXIST" AnyOperator operator = "ANY" )
View Source
const ( AllPermissionType permissionType = "all" NameSpacedPermissionType permissionType = "namespaced" ClusterPermissionType permissionType = "clusterScoped" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIGroupFilter ¶ added in v0.9.0
type APIGroupFilter struct {
Params FilterParams
}
func (*APIGroupFilter) Filter ¶ added in v0.9.0
func (f *APIGroupFilter) Filter(rule *rbac.PolicyRule) *rbac.PolicyRule
type BundleParser ¶
type CSVPermissions ¶ added in v0.9.0
type CSVPermissions struct { ClusterPermissions []Permission `json:"clusterPermissions"` Permissions []Permission `json:"permissions"` }
func (*CSVPermissions) FilterRules ¶ added in v0.9.0
func (cp *CSVPermissions) FilterRules(ruleFilter RuleFilter) []Rule
Returns the list of rules matching the filtering conditions
type Filter ¶ added in v0.9.0
type Filter interface {
Filter(*rbac.PolicyRule) *rbac.PolicyRule
}
type FilterParams ¶ added in v0.9.0
type FilterParams struct { Args []string OperatorName operator }
type IndexImageExtractor ¶
type MetaBundle ¶
type MetaBundle struct { AddonMeta *v1alpha1.AddonMetadataSpec Bundles []registry.Bundle }
func NewMetaBundle ¶
func NewMetaBundle(addonMeta *v1alpha1.AddonMetadataSpec, bundles []registry.Bundle) *MetaBundle
type NonResourceURLsFilter ¶ added in v0.9.0
type NonResourceURLsFilter struct {
Params FilterParams
}
func (*NonResourceURLsFilter) Filter ¶ added in v0.9.0
func (f *NonResourceURLsFilter) Filter(rule *rbac.PolicyRule) *rbac.PolicyRule
type Permission ¶ added in v0.9.0
type ResourceNamesFilter ¶ added in v0.9.0
type ResourceNamesFilter struct {
Params FilterParams
}
func (*ResourceNamesFilter) Filter ¶ added in v0.9.0
func (f *ResourceNamesFilter) Filter(rule *rbac.PolicyRule) *rbac.PolicyRule
type ResourcesFilter ¶ added in v0.9.0
type ResourcesFilter struct {
Params FilterParams
}
func (*ResourcesFilter) Filter ¶ added in v0.9.0
func (f *ResourcesFilter) Filter(rule *rbac.PolicyRule) *rbac.PolicyRule
type Rule ¶ added in v0.9.0
type Rule struct { rbac.PolicyRule // contains filtered or unexported fields }
type RuleFilter ¶ added in v0.9.0
type RuleFilter struct { PermissionType permissionType Filters []Filter }
func (*RuleFilter) GetRelevantPermissions ¶ added in v0.9.0
func (r *RuleFilter) GetRelevantPermissions(cp *CSVPermissions) []Permission
func (*RuleFilter) Run ¶ added in v0.9.0
func (r *RuleFilter) Run(rule *rbac.PolicyRule) *rbac.PolicyRule
type VerbsFilter ¶ added in v0.9.0
type VerbsFilter struct {
Params FilterParams
}
func (*VerbsFilter) Filter ¶ added in v0.9.0
func (f *VerbsFilter) Filter(rule *rbac.PolicyRule) *rbac.PolicyRule
Click to show internal directories.
Click to hide internal directories.