Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var AdminPolicy = []*PolicyDocument{ { Scope: ProjectScope, Verbs: ReadWriteVerbGroup(), }, }
View Source
var DeveloperPolicy = []*PolicyDocument{ { Scope: ProjectScope, Verbs: ReadWriteVerbGroup(), Children: map[PermissionScope]*PolicyDocument{ SettingsScope: { Scope: SettingsScope, Verbs: ReadVerbGroup(), }, }, }, }
View Source
var ScopeHeirarchy = ScopeTree{ ProjectScope: { ClusterScope: { NamespaceScope: { ApplicationScope: {}, }, }, SettingsScope: {}, }, }
ScopeHeirarchy describes the scope tree: Project / \ Cluster Settings / Namespace | Release
View Source
var ViewerPolicy = []*PolicyDocument{ { Scope: ProjectScope, Verbs: ReadVerbGroup(), Children: map[PermissionScope]*PolicyDocument{ SettingsScope: { Scope: SettingsScope, Verbs: []APIVerb{}, }, }, }, }
Functions ¶
This section is empty.
Types ¶
type APIVerbGroup ¶
type APIVerbGroup []APIVerb
func ReadVerbGroup ¶
func ReadVerbGroup() APIVerbGroup
func ReadWriteVerbGroup ¶
func ReadWriteVerbGroup() APIVerbGroup
type NameOrUInt ¶
type PermissionScope ¶
type PermissionScope string
const ( UserScope PermissionScope = "user" ProjectScope PermissionScope = "project" ClusterScope PermissionScope = "cluster" NamespaceScope PermissionScope = "namespace" SettingsScope PermissionScope = "settings" ApplicationScope PermissionScope = "application" )
type Policy ¶
type Policy []*PolicyDocument
type PolicyDocument ¶
type PolicyDocument struct { Scope PermissionScope `json:"scope"` Resources []NameOrUInt `json:"resources"` Verbs []APIVerb `json:"verbs"` Children map[PermissionScope]*PolicyDocument `json:"children"` }
type ScopeTree ¶
type ScopeTree map[PermissionScope]ScopeTree
Click to show internal directories.
Click to hide internal directories.