rbacpolicy

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 12, 2019 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ResourceClusters     = "clusters"
	ResourceProjects     = "projects"
	ResourceApplications = "applications"
	ResourceRepositories = "repositories"
	ResourceCertificates = "certificates"

	ActionGet      = "get"
	ActionCreate   = "create"
	ActionUpdate   = "update"
	ActionDelete   = "delete"
	ActionSync     = "sync"
	ActionOverride = "override"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type RBACPolicyEnforcer

type RBACPolicyEnforcer struct {
	// contains filtered or unexported fields
}

RBACPolicyEnforcer provides an RBAC Claims Enforcer which additionally consults AppProject roles, jwt tokens, and groups. It is backed by a AppProject informer/lister cache and does not make any API calls during enforcement.

func NewRBACPolicyEnforcer

func NewRBACPolicyEnforcer(enf *rbac.Enforcer, projLister applister.AppProjectNamespaceLister) *RBACPolicyEnforcer

NewRBACPolicyEnforcer returns a new RBAC Enforcer for the Argo CD API Server

func (*RBACPolicyEnforcer) EnforceClaims

func (p *RBACPolicyEnforcer) EnforceClaims(claims jwt.Claims, rvals ...interface{}) bool

EnforceClaims is an RBAC claims enforcer specific to the Argo CD API server

func (*RBACPolicyEnforcer) SetScopes added in v1.0.0

func (p *RBACPolicyEnforcer) SetScopes(scopes []string)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL