auth

package

v0.2.0-beta01 Latest Latest Go to latest Published: Jul 28, 2021 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/rancher/webhook

Documentation ¶

Index ¶

Constants
func ToExtraString(extra map[string]authenticationv1.ExtraValue) map[string][]string
type EscalationChecker
- func NewEscalationChecker(ruleSolver validation.AuthorizationRuleResolver, ...) *EscalationChecker
- func (ec *EscalationChecker) ConfirmNoEscalation(response *webhook.Response, request *webhook.Request, ...) error
- func (ec *EscalationChecker) RulesFromTemplate(rt *rancherv3.RoleTemplate) ([]rbacv1.PolicyRule, error)
type RBACRestGetter

Constants ¶

View Source

const (
	CreatorIDAnn = "field.cattle.io/creatorId"
)

Variables ¶

This section is empty.

Functions ¶

func ToExtraString ¶

func ToExtraString(extra map[string]authenticationv1.ExtraValue) map[string][]string

Types ¶

type EscalationChecker ¶

type EscalationChecker struct {
	// contains filtered or unexported fields
}

func NewEscalationChecker ¶

func NewEscalationChecker(ruleSolver validation.AuthorizationRuleResolver, roleTemplates v3.RoleTemplateCache, clusterRoles k8srbacv1.ClusterRoleCache) *EscalationChecker

func (*EscalationChecker) ConfirmNoEscalation ¶

func (ec *EscalationChecker) ConfirmNoEscalation(response *webhook.Response, request *webhook.Request, rules []rbacv1.PolicyRule, namespace string) error

ConfirmNoEscalation checks that the user attempting to create a binding/role has all the permissions they are attempting to grant

func (*EscalationChecker) RulesFromTemplate ¶

func (ec *EscalationChecker) RulesFromTemplate(rt *rancherv3.RoleTemplate) ([]rbacv1.PolicyRule, error)

RulesFromTemplate gets all rules from the template and all referenced templates

type RBACRestGetter ¶

type RBACRestGetter struct {
	Roles               wranglerv1.RoleCache
	RoleBindings        wranglerv1.RoleBindingCache
	ClusterRoles        wranglerv1.ClusterRoleCache
	ClusterRoleBindings wranglerv1.ClusterRoleBindingCache
}

func (RBACRestGetter) GetClusterRole ¶

func (r RBACRestGetter) GetClusterRole(name string) (*rbacv1.ClusterRole, error)

func (RBACRestGetter) GetRole ¶

func (r RBACRestGetter) GetRole(namespace, name string) (*rbacv1.Role, error)

func (RBACRestGetter) ListClusterRoleBindings ¶

func (r RBACRestGetter) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error)

func (RBACRestGetter) ListRoleBindings ¶

func (r RBACRestGetter) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL