Versions in this module Expand all Collapse all v1 v1.16.3 Nov 9, 2022 Changes in this version + func RuleAllows(requestAttributes authorizer.Attributes, rule *rbacv1.PolicyRule) bool + func RulesAllow(requestAttributes authorizer.Attributes, rules ...rbacv1.PolicyRule) bool + type ClusterRoleBindingLister struct + Lister rbaclisters.ClusterRoleBindingLister + func (l *ClusterRoleBindingLister) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error) + type ClusterRoleGetter struct + Lister rbaclisters.ClusterRoleLister + func (g *ClusterRoleGetter) GetClusterRole(name string) (*rbacv1.ClusterRole, error) + type RBACAuthorizer struct + func New(roles rbacregistryvalidation.RoleGetter, ...) *RBACAuthorizer + func (r *RBACAuthorizer) Authorize(requestAttributes authorizer.Attributes) (authorizer.Decision, string, error) + func (r *RBACAuthorizer) RulesFor(user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) + type RequestToRuleMapper interface + RulesFor func(subject user.Info, namespace string) ([]rbacv1.PolicyRule, error) + VisitRulesFor func(user user.Info, namespace string, ...) + type RoleBindingLister struct + Lister rbaclisters.RoleBindingLister + func (l *RoleBindingLister) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error) + type RoleGetter struct + Lister rbaclisters.RoleLister + func (g *RoleGetter) GetRole(namespace, name string) (*rbacv1.Role, error) + type RoleToRuleMapper interface + GetRoleReferenceRules func(roleRef rbacv1.RoleRef, namespace string) ([]rbacv1.PolicyRule, error) + type SubjectAccessEvaluator struct + func NewSubjectAccessEvaluator(roles rbacregistryvalidation.RoleGetter, ...) *SubjectAccessEvaluator + func (r *SubjectAccessEvaluator) AllowedSubjects(requestAttributes authorizer.Attributes) ([]rbacv1.Subject, error) + type SubjectLocator interface + AllowedSubjects func(attributes authorizer.Attributes) ([]rbacv1.Subject, error)
Go to main page