Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AttributesRecord ¶
type AttributesRecord struct { User user.User Action string Resource string APIGroup string APIVersion string Path string }
func (*AttributesRecord) GetAPIGroup ¶
func (ar *AttributesRecord) GetAPIGroup() string
func (*AttributesRecord) GetAPIVersion ¶
func (ar *AttributesRecord) GetAPIVersion() string
func (*AttributesRecord) GetAction ¶
func (ar *AttributesRecord) GetAction() string
func (*AttributesRecord) GetPath ¶
func (ar *AttributesRecord) GetPath() string
func (*AttributesRecord) GetResource ¶
func (ar *AttributesRecord) GetResource() string
func (*AttributesRecord) GetUser ¶
func (ar *AttributesRecord) GetUser() user.User
type AuthorizationFacts ¶
type AuthorizationFacts interface { GetUser() user.User // GetAction returns the action associated with API requests e.g get, create, update, patch, delete, list GetAction() string // The kind of object, that is affected by the request GetResource() string // GetAPIGroup returns the api group GetAPIGroup() string // GetAPIVersion returns the api version GetAPIVersion() string // GetPath returns the request path GetPath() string }
This AuthorizationFacts interface provides all the facts that the authorization engine can use to determine if a user has access or not
type Authorizor ¶
type Authorizor interface { Name() string // The default behavior for Authorize is to deny access Authorize(a AuthorizationFacts) (authorized Decision, reason string, err error) }
Click to show internal directories.
Click to hide internal directories.