filter

package
v1.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2021 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 8 more Imports: 28 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	AllowClusterNotFoundActions = sets.NewString(createClusterAction, updateProjectAction)
)

Functions

func CheckClustersTenant added in v1.6.0

func CheckClustersTenant(ctx context.Context, tenantID string, clusterNames []string,
	platformClient platformv1.PlatformV1Interface, verb string) (string, bool)

func ConvertTKEAttributes

func ConvertTKEAttributes(ctx context.Context, attr authorizer.Attributes) authorizer.Attributes

ConvertTKEAttributes converts attributes parsed by apiserver compatible with casbin enforcer

func ExtractClusterNames added in v1.6.0

func ExtractClusterNames(ctx context.Context, req *http.Request, resource string) []string

func ForbiddenResponse added in v1.6.0

func ForbiddenResponse(ctx context.Context, tkeAttributes authorizer.Attributes,
	w http.ResponseWriter, req *http.Request, ae *auditapi.Event, s runtime.NegotiatedSerializer, reason string)

func UnprotectedAuthorized

func UnprotectedAuthorized(attributes authorizer.Attributes) authorizer.Decision

UnprotectedAuthorized checks a request attribute has privileged to pass authorization.

func WithInspectors added in v1.6.0

func WithInspectors(handler http.Handler, inspectors []Inspector, c *genericapiserver.Config) http.Handler

func WithTKEAuthorization

func WithTKEAuthorization(handler http.Handler, a authorizer.Authorizer, s runtime.NegotiatedSerializer, ignoreAuthPathPrefixes []string) http.Handler

WithTKEAuthorization passes all tke-auth authorized requests on to handler, and returns a forbidden error otherwise.

Types

type Inspector added in v1.6.0

type Inspector interface {
	Inspect(handler http.Handler, c *genericapiserver.Config) http.Handler
}

func NewClusterInspector added in v1.6.0

func NewClusterInspector(platformClient platformv1.PlatformV1Interface, privilegedUsername string) Inspector

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL