Documentation
¶
Overview ¶
Package rbac implements utility functions for Role-Based Access Control
Index ¶
Constants ¶
View Source
const ( // global variables ClusterRoleWrite = "clusters-write-role" ClusterRoleRead = "clusters-read-role" TemplateRoleWrite = "cluster-templates-write-role" TemplateRoleRead = "cluster-templates-read-role" RoleRancherHeader = "rancher-role-header" RbacDirectory = "/rego/authz.rego" // internal variables RoleRancherAdmin = "restricted-role" RoleRancherReadWrite = "standard-role" RoleRancherReadOnly = "base-role" MethodPost = "POST" MethodPut = "PUT" MethodDelete = "DELETE" MethodGet = "GET" MethodPatch = "PATCH" MethodUpdate = "UPDATE" MethodRegister = "REGISTER" )
Variables ¶
View Source
var ( Policies *Policy PolicyExistFlag bool )
Functions ¶
func GetResourceRole ¶
func SetOPAPolicies ¶
func SetOPAPolicies()
Types ¶
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
func (*Policy) RequestIsAuthorized ¶
RequestIsAuthorized function validates the JWT token included in a context. It also starts the OPA instance and performs the RBAC authorization of the call.
Source Files
Click to show internal directories.
Click to hide internal directories.