authorizer

package

v0.5.1 Latest Latest Go to latest Published: May 13, 2015 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vbatts/origin

Links

Open Source Insights

Documentation ¶

Index ¶

func IsPersonalAccessReview(a AuthorizationAttributes) (bool, error)
type AuthorizationAttributeBuilder
- func NewAuthorizationAttributeBuilder(contextMapper kapi.RequestContextMapper, ...) AuthorizationAttributeBuilder
type AuthorizationAttributes
type Authorizer
- func NewAuthorizer(ruleResolver rulevalidation.AuthorizationRuleResolver) Authorizer
type DefaultAuthorizationAttributes

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IsPersonalAccessReview ¶ added in v0.4.2

func IsPersonalAccessReview(a AuthorizationAttributes) (bool, error)

Types ¶

type AuthorizationAttributeBuilder ¶

type AuthorizationAttributeBuilder interface {
	GetAttributes(request *http.Request) (AuthorizationAttributes, error)
}

func NewAuthorizationAttributeBuilder ¶

func NewAuthorizationAttributeBuilder(contextMapper kapi.RequestContextMapper, infoResolver *kapiserver.APIRequestInfoResolver) AuthorizationAttributeBuilder

type AuthorizationAttributes ¶

type AuthorizationAttributes interface {
	GetVerb() string
	GetAPIVersion() string
	// GetResource returns the resource type.  If IsNonResourceURL() is true, then GetResource() is "".
	GetResource() string
	GetResourceName() string
	// GetRequestAttributes is of type interface{} because different verbs and different Authorizer/AuthorizationAttributeBuilder pairs may have different contract requirements.
	GetRequestAttributes() interface{}
	// IsNonResourceURL returns true if this is not an action performed against the resource API
	IsNonResourceURL() bool
	// GetURL returns the URL path being requested, including the leading '/'
	GetURL() string
}

type Authorizer ¶

type Authorizer interface {
	Authorize(ctx kapi.Context, a AuthorizationAttributes) (allowed bool, reason string, err error)
	GetAllowedSubjects(ctx kapi.Context, attributes AuthorizationAttributes) (util.StringSet, util.StringSet, error)
}

func NewAuthorizer ¶

func NewAuthorizer(ruleResolver rulevalidation.AuthorizationRuleResolver) Authorizer

type DefaultAuthorizationAttributes ¶ added in v0.3.1

type DefaultAuthorizationAttributes struct {
	Verb              string
	APIVersion        string
	Resource          string
	ResourceName      string
	RequestAttributes interface{}
	NonResourceURL    bool
	URL               string
}

func (DefaultAuthorizationAttributes) GetAPIVersion ¶ added in v0.4.4

func (a DefaultAuthorizationAttributes) GetAPIVersion() string

func (DefaultAuthorizationAttributes) GetRequestAttributes ¶ added in v0.3.1

func (a DefaultAuthorizationAttributes) GetRequestAttributes() interface{}

func (DefaultAuthorizationAttributes) GetResource ¶ added in v0.3.1

func (a DefaultAuthorizationAttributes) GetResource() string

func (DefaultAuthorizationAttributes) GetResourceName ¶ added in v0.3.1

func (a DefaultAuthorizationAttributes) GetResourceName() string

func (DefaultAuthorizationAttributes) GetURL ¶ added in v0.3.2

func (a DefaultAuthorizationAttributes) GetURL() string

func (DefaultAuthorizationAttributes) GetVerb ¶ added in v0.3.1

func (a DefaultAuthorizationAttributes) GetVerb() string

func (DefaultAuthorizationAttributes) IsNonResourceURL ¶ added in v0.3.2

func (a DefaultAuthorizationAttributes) IsNonResourceURL() bool

func (DefaultAuthorizationAttributes) RuleMatches ¶ added in v0.3.1

func (a DefaultAuthorizationAttributes) RuleMatches(rule authorizationapi.PolicyRule) (bool, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL