Documentation
¶
Overview ¶
Package auth provides mechanisms for enforcing authorization to Project resources in OpenShift
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizationCache ¶
type AuthorizationCache struct {
// contains filtered or unexported fields
}
AuthorizationCache maintains a cache on the set of namespaces a user or group can access.
func NewAuthorizationCache ¶
func NewAuthorizationCache(reviewer Reviewer, namespaceInterface kclient.NamespaceInterface, policyBindingsNamespacer client.PolicyBindingsNamespacer, policiesNamespacer client.PoliciesNamespacer, masterNamespace string) *AuthorizationCache
NewAuthorizationCache creates a new AuthorizationCache
type Lister ¶
type Lister interface {
// List returns the list of Namespace items that the user can access
List(user user.Info) (*kapi.NamespaceList, error)
}
Lister enforces ability to enumerate a resource based on policy
type Review ¶
type Review interface {
Users() []string
Groups() []string
}
Review is a list of users and groups that can access a resource
type Reviewer ¶
type Reviewer interface {
Review(name string) (Review, error)
}
Reviewer performs access reviews for a project by name
func NewReviewer ¶
func NewReviewer(resourceAccessReviewsNamespacer client.ResourceAccessReviewsNamespacer) Reviewer
NewReviewer knows how to make access control reviews for a resource by name
Source Files
Click to show internal directories.
Click to hide internal directories.