kubernetes/pkg/auth/authorizer/abac/abac.go

type policyLoadError

func (p policyLoadError) Error() string {}

type PolicyList

// NewFromFile attempts to create a policy list from the given file.
//
// TODO: Have policies be created via an API call and stored in REST storage.
func NewFromFile(path string) (PolicyList, error) {}

func matches(p abac.Policy, a authorizer.Attributes) bool {}

// subjectMatches returns true if specified user and group properties in the policy match the attributes
func subjectMatches(p abac.Policy, user user.Info) bool {}

func verbMatches(p abac.Policy, a authorizer.Attributes) bool {}

func nonResourceMatches(p abac.Policy, a authorizer.Attributes) bool {}

func resourceMatches(p abac.Policy, a authorizer.Attributes) bool {}

// Authorize implements authorizer.Authorize
func (pl PolicyList) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) {}

// RulesFor returns rules for the given user and namespace.
func (pl PolicyList) RulesFor(ctx context.Context, user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error) {}

func getVerbs(isReadOnly bool) []string {}