type AuthorizationRuleResolver …
func ConfirmNoEscalation(ctx context.Context, ruleResolver AuthorizationRuleResolver, rules []rbacv1.PolicyRule) error { … }
type DefaultRuleResolver …
func NewDefaultRuleResolver(roleGetter RoleGetter, roleBindingLister RoleBindingLister, clusterRoleGetter ClusterRoleGetter, clusterRoleBindingLister ClusterRoleBindingLister) *DefaultRuleResolver { … }
type RoleGetter …
type RoleBindingLister …
type ClusterRoleGetter …
type ClusterRoleBindingLister …
func (r *DefaultRuleResolver) RulesFor(ctx context.Context, user user.Info, namespace string) ([]rbacv1.PolicyRule, error) { … }
type ruleAccumulator …
func (r *ruleAccumulator) visit(source fmt.Stringer, rule *rbacv1.PolicyRule, err error) bool { … }
func describeSubject(s *rbacv1.Subject, bindingNamespace string) string { … }
type clusterRoleBindingDescriber …
func (d *clusterRoleBindingDescriber) String() string { … }
type roleBindingDescriber …
func (d *roleBindingDescriber) String() string { … }
func (r *DefaultRuleResolver) VisitRulesFor(ctx context.Context, user user.Info, namespace string, visitor func(source fmt.Stringer, rule *rbacv1.PolicyRule, err error) bool) { … }
func (r *DefaultRuleResolver) GetRoleReferenceRules(ctx context.Context, roleRef rbacv1.RoleRef, bindingNamespace string) ([]rbacv1.PolicyRule, error) { … }
func appliesTo(user user.Info, bindingSubjects []rbacv1.Subject, namespace string) (int, bool) { … }
func has(set []string, ele string) bool { … }
func appliesToUser(user user.Info, subject rbacv1.Subject, namespace string) bool { … }
func NewTestRuleResolver(roles []*rbacv1.Role, roleBindings []*rbacv1.RoleBinding, clusterRoles []*rbacv1.ClusterRole, clusterRoleBindings []*rbacv1.ClusterRoleBinding) (AuthorizationRuleResolver, *StaticRoles) { … }
func newMockRuleResolver(r *StaticRoles) AuthorizationRuleResolver { … }
type StaticRoles …
func (r *StaticRoles) GetRole(ctx context.Context, namespace, name string) (*rbacv1.Role, error) { … }
func (r *StaticRoles) GetClusterRole(ctx context.Context, name string) (*rbacv1.ClusterRole, error) { … }
func (r *StaticRoles) ListRoleBindings(ctx context.Context, namespace string) ([]*rbacv1.RoleBinding, error) { … }
func (r *StaticRoles) ListClusterRoleBindings(ctx context.Context) ([]*rbacv1.ClusterRoleBinding, error) { … }