package rbac
import "k8s.io/kubernetes/pkg/registry/rbac"
Index ¶
- func BindingAuthorized(ctx genericapirequest.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool
- func EscalationAllowed(ctx genericapirequest.Context) bool
- func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool
Functions ¶
func BindingAuthorized ¶
func BindingAuthorized(ctx genericapirequest.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool
BindingAuthorized returns true if the user associated with the context is explicitly authorized to bind the specified roleRef
func EscalationAllowed ¶
func EscalationAllowed(ctx genericapirequest.Context) bool
func IsOnlyMutatingGCFields ¶
func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool
IsOnlyMutatingGCFields checks finalizers and ownerrefs which GC manipulates and indicates that only those fields are changing
Source Files ¶
escalation_check.go helpers.go
Directories ¶
| Path | Synopsis |
|---|---|
| pkg/registry/rbac/clusterrole | Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRole objects. |
| pkg/registry/rbac/clusterrolebinding | Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects. |
| pkg/registry/rbac/clusterrolebinding/policybased | Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation. |
| pkg/registry/rbac/clusterrolebinding/storage | |
| pkg/registry/rbac/clusterrole/policybased | Package policybased implements a standard storage for ClusterRole that prevents privilege escalation. |
| pkg/registry/rbac/clusterrole/storage | |
| pkg/registry/rbac/reconciliation | |
| pkg/registry/rbac/rest | |
| pkg/registry/rbac/role | Package certificates provides Registry interface and its RESTStorage implementation for storing Role objects. |
| pkg/registry/rbac/rolebinding | Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects. |
| pkg/registry/rbac/rolebinding/policybased | Package policybased implements a standard storage for RoleBinding that prevents privilege escalation. |
| pkg/registry/rbac/rolebinding/storage | |
| pkg/registry/rbac/role/policybased | Package policybased implements a standard storage for Role that prevents privilege escalation. |
| pkg/registry/rbac/role/storage | |
| pkg/registry/rbac/validation |
- Version
- v1.9.0
- Published
- Dec 14, 2017
- Platform
- darwin/amd64
- Imports
- 10 packages
- Last checked
- 29 seconds ago –
Tools for package owners.