github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-09-04 16:40:21 +00:00
Code Issues Projects Releases Wiki Activity

Switch to pointer to policy rule, visit and short circuit during authorization

Browse Source 
Kubernetes-commit: 67360883bc801b0f1334b146e8dce6f282e50e7e
This commit is contained in:
Jordan Liggitt
2017-04-13 10:33:28 -04:00
committed by Kubernetes Publisher
parent 4c84996bc2
commit e57428f505
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/apis/rbac/helpers.go
View File

@@ -29,7 +29,7 @@ func RoleRefGroupKind(roleRef RoleRef) schema.GroupKind {
return schema.GroupKind{Group: roleRef.APIGroup, Kind: roleRef.Kind} return schema.GroupKind{Group: roleRef.APIGroup, Kind: roleRef.Kind}
} }
func VerbMatches(rule PolicyRule, requestedVerb string) bool { func VerbMatches(rule *PolicyRule, requestedVerb string) bool {
for _, ruleVerb := range rule.Verbs { for _, ruleVerb := range rule.Verbs {
if ruleVerb == VerbAll { if ruleVerb == VerbAll {
return true return true
@@ -42,7 +42,7 @@ func VerbMatches(rule PolicyRule, requestedVerb string) bool {
return false return false
} }
func APIGroupMatches(rule PolicyRule, requestedGroup string) bool { func APIGroupMatches(rule *PolicyRule, requestedGroup string) bool {
for _, ruleGroup := range rule.APIGroups { for _, ruleGroup := range rule.APIGroups {
if ruleGroup == APIGroupAll { if ruleGroup == APIGroupAll {
return true return true
@@ -55,7 +55,7 @@ func APIGroupMatches(rule PolicyRule, requestedGroup string) bool {
return false return false
} }
func ResourceMatches(rule PolicyRule, requestedResource string) bool { func ResourceMatches(rule *PolicyRule, requestedResource string) bool {
for _, ruleResource := range rule.Resources { for _, ruleResource := range rule.Resources {
if ruleResource == ResourceAll { if ruleResource == ResourceAll {
return true return true
@@ -68,7 +68,7 @@ func ResourceMatches(rule PolicyRule, requestedResource string) bool {
return false return false
} }
func ResourceNameMatches(rule PolicyRule, requestedName string) bool { func ResourceNameMatches(rule *PolicyRule, requestedName string) bool {
if len(rule.ResourceNames) == 0 { if len(rule.ResourceNames) == 0 {
return true return true
} }
@@ -82,7 +82,7 @@ func ResourceNameMatches(rule PolicyRule, requestedName string) bool {
return false return false
} }
func NonResourceURLMatches(rule PolicyRule, requestedURL string) bool { func NonResourceURLMatches(rule *PolicyRule, requestedURL string) bool {
for _, ruleURL := range rule.NonResourceURLs { for _, ruleURL := range rule.NonResourceURLs {
if ruleURL == NonResourceAll { if ruleURL == NonResourceAll {
return true return true