mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-28 14:07:14 +00:00
extend err info when authorize failed
This commit is contained in:
parent
f87edaacac
commit
2a77353164
@ -64,6 +64,6 @@ func internalError(w http.ResponseWriter, req *http.Request, err error) {
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
w.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
fmt.Fprintf(w, "Internal Server Error: %#v", req.RequestURI)
|
||||
fmt.Fprintf(w, "Internal Server Error: %#v: %v", req.RequestURI, err)
|
||||
runtime.HandleError(err)
|
||||
}
|
||||
|
@ -18,6 +18,7 @@ limitations under the License.
|
||||
package rbac
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/golang/glog"
|
||||
|
||||
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||
@ -47,7 +48,7 @@ func (r *RBACAuthorizer) Authorize(requestAttributes authorizer.Attributes) (boo
|
||||
glog.V(2).Infof("RBAC DENY: user %q groups %v cannot %q on \"%v.%v/%v\"", requestAttributes.GetUser().GetName(), requestAttributes.GetUser().GetGroups(),
|
||||
requestAttributes.GetVerb(), requestAttributes.GetResource(), requestAttributes.GetAPIGroup(), requestAttributes.GetSubresource())
|
||||
|
||||
return false, "", ruleResolutionError
|
||||
return false, fmt.Sprintf("%v", ruleResolutionError), nil
|
||||
}
|
||||
|
||||
func New(roles validation.RoleGetter, roleBindings validation.RoleBindingLister, clusterRoles validation.ClusterRoleGetter, clusterRoleBindings validation.ClusterRoleBindingLister) *RBACAuthorizer {
|
||||
|
Loading…
Reference in New Issue
Block a user