github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-15 14:14:39 +00:00
Code Issues Projects Releases Wiki Activity

expose user info to admission controllers

Browse Source
This commit is contained in:
Paul Weil
2015-05-13 21:31:51 -04:00
parent fe24da8478
commit aaeb1dad93
9 changed files with 61 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/apiserver/resthandler.go
View File

@@ -293,7 +293,8 @@ func createHandler(r rest.NamedCreater, scope RequestScope, typer runtime.Object
return
}
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "CREATE"))
userInfo, _ := api.UserFrom(ctx)
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "CREATE", userInfo))
if err != nil {
errorJSON(err, scope.Codec, w)
return
@@ -356,16 +357,17 @@ func PatchResource(r rest.Patcher, scope RequestScope, typer runtime.ObjectTyper
}
obj := r.New()
ctx := scope.ContextFunc(req)
ctx = api.WithNamespace(ctx, namespace)
// PATCH requires same permission as UPDATE
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "UPDATE"))
userInfo, _ := api.UserFrom(ctx)
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "UPDATE", userInfo))
if err != nil {
errorJSON(err, scope.Codec, w)
return
}
ctx := scope.ContextFunc(req)
ctx = api.WithNamespace(ctx, namespace)
versionedObj, err := converter.ConvertToVersion(obj, scope.APIVersion)
if err != nil {
errorJSON(err, scope.Codec, w)
@@ -457,7 +459,8 @@ func UpdateResource(r rest.Updater, scope RequestScope, typer runtime.ObjectType
return
}
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "UPDATE"))
userInfo, _ := api.UserFrom(ctx)
err = admit.Admit(admission.NewAttributesRecord(obj, scope.Kind, namespace, scope.Resource, "UPDATE", userInfo))
if err != nil {
errorJSON(err, scope.Codec, w)
return
@@ -518,7 +521,8 @@ func DeleteResource(r rest.GracefulDeleter, checkBody bool, scope RequestScope,
}
}
err = admit.Admit(admission.NewAttributesRecord(nil, scope.Kind, namespace, scope.Resource, "DELETE"))
userInfo, _ := api.UserFrom(ctx)
err = admit.Admit(admission.NewAttributesRecord(nil, scope.Kind, namespace, scope.Resource, "DELETE", userInfo))
if err != nil {
errorJSON(err, scope.Codec, w)
return