github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 22:46:12 +00:00
Code Issues Projects Releases Wiki Activity

Use Forbidden valdiation error when no capability

Browse Source
This commit is contained in:
Eric Tune 2014-10-14 16:14:28 -07:00
parent f603785698
commit bb5a17488f
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/api/errors/validation.go
View File

@ -46,6 +46,10 @@ const (
// ValidationErrorTypeNotSupported is used to report valid (as per formatting rules)
// values that can not be handled (e.g. an enumerated string).
ValidationErrorTypeNotSupported ValidationErrorType = "FieldValueNotSupported"
// ValidationErrorTypeForbidden is used to report valid (as per formatting rules)
// values which would be accepted by some api instances, but which would invoke behavior
// not permitted by this api instance (such as due to stricter security policy).
ValidationErrorTypeForbidden ValidationErrorType = "FieldValueForbidden"
)
func ValueOf(t ValidationErrorType) string {
@ -60,6 +64,8 @@ func ValueOf(t ValidationErrorType) string {
return "invalid value"
case ValidationErrorTypeNotSupported:
return "unsupported value"
case ValidationErrorTypeForbidden:
return "forbidden"
default:
glog.Errorf("unrecognized validation type: %#v", t)
return ""
@ -92,6 +98,11 @@ func NewFieldNotSupported(field string, value interface{}) ValidationError {
return ValidationError{ValidationErrorTypeNotSupported, field, value}
}
// NewFieldForbidden returns a ValidationError indicating "forbidden"
func NewFieldForbidden(field string, value interface{}) ValidationError {
return ValidationError{ValidationErrorTypeForbidden, field, value}
}
// NewFieldDuplicate returns a ValidationError indicating "duplicate value"
func NewFieldDuplicate(field string, value interface{}) ValidationError {
return ValidationError{ValidationErrorTypeDuplicate, field, value}

2
pkg/api/validation/validation.go
View File

@ -257,7 +257,7 @@ func validateContainers(containers []api.Container, volumes util.StringSet) errs
} else if allNames.Has(ctr.Name) {
cErrs = append(cErrs, errs.NewFieldDuplicate("name", ctr.Name))
} else if ctr.Privileged && !capabilities.AllowPrivileged {
cErrs = append(cErrs, errs.NewFieldInvalid("privileged", ctr.Privileged))
cErrs = append(cErrs, errs.NewFieldForbidden("privileged", ctr.Privileged))
} else {
allNames.Insert(ctr.Name)
}