From e5dbfdacc07e9dd7ad76498e574cc8be443edc4d Mon Sep 17 00:00:00 2001 From: deads2k Date: Fri, 9 Sep 2016 14:57:11 -0400 Subject: [PATCH] generated client --- .../authorization.k8s.io_v1beta1.json | 155 +++++++++++++----- .../unversioned/authorization_client.go | 5 + .../fake/fake_authorization_client.go | 4 + .../fake/fake_localsubjectaccessreview.go | 23 +++ .../unversioned/localsubjectaccessreview.go | 42 +++++ .../v1beta1/authorization_client.go | 5 + .../v1beta1/fake/fake_authorization_client.go | 4 + .../fake/fake_localsubjectaccessreview.go | 23 +++ .../v1beta1/localsubjectaccessreview.go | 42 +++++ 9 files changed, 266 insertions(+), 37 deletions(-) create mode 100644 pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_localsubjectaccessreview.go create mode 100644 pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/localsubjectaccessreview.go create mode 100644 pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_localsubjectaccessreview.go create mode 100644 pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/localsubjectaccessreview.go diff --git a/api/swagger-spec/authorization.k8s.io_v1beta1.json b/api/swagger-spec/authorization.k8s.io_v1beta1.json index eb539d24548..fa06c6185e3 100644 --- a/api/swagger-spec/authorization.k8s.io_v1beta1.json +++ b/api/swagger-spec/authorization.k8s.io_v1beta1.json @@ -8,6 +8,59 @@ "description": "" }, "apis": [ + { + "path": "/apis/authorization.k8s.io/v1beta1/namespaces/{namespace}/localsubjectaccessreviews", + "description": "API at /apis/authorization.k8s.io/v1beta1", + "operations": [ + { + "type": "v1beta1.LocalSubjectAccessReview", + "method": "POST", + "summary": "create a LocalSubjectAccessReview", + "nickname": "createNamespacedLocalSubjectAccessReview", + "parameters": [ + { + "type": "string", + "paramType": "query", + "name": "pretty", + "description": "If 'true', then the output is pretty printed.", + "required": false, + "allowMultiple": false + }, + { + "type": "v1beta1.LocalSubjectAccessReview", + "paramType": "body", + "name": "body", + "description": "", + "required": true, + "allowMultiple": false + }, + { + "type": "string", + "paramType": "path", + "name": "namespace", + "description": "object name and auth scope, such as for teams and projects", + "required": true, + "allowMultiple": false + } + ], + "responseMessages": [ + { + "code": 200, + "message": "OK", + "responseModel": "v1beta1.LocalSubjectAccessReview" + } + ], + "produces": [ + "application/json", + "application/yaml", + "application/vnd.kubernetes.protobuf" + ], + "consumes": [ + "*/*" + ] + } + ] + }, { "path": "/apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews", "description": "API at /apis/authorization.k8s.io/v1beta1", @@ -123,9 +176,9 @@ } ], "models": { - "v1beta1.SelfSubjectAccessReview": { - "id": "v1beta1.SelfSubjectAccessReview", - "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", + "v1beta1.LocalSubjectAccessReview": { + "id": "v1beta1.LocalSubjectAccessReview", + "description": "LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.", "required": [ "spec" ], @@ -142,8 +195,8 @@ "$ref": "v1.ObjectMeta" }, "spec": { - "$ref": "v1beta1.SelfSubjectAccessReviewSpec", - "description": "Spec holds information about the request being evaluated. user and groups must be empty" + "$ref": "v1beta1.SubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted." }, "status": { "$ref": "v1beta1.SubjectAccessReviewStatus", @@ -259,9 +312,9 @@ } } }, - "v1beta1.SelfSubjectAccessReviewSpec": { - "id": "v1beta1.SelfSubjectAccessReviewSpec", - "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "v1beta1.SubjectAccessReviewSpec": { + "id": "v1beta1.SubjectAccessReviewSpec", + "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", "properties": { "resourceAttributes": { "$ref": "v1beta1.ResourceAttributes", @@ -270,6 +323,21 @@ "nonResourceAttributes": { "$ref": "v1beta1.NonResourceAttributes", "description": "NonResourceAttributes describes information for a non-resource access request" + }, + "user": { + "type": "string", + "description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups" + }, + "group": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Groups is the groups you're testing for." + }, + "extra": { + "type": "object", + "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here." } } }, @@ -342,6 +410,48 @@ } } }, + "v1beta1.SelfSubjectAccessReview": { + "id": "v1beta1.SelfSubjectAccessReview", + "description": "SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means \"in all namespaces\". Self is a special case, because users should always be able to check whether they can perform an action", + "required": [ + "spec" + ], + "properties": { + "kind": { + "type": "string", + "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds" + }, + "apiVersion": { + "type": "string", + "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources" + }, + "metadata": { + "$ref": "v1.ObjectMeta" + }, + "spec": { + "$ref": "v1beta1.SelfSubjectAccessReviewSpec", + "description": "Spec holds information about the request being evaluated. user and groups must be empty" + }, + "status": { + "$ref": "v1beta1.SubjectAccessReviewStatus", + "description": "Status is filled in by the server and indicates whether the request is allowed or not" + } + } + }, + "v1beta1.SelfSubjectAccessReviewSpec": { + "id": "v1beta1.SelfSubjectAccessReviewSpec", + "description": "SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", + "properties": { + "resourceAttributes": { + "$ref": "v1beta1.ResourceAttributes", + "description": "ResourceAuthorizationAttributes describes information for a resource access request" + }, + "nonResourceAttributes": { + "$ref": "v1beta1.NonResourceAttributes", + "description": "NonResourceAttributes describes information for a non-resource access request" + } + } + }, "v1beta1.SubjectAccessReview": { "id": "v1beta1.SubjectAccessReview", "description": "SubjectAccessReview checks whether or not a user or group can perform an action.", @@ -370,35 +480,6 @@ } } }, - "v1beta1.SubjectAccessReviewSpec": { - "id": "v1beta1.SubjectAccessReviewSpec", - "description": "SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set", - "properties": { - "resourceAttributes": { - "$ref": "v1beta1.ResourceAttributes", - "description": "ResourceAuthorizationAttributes describes information for a resource access request" - }, - "nonResourceAttributes": { - "$ref": "v1beta1.NonResourceAttributes", - "description": "NonResourceAttributes describes information for a non-resource access request" - }, - "user": { - "type": "string", - "description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups" - }, - "group": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Groups is the groups you're testing for." - }, - "extra": { - "type": "object", - "description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here." - } - } - }, "unversioned.APIResourceList": { "id": "unversioned.APIResourceList", "description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.", diff --git a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/authorization_client.go b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/authorization_client.go index cb7faf3ac01..b07517c8a54 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/authorization_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/authorization_client.go @@ -24,6 +24,7 @@ import ( type AuthorizationInterface interface { GetRESTClient() *restclient.RESTClient + LocalSubjectAccessReviewsGetter SelfSubjectAccessReviewsGetter SubjectAccessReviewsGetter } @@ -33,6 +34,10 @@ type AuthorizationClient struct { *restclient.RESTClient } +func (c *AuthorizationClient) LocalSubjectAccessReviews(namespace string) LocalSubjectAccessReviewInterface { + return newLocalSubjectAccessReviews(c, namespace) +} + func (c *AuthorizationClient) SelfSubjectAccessReviews() SelfSubjectAccessReviewInterface { return newSelfSubjectAccessReviews(c) } diff --git a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_authorization_client.go b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_authorization_client.go index b125d121683..62d962795a2 100644 --- a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_authorization_client.go +++ b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_authorization_client.go @@ -26,6 +26,10 @@ type FakeAuthorization struct { *core.Fake } +func (c *FakeAuthorization) LocalSubjectAccessReviews(namespace string) unversioned.LocalSubjectAccessReviewInterface { + return &FakeLocalSubjectAccessReviews{c, namespace} +} + func (c *FakeAuthorization) SelfSubjectAccessReviews() unversioned.SelfSubjectAccessReviewInterface { return &FakeSelfSubjectAccessReviews{c} } diff --git a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_localsubjectaccessreview.go b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_localsubjectaccessreview.go new file mode 100644 index 00000000000..50a1e3a8997 --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/fake/fake_localsubjectaccessreview.go @@ -0,0 +1,23 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fake + +// FakeLocalSubjectAccessReviews implements LocalSubjectAccessReviewInterface +type FakeLocalSubjectAccessReviews struct { + Fake *FakeAuthorization + ns string +} diff --git a/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/localsubjectaccessreview.go b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/localsubjectaccessreview.go new file mode 100644 index 00000000000..4257a68a55e --- /dev/null +++ b/pkg/client/clientset_generated/internalclientset/typed/authorization/unversioned/localsubjectaccessreview.go @@ -0,0 +1,42 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package unversioned + +// LocalSubjectAccessReviewsGetter has a method to return a LocalSubjectAccessReviewInterface. +// A group's client should implement this interface. +type LocalSubjectAccessReviewsGetter interface { + LocalSubjectAccessReviews(namespace string) LocalSubjectAccessReviewInterface +} + +// LocalSubjectAccessReviewInterface has methods to work with LocalSubjectAccessReview resources. +type LocalSubjectAccessReviewInterface interface { + LocalSubjectAccessReviewExpansion +} + +// localSubjectAccessReviews implements LocalSubjectAccessReviewInterface +type localSubjectAccessReviews struct { + client *AuthorizationClient + ns string +} + +// newLocalSubjectAccessReviews returns a LocalSubjectAccessReviews +func newLocalSubjectAccessReviews(c *AuthorizationClient, namespace string) *localSubjectAccessReviews { + return &localSubjectAccessReviews{ + client: c, + ns: namespace, + } +} diff --git a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/authorization_client.go b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/authorization_client.go index 43c4ddbbf13..7b55d185ae1 100644 --- a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/authorization_client.go +++ b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/authorization_client.go @@ -25,6 +25,7 @@ import ( type AuthorizationInterface interface { GetRESTClient() *restclient.RESTClient + LocalSubjectAccessReviewsGetter SelfSubjectAccessReviewsGetter SubjectAccessReviewsGetter } @@ -34,6 +35,10 @@ type AuthorizationClient struct { *restclient.RESTClient } +func (c *AuthorizationClient) LocalSubjectAccessReviews(namespace string) LocalSubjectAccessReviewInterface { + return newLocalSubjectAccessReviews(c, namespace) +} + func (c *AuthorizationClient) SelfSubjectAccessReviews() SelfSubjectAccessReviewInterface { return newSelfSubjectAccessReviews(c) } diff --git a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_authorization_client.go b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_authorization_client.go index 719b41a083d..e9d34263731 100644 --- a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_authorization_client.go +++ b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_authorization_client.go @@ -26,6 +26,10 @@ type FakeAuthorization struct { *core.Fake } +func (c *FakeAuthorization) LocalSubjectAccessReviews(namespace string) v1beta1.LocalSubjectAccessReviewInterface { + return &FakeLocalSubjectAccessReviews{c, namespace} +} + func (c *FakeAuthorization) SelfSubjectAccessReviews() v1beta1.SelfSubjectAccessReviewInterface { return &FakeSelfSubjectAccessReviews{c} } diff --git a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_localsubjectaccessreview.go b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_localsubjectaccessreview.go new file mode 100644 index 00000000000..50a1e3a8997 --- /dev/null +++ b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/fake/fake_localsubjectaccessreview.go @@ -0,0 +1,23 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package fake + +// FakeLocalSubjectAccessReviews implements LocalSubjectAccessReviewInterface +type FakeLocalSubjectAccessReviews struct { + Fake *FakeAuthorization + ns string +} diff --git a/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/localsubjectaccessreview.go b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/localsubjectaccessreview.go new file mode 100644 index 00000000000..c605b8d04d2 --- /dev/null +++ b/pkg/client/clientset_generated/release_1_4/typed/authorization/v1beta1/localsubjectaccessreview.go @@ -0,0 +1,42 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +// LocalSubjectAccessReviewsGetter has a method to return a LocalSubjectAccessReviewInterface. +// A group's client should implement this interface. +type LocalSubjectAccessReviewsGetter interface { + LocalSubjectAccessReviews(namespace string) LocalSubjectAccessReviewInterface +} + +// LocalSubjectAccessReviewInterface has methods to work with LocalSubjectAccessReview resources. +type LocalSubjectAccessReviewInterface interface { + LocalSubjectAccessReviewExpansion +} + +// localSubjectAccessReviews implements LocalSubjectAccessReviewInterface +type localSubjectAccessReviews struct { + client *AuthorizationClient + ns string +} + +// newLocalSubjectAccessReviews returns a LocalSubjectAccessReviews +func newLocalSubjectAccessReviews(c *AuthorizationClient, namespace string) *localSubjectAccessReviews { + return &localSubjectAccessReviews{ + client: c, + ns: namespace, + } +}