steve/pkg/accesscontrol/access_store.go

package accesscontrol

import (
	v1 "github.com/rancher/wrangler-api/pkg/generated/controllers/rbac/v1"
	"k8s.io/apiserver/pkg/authentication/user"
)

type AccessSetLookup interface {
	AccessFor(user user.Info) *AccessSet
}

type AccessStore struct {
	users  *policyRuleIndex
	groups *policyRuleIndex
}

func NewAccessStore(rbac v1.Interface) *AccessStore {
	return &AccessStore{
		users:  newPolicyRuleIndex(true, rbac),
		groups: newPolicyRuleIndex(false, rbac),
	}
}

func (l *AccessStore) AccessFor(user user.Info) *AccessSet {
	result := l.users.get(user.GetName())
	for _, group := range user.GetGroups() {
		result.Merge(l.groups.get(group))
	}
	return result
}
Initial commit 2019-08-04 17:41:32 +00:00			`package accesscontrol`

			`import (`
			`v1 "github.com/rancher/wrangler-api/pkg/generated/controllers/rbac/v1"`
			`"k8s.io/apiserver/pkg/authentication/user"`
			`)`

Allow passing in access control impl to the server 2020-02-04 21:11:21 +00:00			`type AccessSetLookup interface {`
			`AccessFor(user user.Info) *AccessSet`
			`}`

Initial commit 2019-08-04 17:41:32 +00:00			`type AccessStore struct {`
			`users *policyRuleIndex`
			`groups *policyRuleIndex`
			`}`

			`func NewAccessStore(rbac v1.Interface) *AccessStore {`
			`return &AccessStore{`
			`users: newPolicyRuleIndex(true, rbac),`
			`groups: newPolicyRuleIndex(false, rbac),`
			`}`
			`}`

			`func (l AccessStore) AccessFor(user user.Info) AccessSet {`
			`result := l.users.get(user.GetName())`
			`for _, group := range user.GetGroups() {`
			`result.Merge(l.groups.get(group))`
			`}`
			`return result`
			`}`