github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add missing UID in SubjectAccessReviewSpec 

WebhookAuthorizer's Authorize should send *all* the information
present in the user.Info data structure. We are not sending the
UID currently.
pull/6/head
Davanum Srinivas 2017-07-26 21:34:11 -04:00
parent dd819b5013
commit 9a761b16c1
22 changed files with 460 additions and 210 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/openapi-spec/swagger.json
View File

@ -52583,6 +52583,10 @@
"description": "ResourceAuthorizationAttributes describes information for a resource access request",
"$ref": "#/definitions/io.k8s.api.authorization.v1.ResourceAttributes"
},
"uid": {
"description": "UID information about the requesting user.",
"type": "string"
},
"user": {
"description": "User is the user you're testing for. If you specify \"User\" but not \"Groups\", then is it interpreted as \"What if User were not a member of any groups",
"type": "string"
@ -52798,6 +52802,10 @@
"description": "ResourceAuthorizationAttributes describes information for a resource access request",
"$ref": "#/definitions/io.k8s.api.authorization.v1beta1.ResourceAttributes"
},
"uid": {
"description": "UID information about the requesting user.",
"type": "string"
},
"user": {
"description": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups",
"type": "string"

4
api/swagger-spec/authorization.k8s.io_v1.json
View File

@ -482,6 +482,10 @@
"extra": {
"type": "object",
"description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here."
},
"uid": {
"type": "string",
"description": "UID information about the requesting user."
}
}
},

4
api/swagger-spec/authorization.k8s.io_v1beta1.json
View File

@ -482,6 +482,10 @@
"extra": {
"type": "object",
"description": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here."
},
"uid": {
"type": "string",
"description": "UID information about the requesting user."
}
}
},

7
docs/api-reference/authorization.k8s.io/v1/definitions.html
View File

@ -1155,6 +1155,13 @@ When an object is created, the system will populate this list with the current s
<td class="tableblock halign-left valign-top"><p class="tableblock">object</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">uid</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">UID information about the requesting user.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
</tbody>
</table>

7
docs/api-reference/authorization.k8s.io/v1beta1/definitions.html
View File

@ -931,6 +931,13 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
<td class="tableblock halign-left valign-top"><p class="tableblock">object</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">uid</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">UID information about the requesting user.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
</tbody>
</table>

2
pkg/apis/authorization/types.go
View File

@ -121,6 +121,8 @@ type SubjectAccessReviewSpec struct {
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
// it needs a reflection here.
Extra map[string]ExtraValue
// UID information about the requesting user.
UID string
}
// ExtraValue masks the value so protobuf can generate

2
pkg/apis/authorization/v1/zz_generated.conversion.go
View File

@ -233,6 +233,7 @@ func autoConvert_v1_SubjectAccessReviewSpec_To_authorization_SubjectAccessReview
out.User = in.User
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
out.Extra = *(*map[string]authorization.ExtraValue)(unsafe.Pointer(&in.Extra))
out.UID = in.UID
return nil
}
@ -247,6 +248,7 @@ func autoConvert_authorization_SubjectAccessReviewSpec_To_v1_SubjectAccessReview
out.User = in.User
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
out.Extra = *(*map[string]v1.ExtraValue)(unsafe.Pointer(&in.Extra))
out.UID = in.UID
return nil
}

2
pkg/apis/authorization/v1beta1/zz_generated.conversion.go
View File

@ -233,6 +233,7 @@ func autoConvert_v1beta1_SubjectAccessReviewSpec_To_authorization_SubjectAccessR
out.User = in.User
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
out.Extra = *(*map[string]authorization.ExtraValue)(unsafe.Pointer(&in.Extra))
out.UID = in.UID
return nil
}
@ -247,6 +248,7 @@ func autoConvert_authorization_SubjectAccessReviewSpec_To_v1beta1_SubjectAccessR
out.User = in.User
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
out.Extra = *(*map[string]v1beta1.ExtraValue)(unsafe.Pointer(&in.Extra))
out.UID = in.UID
return nil
}

1
pkg/controller/certificates/approver/sarapprove.go
View File

@ -120,6 +120,7 @@ func (a *sarApprover) authorize(csr *capi.CertificateSigningRequest, rattrs auth
sar := &authorization.SubjectAccessReview{
Spec: authorization.SubjectAccessReviewSpec{
User: csr.Spec.Username,
UID: csr.Spec.UID,
Groups: csr.Spec.Groups,
Extra: extra,
ResourceAttributes: &rattrs,

1
pkg/registry/authorization/util/helpers.go
View File

@ -64,6 +64,7 @@ func AuthorizationAttributesFrom(spec authorizationapi.SubjectAccessReviewSpec)
userToCheck := &user.DefaultInfo{
Name: spec.User,
Groups: spec.Groups,
UID: spec.UID,
Extra: convertToUserInfoExtra(spec.Extra),
}

151
staging/src/k8s.io/api/authorization/v1/generated.pb.go
View File

@ -466,6 +466,10 @@ func (m *SubjectAccessReviewSpec) MarshalTo(dAtA []byte) (int, error) {
i += n14
}
}
dAtA[i] = 0x32
i++
i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
i += copy(dAtA[i:], m.UID)
return i, nil
}
@ -650,6 +654,8 @@ func (m *SubjectAccessReviewSpec) Size() (n int) {
n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
}
}
l = len(m.UID)
n += 1 + l + sovGenerated(uint64(l))
return n
}
@ -771,6 +777,7 @@ func (this *SubjectAccessReviewSpec) String() string {
`User:` + fmt.Sprintf("%v", this.User) + `,`,
`Groups:` + fmt.Sprintf("%v", this.Groups) + `,`,
`Extra:` + mapStringForExtra + `,`,
`UID:` + fmt.Sprintf("%v", this.UID) + `,`,
`}`,
}, "")
return s
@ -2045,6 +2052,35 @@ func (m *SubjectAccessReviewSpec) Unmarshal(dAtA []byte) error {
m.Extra[mapkey] = mapvalue
}
iNdEx = postIndex
case 6:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field UID", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + intStringLen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.UID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
@ -2304,61 +2340,62 @@ func init() {
}
var fileDescriptorGenerated = []byte{
// 885 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x56, 0x41, 0x6f, 0x1b, 0x45,
0x14, 0xf6, 0x3a, 0xb6, 0x63, 0x4f, 0x80, 0x94, 0xa9, 0x4a, 0xb6, 0xa9, 0xb4, 0xb6, 0x8c, 0x04,
0x41, 0x82, 0x5d, 0x12, 0x4a, 0x89, 0x2a, 0x21, 0x94, 0x15, 0x11, 0x42, 0x82, 0x82, 0x26, 0x22,
0x87, 0x22, 0x21, 0x66, 0xd7, 0xaf, 0xf6, 0x62, 0x7b, 0x67, 0x35, 0x33, 0xbb, 0x21, 0x9c, 0x2a,
0xf1, 0x07, 0x38, 0x72, 0xe0, 0xc0, 0x8d, 0x23, 0x42, 0x42, 0xe2, 0xc6, 0x39, 0xc7, 0x1e, 0x7b,
0x40, 0x16, 0x59, 0xfe, 0x08, 0x9a, 0xd9, 0xb1, 0xb7, 0x69, 0xd6, 0xae, 0xda, 0x4b, 0x2f, 0xbd,
0xed, 0xbc, 0xef, 0xfb, 0xde, 0x7b, 0xf3, 0xe6, 0xed, 0xbc, 0x41, 0x1f, 0x8f, 0xf7, 0x85, 0x1b,
0x31, 0x6f, 0x9c, 0x06, 0xc0, 0x63, 0x90, 0x20, 0xbc, 0x0c, 0xe2, 0x01, 0xe3, 0x9e, 0x01, 0x68,
0x12, 0x79, 0x34, 0x95, 0x23, 0xc6, 0xa3, 0x1f, 0xa8, 0x8c, 0x58, 0xec, 0x65, 0xbb, 0xde, 0x10,
0x62, 0xe0, 0x54, 0xc2, 0xc0, 0x4d, 0x38, 0x93, 0x0c, 0xdf, 0x28, 0xc8, 0x2e, 0x4d, 0x22, 0xf7,
0x02, 0xd9, 0xcd, 0x76, 0xb7, 0xdf, 0x19, 0x46, 0x72, 0x94, 0x06, 0x6e, 0xc8, 0xa6, 0xde, 0x90,
0x0d, 0x99, 0xa7, 0x35, 0x41, 0x7a, 0x4f, 0xaf, 0xf4, 0x42, 0x7f, 0x15, 0xbe, 0xb6, 0x6f, 0x96,
0x81, 0xa7, 0x34, 0x1c, 0x45, 0x31, 0xf0, 0x53, 0x2f, 0x19, 0x0f, 0x95, 0x41, 0x78, 0x53, 0x90,
0xb4, 0x22, 0x83, 0x6d, 0x6f, 0x99, 0x8a, 0xa7, 0xb1, 0x8c, 0xa6, 0x70, 0x49, 0x70, 0xeb, 0x49,
0x02, 0x11, 0x8e, 0x60, 0x4a, 0x2f, 0xe9, 0xde, 0x5b, 0xa6, 0x4b, 0x65, 0x34, 0xf1, 0xa2, 0x58,
0x0a, 0xc9, 0x1f, 0x17, 0xf5, 0x3f, 0x40, 0xe8, 0xf0, 0x7b, 0xc9, 0xe9, 0x31, 0x9d, 0xa4, 0x80,
0xbb, 0xa8, 0x19, 0x49, 0x98, 0x0a, 0xdb, 0xea, 0xad, 0xed, 0x74, 0xfc, 0x4e, 0x3e, 0xeb, 0x36,
0x3f, 0x55, 0x06, 0x52, 0xd8, 0x6f, 0xb7, 0x7f, 0xfe, 0xb5, 0x5b, 0xbb, 0xff, 0x4f, 0xaf, 0xd6,
0xff, 0xb3, 0x8e, 0xec, 0xcf, 0x58, 0x48, 0x27, 0x47, 0x69, 0xf0, 0x1d, 0x84, 0xf2, 0x20, 0x0c,
0x41, 0x08, 0x02, 0x59, 0x04, 0x27, 0xf8, 0x5b, 0xd4, 0x56, 0xe5, 0x18, 0x50, 0x49, 0x6d, 0xab,
0x67, 0xed, 0x6c, 0xec, 0xbd, 0xeb, 0x96, 0x07, 0xb1, 0xc8, 0xce, 0x4d, 0xc6, 0x43, 0x65, 0x10,
0xae, 0x62, 0xbb, 0xd9, 0xae, 0xfb, 0x85, 0xf6, 0xf5, 0x39, 0x48, 0xea, 0xe3, 0xb3, 0x59, 0xb7,
0x96, 0xcf, 0xba, 0xa8, 0xb4, 0x91, 0x85, 0x57, 0x7c, 0x8c, 0x1a, 0x22, 0x81, 0xd0, 0xae, 0x6b,
0xef, 0x37, 0xdd, 0x15, 0xc7, 0xec, 0x56, 0x64, 0x78, 0x94, 0x40, 0xe8, 0xbf, 0x64, 0x22, 0x34,
0xd4, 0x8a, 0x68, 0x7f, 0xf8, 0x1b, 0xd4, 0x12, 0x92, 0xca, 0x54, 0xd8, 0x6b, 0xda, 0xf3, 0xad,
0xa7, 0xf6, 0xac, 0xd5, 0xfe, 0x2b, 0xc6, 0x77, 0xab, 0x58, 0x13, 0xe3, 0xb5, 0xff, 0x35, 0xba,
0x76, 0x87, 0xc5, 0x04, 0x04, 0x4b, 0x79, 0x08, 0x07, 0x52, 0xf2, 0x28, 0x48, 0x25, 0x08, 0xdc,
0x43, 0x8d, 0x84, 0xca, 0x91, 0x2e, 0x57, 0xa7, 0x4c, 0xed, 0x4b, 0x2a, 0x47, 0x44, 0x23, 0x8a,
0x91, 0x01, 0x0f, 0xf4, 0x96, 0x1f, 0x61, 0x1c, 0x03, 0x0f, 0x88, 0x46, 0xfa, 0x7f, 0xd7, 0x11,
0xae, 0x70, 0xed, 0xa1, 0x4e, 0x4c, 0xa7, 0x20, 0x12, 0x1a, 0x82, 0xf1, 0xff, 0xaa, 0x51, 0x77,
0xee, 0xcc, 0x01, 0x52, 0x72, 0x9e, 0x1c, 0x09, 0xbf, 0x8e, 0x9a, 0x43, 0xce, 0xd2, 0x44, 0x57,
0xa9, 0xe3, 0xbf, 0x6c, 0x28, 0xcd, 0x4f, 0x94, 0x91, 0x14, 0x18, 0x7e, 0x0b, 0xad, 0x67, 0xc0,
0x45, 0xc4, 0x62, 0xbb, 0xa1, 0x69, 0x9b, 0x86, 0xb6, 0x7e, 0x5c, 0x98, 0xc9, 0x1c, 0xc7, 0x6f,
0xa3, 0x36, 0x37, 0x89, 0xdb, 0x4d, 0xcd, 0xbd, 0x62, 0xb8, 0xed, 0xf9, 0x86, 0xc8, 0x82, 0x81,
0xdf, 0x47, 0x1b, 0x22, 0x0d, 0x16, 0x82, 0x96, 0x16, 0x5c, 0x35, 0x82, 0x8d, 0xa3, 0x12, 0x22,
0x8f, 0xf2, 0xd4, 0xb6, 0xd4, 0x1e, 0xed, 0xf5, 0x8b, 0xdb, 0x52, 0x25, 0x20, 0x1a, 0xe9, 0xff,
0x55, 0x47, 0x5b, 0x47, 0x30, 0xb9, 0xf7, 0x7c, 0x7a, 0xfa, 0xee, 0x85, 0x9e, 0xde, 0x5f, 0xdd,
0x79, 0xd5, 0x59, 0x3e, 0xb7, 0xbe, 0xfe, 0xa5, 0x8e, 0x6e, 0xac, 0xc8, 0x09, 0x9f, 0x20, 0xcc,
0x2f, 0x75, 0xa6, 0xa9, 0xa3, 0xb7, 0x32, 0x97, 0xcb, 0x0d, 0xed, 0xbf, 0x96, 0xcf, 0xba, 0x15,
0x8d, 0x4e, 0x2a, 0x42, 0xe0, 0x1f, 0x2d, 0x74, 0x2d, 0xae, 0xfa, 0xe3, 0x4c, 0x99, 0xf7, 0x56,
0x06, 0xaf, 0xfc, 0x57, 0xfd, 0xeb, 0xf9, 0xac, 0x5b, 0xfd, 0x1b, 0x93, 0xea, 0x58, 0xfd, 0xdf,
0xeb, 0xe8, 0xea, 0x8b, 0x8b, 0xf2, 0x69, 0x1a, 0xea, 0xb7, 0x06, 0xda, 0x7a, 0xd1, 0x4c, 0xcb,
0x46, 0x45, 0x2a, 0x80, 0x9b, 0xbb, 0x77, 0x71, 0x38, 0x5f, 0x09, 0xe0, 0x44, 0x23, 0xb8, 0x8f,
0x5a, 0xfa, 0x0a, 0x16, 0x76, 0x43, 0x0f, 0x72, 0xa4, 0x0a, 0xac, 0xef, 0x66, 0x41, 0x0c, 0x82,
0x07, 0xa8, 0x09, 0x6a, 0xf2, 0xdb, 0xcd, 0xde, 0xda, 0xce, 0xc6, 0xde, 0x47, 0xcf, 0xd2, 0x19,
0xae, 0x7e, 0x3b, 0x1c, 0xc6, 0x92, 0x9f, 0x96, 0x33, 0x40, 0xdb, 0x48, 0xe1, 0x7c, 0x9b, 0x9a,
0xf7, 0x85, 0xe6, 0xe0, 0x2b, 0x68, 0x6d, 0x0c, 0xa7, 0xc5, 0x0c, 0x22, 0xea, 0x13, 0x7f, 0x88,
0x9a, 0x99, 0x7a, 0x7a, 0x98, 0x02, 0xbe, 0xb9, 0x32, 0x8b, 0xf2, 0xa5, 0x42, 0x0a, 0xd5, 0xed,
0xfa, 0xbe, 0xd5, 0xff, 0xc3, 0x42, 0xd7, 0x97, 0xf6, 0x97, 0x1a, 0x42, 0x74, 0x32, 0x61, 0x27,
0x30, 0xd0, 0x61, 0xdb, 0xe5, 0x10, 0x3a, 0x28, 0xcc, 0x64, 0x8e, 0xe3, 0x37, 0x50, 0x8b, 0x03,
0x15, 0x2c, 0x36, 0x83, 0x6f, 0xd1, 0x9a, 0x44, 0x5b, 0x89, 0x41, 0xf1, 0x01, 0xda, 0x04, 0x15,
0x5e, 0xe7, 0x75, 0xc8, 0x39, 0x9b, 0x1f, 0xc5, 0x96, 0x11, 0x6c, 0x1e, 0x5e, 0x84, 0xc9, 0xe3,
0x7c, 0x7f, 0xe7, 0xec, 0xdc, 0xa9, 0x3d, 0x38, 0x77, 0x6a, 0x0f, 0xcf, 0x9d, 0xda, 0xfd, 0xdc,
0xb1, 0xce, 0x72, 0xc7, 0x7a, 0x90, 0x3b, 0xd6, 0xc3, 0xdc, 0xb1, 0xfe, 0xcd, 0x1d, 0xeb, 0xa7,
0xff, 0x9c, 0xda, 0xdd, 0x7a, 0xb6, 0xfb, 0x7f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x68, 0x24, 0x86,
0x65, 0x07, 0x0b, 0x00, 0x00,
// 902 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x56, 0x4f, 0x6f, 0x1b, 0x45,
0x14, 0xf7, 0xfa, 0x5f, 0xec, 0x31, 0x90, 0x32, 0x55, 0xc9, 0x36, 0x15, 0x6b, 0xcb, 0x48, 0x10,
0x24, 0xd8, 0x25, 0xa1, 0x94, 0xa8, 0x12, 0x42, 0xb1, 0x1a, 0xa1, 0x4a, 0x50, 0xd0, 0x44, 0xcd,
0xa1, 0x48, 0x88, 0xd9, 0xf5, 0xab, 0xbd, 0xd8, 0xde, 0x59, 0xcd, 0xcc, 0x6e, 0x08, 0xa7, 0x4a,
0x7c, 0x01, 0x8e, 0x1c, 0x38, 0xf0, 0x0d, 0x10, 0x12, 0x12, 0x37, 0x8e, 0x28, 0xc7, 0x1e, 0x7b,
0x40, 0x16, 0x59, 0xbe, 0x08, 0x9a, 0xd9, 0xb1, 0xb7, 0x69, 0x36, 0xae, 0xda, 0x4b, 0x2f, 0xbd,
0xed, 0xbc, 0xf7, 0xfb, 0xfd, 0xde, 0x9b, 0x37, 0x6f, 0xe7, 0x0d, 0xba, 0x35, 0xd9, 0x15, 0x6e,
0xc8, 0xbc, 0x49, 0xe2, 0x03, 0x8f, 0x40, 0x82, 0xf0, 0x52, 0x88, 0x86, 0x8c, 0x7b, 0xc6, 0x41,
0xe3, 0xd0, 0xa3, 0x89, 0x1c, 0x33, 0x1e, 0xfe, 0x40, 0x65, 0xc8, 0x22, 0x2f, 0xdd, 0xf6, 0x46,
0x10, 0x01, 0xa7, 0x12, 0x86, 0x6e, 0xcc, 0x99, 0x64, 0xf8, 0x5a, 0x0e, 0x76, 0x69, 0x1c, 0xba,
0x67, 0xc0, 0x6e, 0xba, 0xbd, 0xf9, 0xfe, 0x28, 0x94, 0xe3, 0xc4, 0x77, 0x03, 0x36, 0xf3, 0x46,
0x6c, 0xc4, 0x3c, 0xcd, 0xf1, 0x93, 0xfb, 0x7a, 0xa5, 0x17, 0xfa, 0x2b, 0xd7, 0xda, 0xbc, 0x5e,
0x04, 0x9e, 0xd1, 0x60, 0x1c, 0x46, 0xc0, 0x8f, 0xbd, 0x78, 0x32, 0x52, 0x06, 0xe1, 0xcd, 0x40,
0xd2, 0x92, 0x0c, 0x36, 0xbd, 0x8b, 0x58, 0x3c, 0x89, 0x64, 0x38, 0x83, 0x73, 0x84, 0x1b, 0x4f,
0x23, 0x88, 0x60, 0x0c, 0x33, 0x7a, 0x8e, 0xf7, 0xe1, 0x45, 0xbc, 0x44, 0x86, 0x53, 0x2f, 0x8c,
0xa4, 0x90, 0xfc, 0x49, 0x52, 0xff, 0x63, 0x84, 0xf6, 0xbf, 0x97, 0x9c, 0x1e, 0xd2, 0x69, 0x02,
0xb8, 0x8b, 0x1a, 0xa1, 0x84, 0x99, 0xb0, 0xad, 0x5e, 0x6d, 0xab, 0x3d, 0x68, 0x67, 0xf3, 0x6e,
0xe3, 0xb6, 0x32, 0x90, 0xdc, 0x7e, 0xb3, 0xf5, 0xf3, 0xaf, 0xdd, 0xca, 0x83, 0x7f, 0x7a, 0x95,
0xfe, 0x1f, 0x55, 0x64, 0x7f, 0xce, 0x02, 0x3a, 0x3d, 0x48, 0xfc, 0xef, 0x20, 0x90, 0x7b, 0x41,
0x00, 0x42, 0x10, 0x48, 0x43, 0x38, 0xc2, 0xdf, 0xa2, 0x96, 0x2a, 0xc7, 0x90, 0x4a, 0x6a, 0x5b,
0x3d, 0x6b, 0xab, 0xb3, 0xf3, 0x81, 0x5b, 0x1c, 0xc4, 0x32, 0x3b, 0x37, 0x9e, 0x8c, 0x94, 0x41,
0xb8, 0x0a, 0xed, 0xa6, 0xdb, 0xee, 0x97, 0x5a, 0xeb, 0x0b, 0x90, 0x74, 0x80, 0x4f, 0xe6, 0xdd,
0x4a, 0x36, 0xef, 0xa2, 0xc2, 0x46, 0x96, 0xaa, 0xf8, 0x10, 0xd5, 0x45, 0x0c, 0x81, 0x5d, 0xd5,
0xea, 0xd7, 0xdd, 0x15, 0xc7, 0xec, 0x96, 0x64, 0x78, 0x10, 0x43, 0x30, 0x78, 0xc5, 0x44, 0xa8,
0xab, 0x15, 0xd1, 0x7a, 0xf8, 0x1b, 0xd4, 0x14, 0x92, 0xca, 0x44, 0xd8, 0x35, 0xad, 0x7c, 0xe3,
0x99, 0x95, 0x35, 0x7b, 0xf0, 0x9a, 0xd1, 0x6e, 0xe6, 0x6b, 0x62, 0x54, 0xfb, 0x5f, 0xa3, 0x2b,
0x77, 0x58, 0x44, 0x40, 0xb0, 0x84, 0x07, 0xb0, 0x27, 0x25, 0x0f, 0xfd, 0x44, 0x82, 0xc0, 0x3d,
0x54, 0x8f, 0xa9, 0x1c, 0xeb, 0x72, 0xb5, 0x8b, 0xd4, 0xbe, 0xa2, 0x72, 0x4c, 0xb4, 0x47, 0x21,
0x52, 0xe0, 0xbe, 0xde, 0xf2, 0x63, 0x88, 0x43, 0xe0, 0x3e, 0xd1, 0x9e, 0xfe, 0x5f, 0x55, 0x84,
0x4b, 0xa4, 0x3d, 0xd4, 0x8e, 0xe8, 0x0c, 0x44, 0x4c, 0x03, 0x30, 0xfa, 0xaf, 0x1b, 0x76, 0xfb,
0xce, 0xc2, 0x41, 0x0a, 0xcc, 0xd3, 0x23, 0xe1, 0xb7, 0x50, 0x63, 0xc4, 0x59, 0x12, 0xeb, 0x2a,
0xb5, 0x07, 0xaf, 0x1a, 0x48, 0xe3, 0x33, 0x65, 0x24, 0xb9, 0x0f, 0xbf, 0x8b, 0xd6, 0x52, 0xe0,
0x22, 0x64, 0x91, 0x5d, 0xd7, 0xb0, 0x75, 0x03, 0x5b, 0x3b, 0xcc, 0xcd, 0x64, 0xe1, 0xc7, 0xef,
0xa1, 0x16, 0x37, 0x89, 0xdb, 0x0d, 0x8d, 0xbd, 0x64, 0xb0, 0xad, 0xc5, 0x86, 0xc8, 0x12, 0x81,
0x3f, 0x42, 0x1d, 0x91, 0xf8, 0x4b, 0x42, 0x53, 0x13, 0x2e, 0x1b, 0x42, 0xe7, 0xa0, 0x70, 0x91,
0xc7, 0x71, 0x6a, 0x5b, 0x6a, 0x8f, 0xf6, 0xda, 0xd9, 0x6d, 0xa9, 0x12, 0x10, 0xed, 0xe9, 0xff,
0x59, 0x45, 0x1b, 0x07, 0x30, 0xbd, 0xff, 0x62, 0x7a, 0xfa, 0xde, 0x99, 0x9e, 0xde, 0x5d, 0xdd,
0x79, 0xe5, 0x59, 0xbe, 0xb0, 0xbe, 0xfe, 0xa5, 0x8a, 0xae, 0xad, 0xc8, 0x09, 0x1f, 0x21, 0xcc,
0xcf, 0x75, 0xa6, 0xa9, 0xa3, 0xb7, 0x32, 0x97, 0xf3, 0x0d, 0x3d, 0x78, 0x23, 0x9b, 0x77, 0x4b,
0x1a, 0x9d, 0x94, 0x84, 0xc0, 0x3f, 0x5a, 0xe8, 0x4a, 0x54, 0xf6, 0xc7, 0x99, 0x32, 0xef, 0xac,
0x0c, 0x5e, 0xfa, 0xaf, 0x0e, 0xae, 0x66, 0xf3, 0x6e, 0xf9, 0x6f, 0x4c, 0xca, 0x63, 0xf5, 0x7f,
0xab, 0xa2, 0xcb, 0x2f, 0x2f, 0xca, 0x67, 0x69, 0xa8, 0xbf, 0xeb, 0x68, 0xe3, 0x65, 0x33, 0x5d,
0x34, 0x2a, 0x12, 0x01, 0xdc, 0xdc, 0xbd, 0xcb, 0xc3, 0xb9, 0x2b, 0x80, 0x13, 0xed, 0xc1, 0x7d,
0xd4, 0xd4, 0x57, 0xb0, 0xb0, 0xeb, 0x7a, 0x90, 0x23, 0x55, 0x60, 0x7d, 0x37, 0x0b, 0x62, 0x3c,
0x78, 0x88, 0x1a, 0xa0, 0x26, 0xbf, 0xdd, 0xe8, 0xd5, 0xb6, 0x3a, 0x3b, 0x9f, 0x3e, 0x4f, 0x67,
0xb8, 0xfa, 0xed, 0xb0, 0x1f, 0x49, 0x7e, 0x5c, 0xcc, 0x00, 0x6d, 0x23, 0xb9, 0x38, 0x7e, 0x13,
0xd5, 0x92, 0x70, 0x68, 0xae, 0xe8, 0x8e, 0x81, 0xd4, 0xee, 0xde, 0xbe, 0x45, 0x94, 0x7d, 0x93,
0x9a, 0xe7, 0x87, 0x96, 0xc0, 0x97, 0x50, 0x6d, 0x02, 0xc7, 0xf9, 0x88, 0x22, 0xea, 0x13, 0x7f,
0x82, 0x1a, 0xa9, 0x7a, 0x99, 0x98, 0xfa, 0xbe, 0xb3, 0x32, 0xc9, 0xe2, 0x21, 0x43, 0x72, 0xd6,
0xcd, 0xea, 0xae, 0xd5, 0xff, 0xdd, 0x42, 0x57, 0x2f, 0x6c, 0x3f, 0x35, 0xa3, 0xe8, 0x74, 0xca,
0x8e, 0x60, 0xa8, 0xc3, 0xb6, 0x8a, 0x19, 0xb5, 0x97, 0x9b, 0xc9, 0xc2, 0x8f, 0xdf, 0x46, 0x4d,
0x0e, 0x54, 0xb0, 0xc8, 0xcc, 0xc5, 0x65, 0xe7, 0x12, 0x6d, 0x25, 0xc6, 0x8b, 0xf7, 0xd0, 0x3a,
0xa8, 0xf0, 0x3a, 0xaf, 0x7d, 0xce, 0xd9, 0xe2, 0xa4, 0x36, 0x0c, 0x61, 0x7d, 0xff, 0xac, 0x9b,
0x3c, 0x89, 0x1f, 0x6c, 0x9d, 0x9c, 0x3a, 0x95, 0x87, 0xa7, 0x4e, 0xe5, 0xd1, 0xa9, 0x53, 0x79,
0x90, 0x39, 0xd6, 0x49, 0xe6, 0x58, 0x0f, 0x33, 0xc7, 0x7a, 0x94, 0x39, 0xd6, 0xbf, 0x99, 0x63,
0xfd, 0xf4, 0x9f, 0x53, 0xb9, 0x57, 0x4d, 0xb7, 0xff, 0x0f, 0x00, 0x00, 0xff, 0xff, 0xc6, 0xa7,
0x62, 0xf1, 0x26, 0x0b, 0x00, 0x00,
}

4
staging/src/k8s.io/api/authorization/v1/generated.proto
View File

@ -163,6 +163,10 @@ message SubjectAccessReviewSpec {
// it needs a reflection here.
// +optional
map<string, ExtraValue> extra = 5;
// UID information about the requesting user.
// +optional
optional string uid = 6;
}
// SubjectAccessReviewStatus

156
staging/src/k8s.io/api/authorization/v1/types.generated.go
View File

@ -2017,7 +2017,7 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
} else {
yysep2 := !z.EncBinary()
yy2arr2 := z.EncBasicHandle().StructToArray
var yyq2 [5]bool
var yyq2 [6]bool
_, _, _ = yysep2, yyq2, yy2arr2
const yyr2 bool = false
yyq2[0] = x.ResourceAttributes != nil
@ -2025,9 +2025,10 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
yyq2[2] = x.User != ""
yyq2[3] = len(x.Groups) != 0
yyq2[4] = len(x.Extra) != 0
yyq2[5] = x.UID != ""
var yynn2 int
if yyr2 || yy2arr2 {
r.EncodeArrayStart(5)
r.EncodeArrayStart(6)
} else {
yynn2 = 0
for _, b := range yyq2 {
@ -2175,6 +2176,31 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
}
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[5] {
yym19 := z.EncBinary()
_ = yym19
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.UID))
}
} else {
r.EncodeString(codecSelferC_UTF81234, "")
}
} else {
if yyq2[5] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("uid"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yym20 := z.EncBinary()
_ = yym20
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.UID))
}
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
} else {
@ -2294,6 +2320,18 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromMap(l int, d *codec1978.Dec
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv10), d)
}
}
case "uid":
if r.TryDecodeAsNil() {
x.UID = ""
} else {
yyv12 := &x.UID
yym13 := z.DecBinary()
_ = yym13
if false {
} else {
*((*string)(yyv12)) = r.DecodeString()
}
}
default:
z.DecStructFieldNotFound(-1, yys3)
} // end switch yys3
@ -2305,16 +2343,16 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
var yyj12 int
var yyb12 bool
var yyhl12 bool = l >= 0
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
var yyj14 int
var yyb14 bool
var yyhl14 bool = l >= 0
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2329,13 +2367,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
}
x.ResourceAttributes.CodecDecodeSelf(d)
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2350,13 +2388,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
}
x.NonResourceAttributes.CodecDecodeSelf(d)
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2364,21 +2402,21 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.User = ""
} else {
yyv15 := &x.User
yym16 := z.DecBinary()
_ = yym16
yyv17 := &x.User
yym18 := z.DecBinary()
_ = yym18
if false {
} else {
*((*string)(yyv15)) = r.DecodeString()
*((*string)(yyv17)) = r.DecodeString()
}
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2386,21 +2424,21 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.Groups = nil
} else {
yyv17 := &x.Groups
yym18 := z.DecBinary()
_ = yym18
yyv19 := &x.Groups
yym20 := z.DecBinary()
_ = yym20
if false {
} else {
z.F.DecSliceStringX(yyv17, false, d)
z.F.DecSliceStringX(yyv19, false, d)
}
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2408,26 +2446,48 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.Extra = nil
} else {
yyv19 := &x.Extra
yym20 := z.DecBinary()
_ = yym20
yyv21 := &x.Extra
yym22 := z.DecBinary()
_ = yym22
if false {
} else {
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv19), d)
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv21), d)
}
}
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb14 = r.CheckBreak()
}
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
if r.TryDecodeAsNil() {
x.UID = ""
} else {
yyv23 := &x.UID
yym24 := z.DecBinary()
_ = yym24
if false {
} else {
*((*string)(yyv23)) = r.DecodeString()
}
}
for {
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
break
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
z.DecStructFieldNotFound(yyj12-1, "")
z.DecStructFieldNotFound(yyj14-1, "")
}
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}

3
staging/src/k8s.io/api/authorization/v1/types.go
View File

@ -142,6 +142,9 @@ type SubjectAccessReviewSpec struct {
// it needs a reflection here.
// +optional
Extra map[string]ExtraValue `json:"extra,omitempty" protobuf:"bytes,5,rep,name=extra"`
// UID information about the requesting user.
// +optional
UID string `json:"uid,omitempty" protobuf:"bytes,6,opt,name=uid"`
}
// ExtraValue masks the value so protobuf can generate

1
staging/src/k8s.io/api/authorization/v1/types_swagger_doc_generated.go
View File

@ -99,6 +99,7 @@ var map_SubjectAccessReviewSpec = map[string]string{
"user": "User is the user you're testing for. If you specify \"User\" but not \"Groups\", then is it interpreted as \"What if User were not a member of any groups",
"groups": "Groups is the groups you're testing for.",
"extra": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.",
"uid": "UID information about the requesting user.",
}
func (SubjectAccessReviewSpec) SwaggerDoc() map[string]string {

151
staging/src/k8s.io/api/authorization/v1beta1/generated.pb.go
View File

@ -466,6 +466,10 @@ func (m *SubjectAccessReviewSpec) MarshalTo(dAtA []byte) (int, error) {
i += n14
}
}
dAtA[i] = 0x32
i++
i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
i += copy(dAtA[i:], m.UID)
return i, nil
}
@ -650,6 +654,8 @@ func (m *SubjectAccessReviewSpec) Size() (n int) {
n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
}
}
l = len(m.UID)
n += 1 + l + sovGenerated(uint64(l))
return n
}
@ -771,6 +777,7 @@ func (this *SubjectAccessReviewSpec) String() string {
`User:` + fmt.Sprintf("%v", this.User) + `,`,
`Groups:` + fmt.Sprintf("%v", this.Groups) + `,`,
`Extra:` + mapStringForExtra + `,`,
`UID:` + fmt.Sprintf("%v", this.UID) + `,`,
`}`,
}, "")
return s
@ -2045,6 +2052,35 @@ func (m *SubjectAccessReviewSpec) Unmarshal(dAtA []byte) error {
m.Extra[mapkey] = mapvalue
}
iNdEx = postIndex
case 6:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field UID", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGenerated
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= (uint64(b) & 0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGenerated
}
postIndex := iNdEx + intStringLen
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.UID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGenerated(dAtA[iNdEx:])
@ -2304,61 +2340,62 @@ func init() {
}
var fileDescriptorGenerated = []byte{
// 887 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x56, 0x41, 0x6f, 0xdc, 0x44,
0x14, 0x5e, 0x6f, 0xd6, 0xc9, 0xee, 0x04, 0x48, 0x99, 0xaa, 0xc4, 0x0d, 0x92, 0x77, 0xb5, 0x48,
0x28, 0x48, 0xad, 0x4d, 0x4a, 0xa1, 0xa5, 0x88, 0x43, 0x2c, 0x22, 0x54, 0x09, 0x0a, 0x9a, 0x88,
0x1c, 0xe8, 0x01, 0xc6, 0xce, 0xcb, 0xae, 0xd9, 0x5d, 0x8f, 0x35, 0x33, 0x76, 0x09, 0xe2, 0xd0,
0x23, 0x47, 0x8e, 0x1c, 0x39, 0x71, 0xe7, 0xd8, 0x0b, 0x12, 0xb7, 0x1c, 0x7b, 0xec, 0x01, 0xad,
0x88, 0xf9, 0x23, 0x68, 0xc6, 0xb3, 0xeb, 0xa6, 0xeb, 0x74, 0xab, 0x5c, 0x7a, 0xe9, 0xcd, 0xf3,
0xde, 0xf7, 0xbd, 0xf7, 0xe6, 0xcd, 0xe7, 0x79, 0x83, 0xee, 0x8e, 0x6e, 0x0b, 0x2f, 0x66, 0xfe,
0x28, 0x0b, 0x81, 0x27, 0x20, 0x41, 0xf8, 0x39, 0x24, 0x87, 0x8c, 0xfb, 0xc6, 0x41, 0xd3, 0xd8,
0xa7, 0x99, 0x1c, 0x32, 0x1e, 0xff, 0x44, 0x65, 0xcc, 0x12, 0x3f, 0xdf, 0x09, 0x41, 0xd2, 0x1d,
0x7f, 0x00, 0x09, 0x70, 0x2a, 0xe1, 0xd0, 0x4b, 0x39, 0x93, 0x0c, 0xf7, 0x4a, 0x86, 0x47, 0xd3,
0xd8, 0x3b, 0xc3, 0xf0, 0x0c, 0x63, 0xeb, 0xfa, 0x20, 0x96, 0xc3, 0x2c, 0xf4, 0x22, 0x36, 0xf1,
0x07, 0x6c, 0xc0, 0x7c, 0x4d, 0x0c, 0xb3, 0x23, 0xbd, 0xd2, 0x0b, 0xfd, 0x55, 0x06, 0xdc, 0xba,
0x59, 0x95, 0x30, 0xa1, 0xd1, 0x30, 0x4e, 0x80, 0x1f, 0xfb, 0xe9, 0x68, 0xa0, 0x0c, 0xc2, 0x9f,
0x80, 0xa4, 0x7e, 0xbe, 0x50, 0xc6, 0x96, 0x7f, 0x1e, 0x8b, 0x67, 0x89, 0x8c, 0x27, 0xb0, 0x40,
0xf8, 0x68, 0x19, 0x41, 0x44, 0x43, 0x98, 0xd0, 0x05, 0xde, 0x07, 0xe7, 0xf1, 0x32, 0x19, 0x8f,
0xfd, 0x38, 0x91, 0x42, 0xf2, 0x67, 0x49, 0xfd, 0x5b, 0x08, 0xed, 0xfd, 0x28, 0x39, 0x3d, 0xa0,
0xe3, 0x0c, 0x70, 0x17, 0xd9, 0xb1, 0x84, 0x89, 0x70, 0xac, 0xde, 0xca, 0x76, 0x27, 0xe8, 0x14,
0xd3, 0xae, 0x7d, 0x57, 0x19, 0x48, 0x69, 0xbf, 0xd3, 0xfe, 0xed, 0xf7, 0x6e, 0xe3, 0xe1, 0x3f,
0xbd, 0x46, 0xff, 0xaf, 0x26, 0x72, 0xbe, 0x60, 0x11, 0x1d, 0xef, 0x67, 0xe1, 0x0f, 0x10, 0xc9,
0xdd, 0x28, 0x02, 0x21, 0x08, 0xe4, 0x31, 0x3c, 0xc0, 0xdf, 0xa3, 0xb6, 0x6a, 0xc7, 0x21, 0x95,
0xd4, 0xb1, 0x7a, 0xd6, 0xf6, 0xfa, 0x8d, 0xf7, 0xbd, 0xea, 0x34, 0xe6, 0xd5, 0x79, 0xe9, 0x68,
0xa0, 0x0c, 0xc2, 0x53, 0x68, 0x2f, 0xdf, 0xf1, 0xbe, 0xd2, 0xb1, 0xbe, 0x04, 0x49, 0x03, 0x7c,
0x32, 0xed, 0x36, 0x8a, 0x69, 0x17, 0x55, 0x36, 0x32, 0x8f, 0x8a, 0xef, 0xa3, 0x96, 0x48, 0x21,
0x72, 0x9a, 0x3a, 0xfa, 0xc7, 0xde, 0xb2, 0xb3, 0xf6, 0x6a, 0xca, 0xdc, 0x4f, 0x21, 0x0a, 0x5e,
0x33, 0x69, 0x5a, 0x6a, 0x45, 0x74, 0x50, 0x1c, 0xa1, 0x55, 0x21, 0xa9, 0xcc, 0x84, 0xb3, 0xa2,
0xc3, 0x7f, 0x72, 0xb1, 0xf0, 0x3a, 0x44, 0xf0, 0x86, 0x49, 0xb0, 0x5a, 0xae, 0x89, 0x09, 0xdd,
0xbf, 0x8f, 0xae, 0xdc, 0x63, 0x09, 0x01, 0xc1, 0x32, 0x1e, 0xc1, 0xae, 0x94, 0x3c, 0x0e, 0x33,
0x09, 0x02, 0xf7, 0x50, 0x2b, 0xa5, 0x72, 0xa8, 0x1b, 0xd7, 0xa9, 0xea, 0xfb, 0x9a, 0xca, 0x21,
0xd1, 0x1e, 0x85, 0xc8, 0x81, 0x87, 0x7a, 0xf3, 0x4f, 0x21, 0x0e, 0x80, 0x87, 0x44, 0x7b, 0xd4,
0xe9, 0xe0, 0x9a, 0xd0, 0x3e, 0xea, 0x24, 0x74, 0x02, 0x22, 0xa5, 0x11, 0x98, 0xf8, 0x6f, 0x1a,
0x76, 0xe7, 0xde, 0xcc, 0x41, 0x2a, 0xcc, 0xf2, 0x4c, 0xf8, 0x1d, 0x64, 0x0f, 0x38, 0xcb, 0x52,
0xdd, 0xaa, 0x4e, 0xf0, 0xba, 0x81, 0xd8, 0x9f, 0x2b, 0x23, 0x29, 0x7d, 0xf8, 0x3d, 0xb4, 0x96,
0x03, 0x17, 0x31, 0x4b, 0x9c, 0x96, 0x86, 0x6d, 0x18, 0xd8, 0xda, 0x41, 0x69, 0x26, 0x33, 0x3f,
0xbe, 0x86, 0xda, 0xdc, 0x14, 0xee, 0xd8, 0x1a, 0x7b, 0xc9, 0x60, 0xdb, 0xb3, 0x0d, 0x91, 0x39,
0x02, 0x7f, 0x88, 0xd6, 0x45, 0x16, 0xce, 0x09, 0xab, 0x9a, 0x70, 0xd9, 0x10, 0xd6, 0xf7, 0x2b,
0x17, 0x79, 0x1a, 0xa7, 0xb6, 0xa5, 0xf6, 0xe8, 0xac, 0x9d, 0xdd, 0x96, 0x6a, 0x01, 0xd1, 0x9e,
0xfe, 0xdf, 0x4d, 0xb4, 0xb9, 0x0f, 0xe3, 0xa3, 0x97, 0xa3, 0xee, 0xef, 0xce, 0xa8, 0xfb, 0xd3,
0x17, 0x90, 0x5f, 0x7d, 0xa9, 0x2f, 0x57, 0xe1, 0x7f, 0x34, 0xd1, 0xdb, 0xcf, 0x29, 0x0c, 0xff,
0x8c, 0x30, 0x5f, 0xd0, 0xa8, 0xe9, 0xe8, 0xcd, 0xe5, 0x05, 0x2d, 0xea, 0x3b, 0x78, 0xab, 0x98,
0x76, 0x6b, 0x74, 0x4f, 0x6a, 0xf2, 0xe0, 0x5f, 0x2c, 0x74, 0x25, 0xa9, 0xfb, 0x01, 0x4d, 0xd7,
0x6f, 0x2d, 0xaf, 0xa0, 0xf6, 0xff, 0x0d, 0xae, 0x16, 0xd3, 0x6e, 0xfd, 0xaf, 0x4d, 0xea, 0x13,
0xf6, 0x1f, 0x35, 0xd1, 0xe5, 0x57, 0xd7, 0xe8, 0xc5, 0x44, 0xf6, 0xa8, 0x85, 0x36, 0x5f, 0x09,
0xec, 0xf9, 0x02, 0x53, 0xf7, 0x5d, 0x26, 0x80, 0x9b, 0x3b, 0x7a, 0x7e, 0x56, 0xdf, 0x08, 0xe0,
0x44, 0x7b, 0x70, 0x6f, 0x76, 0x8d, 0xb7, 0xf4, 0xe4, 0x47, 0xaa, 0xd3, 0xfa, 0x0a, 0x17, 0xb3,
0x3b, 0x3c, 0x46, 0x36, 0xa8, 0x97, 0x82, 0x63, 0xf7, 0x56, 0xb6, 0xd7, 0x6f, 0x7c, 0x76, 0x61,
0xad, 0x78, 0xfa, 0xc1, 0xb1, 0x97, 0x48, 0x7e, 0x5c, 0x8d, 0x0b, 0x6d, 0x23, 0x65, 0x86, 0xad,
0x23, 0xf3, 0x28, 0xd1, 0x18, 0x7c, 0x09, 0xad, 0x8c, 0xe0, 0xb8, 0x1c, 0x57, 0x44, 0x7d, 0xe2,
0x00, 0xd9, 0xb9, 0x7a, 0xaf, 0x98, 0x46, 0x5e, 0x5b, 0x5e, 0x4a, 0xf5, 0xc6, 0x21, 0x25, 0xf5,
0x4e, 0xf3, 0xb6, 0xd5, 0xff, 0xd3, 0x42, 0x57, 0xcf, 0x55, 0x9c, 0x1a, 0x5a, 0x74, 0x3c, 0x66,
0x0f, 0xe0, 0x50, 0xe7, 0x6e, 0x57, 0x43, 0x6b, 0xb7, 0x34, 0x93, 0x99, 0x1f, 0xbf, 0x8b, 0x56,
0x39, 0x50, 0xc1, 0x12, 0x33, 0x28, 0xe7, 0x62, 0x25, 0xda, 0x4a, 0x8c, 0x17, 0xef, 0xa2, 0x0d,
0x50, 0xe9, 0x75, 0x71, 0x7b, 0x9c, 0xb3, 0xd9, 0x91, 0x6c, 0x1a, 0xc2, 0xc6, 0xde, 0x59, 0x37,
0x79, 0x16, 0x1f, 0x5c, 0x3f, 0x39, 0x75, 0x1b, 0x8f, 0x4f, 0xdd, 0xc6, 0x93, 0x53, 0xb7, 0xf1,
0xb0, 0x70, 0xad, 0x93, 0xc2, 0xb5, 0x1e, 0x17, 0xae, 0xf5, 0xa4, 0x70, 0xad, 0x7f, 0x0b, 0xd7,
0xfa, 0xf5, 0x3f, 0xb7, 0xf1, 0xed, 0x9a, 0xd9, 0xf8, 0xff, 0x01, 0x00, 0x00, 0xff, 0xff, 0x19,
0x63, 0x57, 0xc9, 0x50, 0x0b, 0x00, 0x00,
// 905 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x56, 0xcf, 0x6f, 0x1b, 0xc5,
0x17, 0xf7, 0xfa, 0x47, 0x62, 0x8f, 0xbf, 0x5f, 0x52, 0xa6, 0x2a, 0xd9, 0x06, 0xb1, 0xb6, 0x8c,
0x84, 0x82, 0xd4, 0xee, 0x92, 0x52, 0x68, 0x29, 0xe2, 0x90, 0x55, 0x23, 0x14, 0x09, 0x0a, 0x9a,
0xa8, 0x39, 0xd0, 0x03, 0xcc, 0xae, 0x5f, 0xec, 0xc5, 0xf6, 0xce, 0x6a, 0x66, 0xd6, 0x25, 0x88,
0x43, 0x8f, 0x1c, 0x39, 0x72, 0xe4, 0xc4, 0x9d, 0x23, 0x17, 0x24, 0x6e, 0x39, 0xf6, 0x98, 0x03,
0xb2, 0xc8, 0xf2, 0x8f, 0xa0, 0x99, 0x1d, 0x7b, 0x9b, 0x7a, 0x53, 0xa3, 0x5c, 0x7a, 0xe9, 0x6d,
0xe7, 0xbd, 0xcf, 0xe7, 0xbd, 0x37, 0x6f, 0x3e, 0xfb, 0x66, 0xd0, 0xfe, 0xe8, 0xae, 0x70, 0x23,
0xe6, 0x8d, 0xd2, 0x00, 0x78, 0x0c, 0x12, 0x84, 0x37, 0x85, 0xb8, 0xcf, 0xb8, 0x67, 0x1c, 0x34,
0x89, 0x3c, 0x9a, 0xca, 0x21, 0xe3, 0xd1, 0xf7, 0x54, 0x46, 0x2c, 0xf6, 0xa6, 0x3b, 0x01, 0x48,
0xba, 0xe3, 0x0d, 0x20, 0x06, 0x4e, 0x25, 0xf4, 0xdd, 0x84, 0x33, 0xc9, 0x70, 0x37, 0x67, 0xb8,
0x34, 0x89, 0xdc, 0x73, 0x0c, 0xd7, 0x30, 0xb6, 0x6e, 0x0e, 0x22, 0x39, 0x4c, 0x03, 0x37, 0x64,
0x13, 0x6f, 0xc0, 0x06, 0xcc, 0xd3, 0xc4, 0x20, 0x3d, 0xd2, 0x2b, 0xbd, 0xd0, 0x5f, 0x79, 0xc0,
0xad, 0xdb, 0x45, 0x09, 0x13, 0x1a, 0x0e, 0xa3, 0x18, 0xf8, 0xb1, 0x97, 0x8c, 0x06, 0xca, 0x20,
0xbc, 0x09, 0x48, 0xea, 0x4d, 0x97, 0xca, 0xd8, 0xf2, 0x2e, 0x62, 0xf1, 0x34, 0x96, 0xd1, 0x04,
0x96, 0x08, 0x1f, 0xae, 0x22, 0x88, 0x70, 0x08, 0x13, 0xba, 0xc4, 0x7b, 0xff, 0x22, 0x5e, 0x2a,
0xa3, 0xb1, 0x17, 0xc5, 0x52, 0x48, 0xfe, 0x3c, 0xa9, 0x77, 0x07, 0xa1, 0xbd, 0xef, 0x24, 0xa7,
0x87, 0x74, 0x9c, 0x02, 0xee, 0xa0, 0x46, 0x24, 0x61, 0x22, 0x6c, 0xab, 0x5b, 0xdb, 0x6e, 0xf9,
0xad, 0x6c, 0xd6, 0x69, 0xec, 0x2b, 0x03, 0xc9, 0xed, 0xf7, 0x9a, 0x3f, 0xff, 0xd2, 0xa9, 0x3c,
0xf9, 0xab, 0x5b, 0xe9, 0xfd, 0x51, 0x45, 0xf6, 0x67, 0x2c, 0xa4, 0xe3, 0x83, 0x34, 0xf8, 0x16,
0x42, 0xb9, 0x1b, 0x86, 0x20, 0x04, 0x81, 0x69, 0x04, 0x8f, 0xf1, 0x37, 0xa8, 0xa9, 0xda, 0xd1,
0xa7, 0x92, 0xda, 0x56, 0xd7, 0xda, 0x6e, 0xdf, 0x7a, 0xcf, 0x2d, 0x4e, 0x63, 0x51, 0x9d, 0x9b,
0x8c, 0x06, 0xca, 0x20, 0x5c, 0x85, 0x76, 0xa7, 0x3b, 0xee, 0x17, 0x3a, 0xd6, 0xe7, 0x20, 0xa9,
0x8f, 0x4f, 0x66, 0x9d, 0x4a, 0x36, 0xeb, 0xa0, 0xc2, 0x46, 0x16, 0x51, 0xf1, 0x23, 0x54, 0x17,
0x09, 0x84, 0x76, 0x55, 0x47, 0xff, 0xc8, 0x5d, 0x75, 0xd6, 0x6e, 0x49, 0x99, 0x07, 0x09, 0x84,
0xfe, 0xff, 0x4c, 0x9a, 0xba, 0x5a, 0x11, 0x1d, 0x14, 0x87, 0x68, 0x4d, 0x48, 0x2a, 0x53, 0x61,
0xd7, 0x74, 0xf8, 0x8f, 0x2f, 0x17, 0x5e, 0x87, 0xf0, 0x5f, 0x33, 0x09, 0xd6, 0xf2, 0x35, 0x31,
0xa1, 0x7b, 0x8f, 0xd0, 0xb5, 0x07, 0x2c, 0x26, 0x20, 0x58, 0xca, 0x43, 0xd8, 0x95, 0x92, 0x47,
0x41, 0x2a, 0x41, 0xe0, 0x2e, 0xaa, 0x27, 0x54, 0x0e, 0x75, 0xe3, 0x5a, 0x45, 0x7d, 0x5f, 0x52,
0x39, 0x24, 0xda, 0xa3, 0x10, 0x53, 0xe0, 0x81, 0xde, 0xfc, 0x33, 0x88, 0x43, 0xe0, 0x01, 0xd1,
0x1e, 0x75, 0x3a, 0xb8, 0x24, 0xb4, 0x87, 0x5a, 0x31, 0x9d, 0x80, 0x48, 0x68, 0x08, 0x26, 0xfe,
0xeb, 0x86, 0xdd, 0x7a, 0x30, 0x77, 0x90, 0x02, 0xb3, 0x3a, 0x13, 0x7e, 0x1b, 0x35, 0x06, 0x9c,
0xa5, 0x89, 0x6e, 0x55, 0xcb, 0xff, 0xbf, 0x81, 0x34, 0x3e, 0x55, 0x46, 0x92, 0xfb, 0xf0, 0xbb,
0x68, 0x7d, 0x0a, 0x5c, 0x44, 0x2c, 0xb6, 0xeb, 0x1a, 0xb6, 0x61, 0x60, 0xeb, 0x87, 0xb9, 0x99,
0xcc, 0xfd, 0xf8, 0x06, 0x6a, 0x72, 0x53, 0xb8, 0xdd, 0xd0, 0xd8, 0x2b, 0x06, 0xdb, 0x9c, 0x6f,
0x88, 0x2c, 0x10, 0xf8, 0x03, 0xd4, 0x16, 0x69, 0xb0, 0x20, 0xac, 0x69, 0xc2, 0x55, 0x43, 0x68,
0x1f, 0x14, 0x2e, 0xf2, 0x2c, 0x4e, 0x6d, 0x4b, 0xed, 0xd1, 0x5e, 0x3f, 0xbf, 0x2d, 0xd5, 0x02,
0xa2, 0x3d, 0xbd, 0x3f, 0xab, 0x68, 0xf3, 0x00, 0xc6, 0x47, 0x2f, 0x47, 0xdd, 0x5f, 0x9f, 0x53,
0xf7, 0x27, 0xff, 0x41, 0x7e, 0xe5, 0xa5, 0xbe, 0x5c, 0x85, 0xff, 0x5a, 0x45, 0x6f, 0xbe, 0xa0,
0x30, 0xfc, 0x03, 0xc2, 0x7c, 0x49, 0xa3, 0xa6, 0xa3, 0xb7, 0x57, 0x17, 0xb4, 0xac, 0x6f, 0xff,
0x8d, 0x6c, 0xd6, 0x29, 0xd1, 0x3d, 0x29, 0xc9, 0x83, 0x7f, 0xb4, 0xd0, 0xb5, 0xb8, 0xec, 0x07,
0x34, 0x5d, 0xbf, 0xb3, 0xba, 0x82, 0xd2, 0xff, 0xd7, 0xbf, 0x9e, 0xcd, 0x3a, 0xe5, 0xbf, 0x36,
0x29, 0x4f, 0xd8, 0xfb, 0xbd, 0x8a, 0xae, 0xbe, 0x1a, 0xa3, 0x97, 0x13, 0xd9, 0x69, 0x1d, 0x6d,
0xbe, 0x12, 0xd8, 0x8b, 0x05, 0xa6, 0xe6, 0x5d, 0x2a, 0x80, 0x9b, 0x19, 0xbd, 0x38, 0xab, 0x87,
0x02, 0x38, 0xd1, 0x1e, 0xdc, 0x9d, 0x8f, 0xf1, 0xba, 0xbe, 0xf9, 0x91, 0xea, 0xb4, 0x1e, 0xe1,
0x62, 0x3e, 0xc3, 0x23, 0xd4, 0x00, 0xf5, 0x52, 0xb0, 0x1b, 0xdd, 0xda, 0x76, 0xfb, 0xd6, 0xfd,
0x4b, 0x6b, 0xc5, 0xd5, 0x0f, 0x8e, 0xbd, 0x58, 0xf2, 0xe3, 0xe2, 0xba, 0xd0, 0x36, 0x92, 0x67,
0xc0, 0x6f, 0xa1, 0x5a, 0x1a, 0xf5, 0xcd, 0x34, 0x6f, 0x1b, 0x48, 0xed, 0xe1, 0xfe, 0x7d, 0xa2,
0xec, 0x5b, 0x47, 0xe6, 0xcd, 0xa2, 0x43, 0xe0, 0x2b, 0xa8, 0x36, 0x82, 0xe3, 0xfc, 0x36, 0x23,
0xea, 0x13, 0xfb, 0xa8, 0x31, 0x55, 0xcf, 0x19, 0xd3, 0xe7, 0x1b, 0xab, 0x2b, 0x2d, 0x9e, 0x40,
0x24, 0xa7, 0xde, 0xab, 0xde, 0xb5, 0x7a, 0xbf, 0x59, 0xe8, 0xfa, 0x85, 0x82, 0x54, 0x77, 0x1a,
0x1d, 0x8f, 0xd9, 0x63, 0xe8, 0xeb, 0xdc, 0xcd, 0xe2, 0x4e, 0xdb, 0xcd, 0xcd, 0x64, 0xee, 0xc7,
0xef, 0xa0, 0x35, 0x0e, 0x54, 0xb0, 0xd8, 0xdc, 0xa3, 0x0b, 0x2d, 0x13, 0x6d, 0x25, 0xc6, 0x8b,
0x77, 0xd1, 0x06, 0xa8, 0xf4, 0xba, 0xb8, 0x3d, 0xce, 0xd9, 0xfc, 0xc4, 0x36, 0x0d, 0x61, 0x63,
0xef, 0xbc, 0x9b, 0x3c, 0x8f, 0xf7, 0x6f, 0x9e, 0x9c, 0x39, 0x95, 0xa7, 0x67, 0x4e, 0xe5, 0xf4,
0xcc, 0xa9, 0x3c, 0xc9, 0x1c, 0xeb, 0x24, 0x73, 0xac, 0xa7, 0x99, 0x63, 0x9d, 0x66, 0x8e, 0xf5,
0x77, 0xe6, 0x58, 0x3f, 0xfd, 0xe3, 0x54, 0xbe, 0x5a, 0x37, 0x1b, 0xff, 0x37, 0x00, 0x00, 0xff,
0xff, 0x9e, 0xae, 0x9a, 0x67, 0x6f, 0x0b, 0x00, 0x00,
}

4
staging/src/k8s.io/api/authorization/v1beta1/generated.proto
View File

@ -163,6 +163,10 @@ message SubjectAccessReviewSpec {
// it needs a reflection here.
// +optional
map<string, ExtraValue> extra = 5;
// UID information about the requesting user.
// +optional
optional string uid = 6;
}
// SubjectAccessReviewStatus

156
staging/src/k8s.io/api/authorization/v1beta1/types.generated.go
View File

@ -2017,7 +2017,7 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
} else {
yysep2 := !z.EncBinary()
yy2arr2 := z.EncBasicHandle().StructToArray
var yyq2 [5]bool
var yyq2 [6]bool
_, _, _ = yysep2, yyq2, yy2arr2
const yyr2 bool = false
yyq2[0] = x.ResourceAttributes != nil
@ -2025,9 +2025,10 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
yyq2[2] = x.User != ""
yyq2[3] = len(x.Groups) != 0
yyq2[4] = len(x.Extra) != 0
yyq2[5] = x.UID != ""
var yynn2 int
if yyr2 || yy2arr2 {
r.EncodeArrayStart(5)
r.EncodeArrayStart(6)
} else {
yynn2 = 0
for _, b := range yyq2 {
@ -2175,6 +2176,31 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
}
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[5] {
yym19 := z.EncBinary()
_ = yym19
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.UID))
}
} else {
r.EncodeString(codecSelferC_UTF81234, "")
}
} else {
if yyq2[5] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("uid"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yym20 := z.EncBinary()
_ = yym20
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.UID))
}
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
} else {
@ -2294,6 +2320,18 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromMap(l int, d *codec1978.Dec
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv10), d)
}
}
case "uid":
if r.TryDecodeAsNil() {
x.UID = ""
} else {
yyv12 := &x.UID
yym13 := z.DecBinary()
_ = yym13
if false {
} else {
*((*string)(yyv12)) = r.DecodeString()
}
}
default:
z.DecStructFieldNotFound(-1, yys3)
} // end switch yys3
@ -2305,16 +2343,16 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
var yyj12 int
var yyb12 bool
var yyhl12 bool = l >= 0
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
var yyj14 int
var yyb14 bool
var yyhl14 bool = l >= 0
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2329,13 +2367,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
}
x.ResourceAttributes.CodecDecodeSelf(d)
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2350,13 +2388,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
}
x.NonResourceAttributes.CodecDecodeSelf(d)
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2364,21 +2402,21 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.User = ""
} else {
yyv15 := &x.User
yym16 := z.DecBinary()
_ = yym16
yyv17 := &x.User
yym18 := z.DecBinary()
_ = yym18
if false {
} else {
*((*string)(yyv15)) = r.DecodeString()
*((*string)(yyv17)) = r.DecodeString()
}
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2386,21 +2424,21 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.Groups = nil
} else {
yyv17 := &x.Groups
yym18 := z.DecBinary()
_ = yym18
yyv19 := &x.Groups
yym20 := z.DecBinary()
_ = yym20
if false {
} else {
z.F.DecSliceStringX(yyv17, false, d)
z.F.DecSliceStringX(yyv19, false, d)
}
}
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -2408,26 +2446,48 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
if r.TryDecodeAsNil() {
x.Extra = nil
} else {
yyv19 := &x.Extra
yym20 := z.DecBinary()
_ = yym20
yyv21 := &x.Extra
yym22 := z.DecBinary()
_ = yym22
if false {
} else {
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv19), d)
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv21), d)
}
}
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb14 = r.CheckBreak()
}
if yyb14 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
if r.TryDecodeAsNil() {
x.UID = ""
} else {
yyv23 := &x.UID
yym24 := z.DecBinary()
_ = yym24
if false {
} else {
*((*string)(yyv23)) = r.DecodeString()
}
}
for {
yyj12++
if yyhl12 {
yyb12 = yyj12 > l
yyj14++
if yyhl14 {
yyb14 = yyj14 > l
} else {
yyb12 = r.CheckBreak()
yyb14 = r.CheckBreak()
}
if yyb12 {
if yyb14 {
break
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
z.DecStructFieldNotFound(yyj12-1, "")
z.DecStructFieldNotFound(yyj14-1, "")
}
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}

3
staging/src/k8s.io/api/authorization/v1beta1/types.go
View File

@ -142,6 +142,9 @@ type SubjectAccessReviewSpec struct {
// it needs a reflection here.
// +optional
Extra map[string]ExtraValue `json:"extra,omitempty" protobuf:"bytes,5,rep,name=extra"`
// UID information about the requesting user.
// +optional
UID string `json:"uid,omitempty" protobuf:"bytes,6,opt,name=uid"`
}
// ExtraValue masks the value so protobuf can generate

1
staging/src/k8s.io/api/authorization/v1beta1/types_swagger_doc_generated.go
View File

@ -99,6 +99,7 @@ var map_SubjectAccessReviewSpec = map[string]string{
"user": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups",
"group": "Groups is the groups you're testing for.",
"extra": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.",
"uid": "UID information about the requesting user.",
}
func (SubjectAccessReviewSpec) SwaggerDoc() map[string]string {

1
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook.go
View File

@ -144,6 +144,7 @@ func (w *WebhookAuthorizer) Authorize(attr authorizer.Attributes) (authorized bo
if user := attr.GetUser(); user != nil {
r.Spec = authorization.SubjectAccessReviewSpec{
User: user.GetName(),
UID: user.GetUID(),
Groups: user.GetGroups(),
Extra: convertToSARExtra(user.GetExtra()),
}

1
staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/webhook_test.go
View File

@ -505,6 +505,7 @@ func TestWebhook(t *testing.T) {
TypeMeta: expTypeMeta,
Spec: v1beta1.SubjectAccessReviewSpec{
User: "jane",
UID: "1",
Groups: []string{"group1", "group2"},
ResourceAttributes: &v1beta1.ResourceAttributes{
Verb: "GET",