mirror of https://github.com/k3s-io/k3s
add user.Info.GetExtra
deads2k
parent
96586e7c60
commit
b4ebfd47c5
|
|
@ -147,6 +147,19 @@ func DeepCopy_authorization_SubjectAccessReviewSpec(in SubjectAccessReviewSpec,
|
|||
} else {
|
||||
out.Groups = nil
|
||||
}
|
||||
if in.Extra != nil {
|
||||
in, out := in.Extra, &out.Extra
|
||||
*out = make(map[string][]string)
|
||||
for key, val := range in {
|
||||
if newVal, err := c.DeepCopy(val); err != nil {
|
||||
return err
|
||||
} else {
|
||||
(*out)[key] = newVal.([]string)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Extra = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1551,14 +1551,14 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
|
|||
} else {
|
||||
yysep2 := !z.EncBinary()
|
||||
yy2arr2 := z.EncBasicHandle().StructToArray
|
||||
var yyq2 [4]bool
|
||||
var yyq2 [5]bool
|
||||
_, _, _ = yysep2, yyq2, yy2arr2
|
||||
const yyr2 bool = false
|
||||
var yynn2 int
|
||||
if yyr2 || yy2arr2 {
|
||||
r.EncodeArrayStart(4)
|
||||
r.EncodeArrayStart(5)
|
||||
} else {
|
||||
yynn2 = 4
|
||||
yynn2 = 5
|
||||
for _, b := range yyq2 {
|
||||
if b {
|
||||
yynn2++
|
||||
|
|
@ -1647,6 +1647,33 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
|
|||
}
|
||||
}
|
||||
}
|
||||
if yyr2 || yy2arr2 {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
if x.Extra == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym16 := z.EncBinary()
|
||||
_ = yym16
|
||||
if false {
|
||||
} else {
|
||||
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
z.EncSendContainerState(codecSelfer_containerMapKey1234)
|
||||
r.EncodeString(codecSelferC_UTF81234, string("Extra"))
|
||||
z.EncSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if x.Extra == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym17 := z.EncBinary()
|
||||
_ = yym17
|
||||
if false {
|
||||
} else {
|
||||
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
|
||||
}
|
||||
}
|
||||
}
|
||||
if yyr2 || yy2arr2 {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
} else {
|
||||
|
|
@ -1748,6 +1775,18 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromMap(l int, d *codec1978.Dec
|
|||
z.F.DecSliceStringX(yyv7, false, d)
|
||||
}
|
||||
}
|
||||
case "Extra":
|
||||
if r.TryDecodeAsNil() {
|
||||
x.Extra = nil
|
||||
} else {
|
||||
yyv9 := &x.Extra
|
||||
yym10 := z.DecBinary()
|
||||
_ = yym10
|
||||
if false {
|
||||
} else {
|
||||
h.decMapstringSlicestring((*map[string][]string)(yyv9), d)
|
||||
}
|
||||
}
|
||||
default:
|
||||
z.DecStructFieldNotFound(-1, yys3)
|
||||
} // end switch yys3
|
||||
|
|
@ -1759,16 +1798,16 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
var yyj9 int
|
||||
var yyb9 bool
|
||||
var yyhl9 bool = l >= 0
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
var yyj11 int
|
||||
var yyb11 bool
|
||||
var yyhl11 bool = l >= 0
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1783,13 +1822,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
}
|
||||
x.ResourceAttributes.CodecDecodeSelf(d)
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1804,13 +1843,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
}
|
||||
x.NonResourceAttributes.CodecDecodeSelf(d)
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1820,13 +1859,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
} else {
|
||||
x.User = string(r.DecodeString())
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1834,26 +1873,48 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
if r.TryDecodeAsNil() {
|
||||
x.Groups = nil
|
||||
} else {
|
||||
yyv13 := &x.Groups
|
||||
yym14 := z.DecBinary()
|
||||
_ = yym14
|
||||
yyv15 := &x.Groups
|
||||
yym16 := z.DecBinary()
|
||||
_ = yym16
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv13, false, d)
|
||||
z.F.DecSliceStringX(yyv15, false, d)
|
||||
}
|
||||
}
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
x.Extra = nil
|
||||
} else {
|
||||
yyv17 := &x.Extra
|
||||
yym18 := z.DecBinary()
|
||||
_ = yym18
|
||||
if false {
|
||||
} else {
|
||||
h.decMapstringSlicestring((*map[string][]string)(yyv17), d)
|
||||
}
|
||||
}
|
||||
for {
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
break
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
z.DecStructFieldNotFound(yyj9-1, "")
|
||||
z.DecStructFieldNotFound(yyj11-1, "")
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
|
@ -2279,3 +2340,231 @@ func (x *SubjectAccessReviewStatus) codecDecodeSelfFromArray(l int, d *codec1978
|
|||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) encMapstringSlicestring(v map[string][]string, e *codec1978.Encoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperEncoder(e)
|
||||
_, _, _ = h, z, r
|
||||
r.EncodeMapStart(len(v))
|
||||
for yyk1, yyv1 := range v {
|
||||
z.EncSendContainerState(codecSelfer_containerMapKey1234)
|
||||
yym2 := z.EncBinary()
|
||||
_ = yym2
|
||||
if false {
|
||||
} else {
|
||||
r.EncodeString(codecSelferC_UTF81234, string(yyk1))
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if yyv1 == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym3 := z.EncBinary()
|
||||
_ = yym3
|
||||
if false {
|
||||
} else {
|
||||
z.F.EncSliceStringV(yyv1, false, e)
|
||||
}
|
||||
}
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerMapEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) decMapstringSlicestring(v *map[string][]string, d *codec1978.Decoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
|
||||
yyv1 := *v
|
||||
yyl1 := r.ReadMapStart()
|
||||
yybh1 := z.DecBasicHandle()
|
||||
if yyv1 == nil {
|
||||
yyrl1, _ := z.DecInferLen(yyl1, yybh1.MaxInitLen, 40)
|
||||
yyv1 = make(map[string][]string, yyrl1)
|
||||
*v = yyv1
|
||||
}
|
||||
var yymk1 string
|
||||
var yymv1 []string
|
||||
var yymg1 bool
|
||||
if yybh1.MapValueReset {
|
||||
yymg1 = true
|
||||
}
|
||||
if yyl1 > 0 {
|
||||
for yyj1 := 0; yyj1 < yyl1; yyj1++ {
|
||||
z.DecSendContainerState(codecSelfer_containerMapKey1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymk1 = ""
|
||||
} else {
|
||||
yymk1 = string(r.DecodeString())
|
||||
}
|
||||
|
||||
if yymg1 {
|
||||
yymv1 = yyv1[yymk1]
|
||||
} else {
|
||||
yymv1 = nil
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymv1 = nil
|
||||
} else {
|
||||
yyv3 := &yymv1
|
||||
yym4 := z.DecBinary()
|
||||
_ = yym4
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv3, false, d)
|
||||
}
|
||||
}
|
||||
|
||||
if yyv1 != nil {
|
||||
yyv1[yymk1] = yymv1
|
||||
}
|
||||
}
|
||||
} else if yyl1 < 0 {
|
||||
for yyj1 := 0; !r.CheckBreak(); yyj1++ {
|
||||
z.DecSendContainerState(codecSelfer_containerMapKey1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymk1 = ""
|
||||
} else {
|
||||
yymk1 = string(r.DecodeString())
|
||||
}
|
||||
|
||||
if yymg1 {
|
||||
yymv1 = yyv1[yymk1]
|
||||
} else {
|
||||
yymv1 = nil
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymv1 = nil
|
||||
} else {
|
||||
yyv6 := &yymv1
|
||||
yym7 := z.DecBinary()
|
||||
_ = yym7
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv6, false, d)
|
||||
}
|
||||
}
|
||||
|
||||
if yyv1 != nil {
|
||||
yyv1[yymk1] = yymv1
|
||||
}
|
||||
}
|
||||
} // else len==0: TODO: Should we clear map entries?
|
||||
z.DecSendContainerState(codecSelfer_containerMapEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) encSlicestring(v []string, e *codec1978.Encoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperEncoder(e)
|
||||
_, _, _ = h, z, r
|
||||
r.EncodeArrayStart(len(v))
|
||||
for _, yyv1 := range v {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
yym2 := z.EncBinary()
|
||||
_ = yym2
|
||||
if false {
|
||||
} else {
|
||||
r.EncodeString(codecSelferC_UTF81234, string(yyv1))
|
||||
}
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) decSlicestring(v *[]string, d *codec1978.Decoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
|
||||
yyv1 := *v
|
||||
yyh1, yyl1 := z.DecSliceHelperStart()
|
||||
var yyc1 bool
|
||||
_ = yyc1
|
||||
if yyl1 == 0 {
|
||||
if yyv1 == nil {
|
||||
yyv1 = []string{}
|
||||
yyc1 = true
|
||||
} else if len(yyv1) != 0 {
|
||||
yyv1 = yyv1[:0]
|
||||
yyc1 = true
|
||||
}
|
||||
} else if yyl1 > 0 {
|
||||
var yyrr1, yyrl1 int
|
||||
var yyrt1 bool
|
||||
_, _ = yyrl1, yyrt1
|
||||
yyrr1 = yyl1 // len(yyv1)
|
||||
if yyl1 > cap(yyv1) {
|
||||
|
||||
yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 16)
|
||||
if yyrt1 {
|
||||
if yyrl1 <= cap(yyv1) {
|
||||
yyv1 = yyv1[:yyrl1]
|
||||
} else {
|
||||
yyv1 = make([]string, yyrl1)
|
||||
}
|
||||
} else {
|
||||
yyv1 = make([]string, yyrl1)
|
||||
}
|
||||
yyc1 = true
|
||||
yyrr1 = len(yyv1)
|
||||
} else if yyl1 != len(yyv1) {
|
||||
yyv1 = yyv1[:yyl1]
|
||||
yyc1 = true
|
||||
}
|
||||
yyj1 := 0
|
||||
for ; yyj1 < yyrr1; yyj1++ {
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
}
|
||||
if yyrt1 {
|
||||
for ; yyj1 < yyl1; yyj1++ {
|
||||
yyv1 = append(yyv1, "")
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
yyj1 := 0
|
||||
for ; !r.CheckBreak(); yyj1++ {
|
||||
|
||||
if yyj1 >= len(yyv1) {
|
||||
yyv1 = append(yyv1, "") // var yyz1 string
|
||||
yyc1 = true
|
||||
}
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if yyj1 < len(yyv1) {
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
} else {
|
||||
z.DecSwallow()
|
||||
}
|
||||
|
||||
}
|
||||
if yyj1 < len(yyv1) {
|
||||
yyv1 = yyv1[:yyj1]
|
||||
yyc1 = true
|
||||
} else if yyj1 == 0 && yyv1 == nil {
|
||||
yyv1 = []string{}
|
||||
yyc1 = true
|
||||
}
|
||||
}
|
||||
yyh1.End()
|
||||
if yyc1 {
|
||||
*v = yyv1
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -101,6 +101,9 @@ type SubjectAccessReviewSpec struct {
|
|||
User string
|
||||
// Groups is the groups you're testing for.
|
||||
Groups []string
|
||||
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
|
||||
// it needs a reflection here.
|
||||
Extra map[string][]string
|
||||
}
|
||||
|
||||
// SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAttributes
|
||||
|
|
|
|||
|
|
@ -321,6 +321,20 @@ func autoConvert_v1beta1_SubjectAccessReviewSpec_To_authorization_SubjectAccessR
|
|||
} else {
|
||||
out.Groups = nil
|
||||
}
|
||||
if in.Extra != nil {
|
||||
in, out := &in.Extra, &out.Extra
|
||||
*out = make(map[string][]string, len(*in))
|
||||
for key, val := range *in {
|
||||
newVal := new([]string)
|
||||
// TODO: Inefficient conversion - can we improve it?
|
||||
if err := s.Convert(&val, newVal, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[key] = *newVal
|
||||
}
|
||||
} else {
|
||||
out.Extra = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -358,6 +372,20 @@ func autoConvert_authorization_SubjectAccessReviewSpec_To_v1beta1_SubjectAccessR
|
|||
} else {
|
||||
out.Groups = nil
|
||||
}
|
||||
if in.Extra != nil {
|
||||
in, out := &in.Extra, &out.Extra
|
||||
*out = make(map[string][]string, len(*in))
|
||||
for key, val := range *in {
|
||||
newVal := new([]string)
|
||||
// TODO: Inefficient conversion - can we improve it?
|
||||
if err := s.Convert(&val, newVal, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[key] = *newVal
|
||||
}
|
||||
} else {
|
||||
out.Extra = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -147,6 +147,19 @@ func DeepCopy_v1beta1_SubjectAccessReviewSpec(in SubjectAccessReviewSpec, out *S
|
|||
} else {
|
||||
out.Groups = nil
|
||||
}
|
||||
if in.Extra != nil {
|
||||
in, out := in.Extra, &out.Extra
|
||||
*out = make(map[string][]string)
|
||||
for key, val := range in {
|
||||
if newVal, err := c.DeepCopy(val); err != nil {
|
||||
return err
|
||||
} else {
|
||||
(*out)[key] = newVal.([]string)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Extra = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1635,16 +1635,17 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
|
|||
} else {
|
||||
yysep2 := !z.EncBinary()
|
||||
yy2arr2 := z.EncBasicHandle().StructToArray
|
||||
var yyq2 [4]bool
|
||||
var yyq2 [5]bool
|
||||
_, _, _ = yysep2, yyq2, yy2arr2
|
||||
const yyr2 bool = false
|
||||
yyq2[0] = x.ResourceAttributes != nil
|
||||
yyq2[1] = x.NonResourceAttributes != nil
|
||||
yyq2[2] = x.User != ""
|
||||
yyq2[3] = len(x.Groups) != 0
|
||||
yyq2[4] = len(x.Extra) != 0
|
||||
var yynn2 int
|
||||
if yyr2 || yy2arr2 {
|
||||
r.EncodeArrayStart(4)
|
||||
r.EncodeArrayStart(5)
|
||||
} else {
|
||||
yynn2 = 0
|
||||
for _, b := range yyq2 {
|
||||
|
|
@ -1759,6 +1760,39 @@ func (x *SubjectAccessReviewSpec) CodecEncodeSelf(e *codec1978.Encoder) {
|
|||
}
|
||||
}
|
||||
}
|
||||
if yyr2 || yy2arr2 {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
if yyq2[4] {
|
||||
if x.Extra == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym16 := z.EncBinary()
|
||||
_ = yym16
|
||||
if false {
|
||||
} else {
|
||||
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
r.EncodeNil()
|
||||
}
|
||||
} else {
|
||||
if yyq2[4] {
|
||||
z.EncSendContainerState(codecSelfer_containerMapKey1234)
|
||||
r.EncodeString(codecSelferC_UTF81234, string("extra"))
|
||||
z.EncSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if x.Extra == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym17 := z.EncBinary()
|
||||
_ = yym17
|
||||
if false {
|
||||
} else {
|
||||
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if yyr2 || yy2arr2 {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
} else {
|
||||
|
|
@ -1860,6 +1894,18 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromMap(l int, d *codec1978.Dec
|
|||
z.F.DecSliceStringX(yyv7, false, d)
|
||||
}
|
||||
}
|
||||
case "extra":
|
||||
if r.TryDecodeAsNil() {
|
||||
x.Extra = nil
|
||||
} else {
|
||||
yyv9 := &x.Extra
|
||||
yym10 := z.DecBinary()
|
||||
_ = yym10
|
||||
if false {
|
||||
} else {
|
||||
h.decMapstringSlicestring((*map[string][]string)(yyv9), d)
|
||||
}
|
||||
}
|
||||
default:
|
||||
z.DecStructFieldNotFound(-1, yys3)
|
||||
} // end switch yys3
|
||||
|
|
@ -1871,16 +1917,16 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
var yyj9 int
|
||||
var yyb9 bool
|
||||
var yyhl9 bool = l >= 0
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
var yyj11 int
|
||||
var yyb11 bool
|
||||
var yyhl11 bool = l >= 0
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1895,13 +1941,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
}
|
||||
x.ResourceAttributes.CodecDecodeSelf(d)
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1916,13 +1962,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
}
|
||||
x.NonResourceAttributes.CodecDecodeSelf(d)
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1932,13 +1978,13 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
} else {
|
||||
x.User = string(r.DecodeString())
|
||||
}
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
|
|
@ -1946,26 +1992,48 @@ func (x *SubjectAccessReviewSpec) codecDecodeSelfFromArray(l int, d *codec1978.D
|
|||
if r.TryDecodeAsNil() {
|
||||
x.Groups = nil
|
||||
} else {
|
||||
yyv13 := &x.Groups
|
||||
yym14 := z.DecBinary()
|
||||
_ = yym14
|
||||
yyv15 := &x.Groups
|
||||
yym16 := z.DecBinary()
|
||||
_ = yym16
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv13, false, d)
|
||||
z.F.DecSliceStringX(yyv15, false, d)
|
||||
}
|
||||
}
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb11 {
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
return
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
x.Extra = nil
|
||||
} else {
|
||||
yyv17 := &x.Extra
|
||||
yym18 := z.DecBinary()
|
||||
_ = yym18
|
||||
if false {
|
||||
} else {
|
||||
h.decMapstringSlicestring((*map[string][]string)(yyv17), d)
|
||||
}
|
||||
}
|
||||
for {
|
||||
yyj9++
|
||||
if yyhl9 {
|
||||
yyb9 = yyj9 > l
|
||||
yyj11++
|
||||
if yyhl11 {
|
||||
yyb11 = yyj11 > l
|
||||
} else {
|
||||
yyb9 = r.CheckBreak()
|
||||
yyb11 = r.CheckBreak()
|
||||
}
|
||||
if yyb9 {
|
||||
if yyb11 {
|
||||
break
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
z.DecStructFieldNotFound(yyj9-1, "")
|
||||
z.DecStructFieldNotFound(yyj11-1, "")
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
|
@ -2412,3 +2480,231 @@ func (x *SubjectAccessReviewStatus) codecDecodeSelfFromArray(l int, d *codec1978
|
|||
}
|
||||
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) encMapstringSlicestring(v map[string][]string, e *codec1978.Encoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperEncoder(e)
|
||||
_, _, _ = h, z, r
|
||||
r.EncodeMapStart(len(v))
|
||||
for yyk1, yyv1 := range v {
|
||||
z.EncSendContainerState(codecSelfer_containerMapKey1234)
|
||||
yym2 := z.EncBinary()
|
||||
_ = yym2
|
||||
if false {
|
||||
} else {
|
||||
r.EncodeString(codecSelferC_UTF81234, string(yyk1))
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if yyv1 == nil {
|
||||
r.EncodeNil()
|
||||
} else {
|
||||
yym3 := z.EncBinary()
|
||||
_ = yym3
|
||||
if false {
|
||||
} else {
|
||||
z.F.EncSliceStringV(yyv1, false, e)
|
||||
}
|
||||
}
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerMapEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) decMapstringSlicestring(v *map[string][]string, d *codec1978.Decoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
|
||||
yyv1 := *v
|
||||
yyl1 := r.ReadMapStart()
|
||||
yybh1 := z.DecBasicHandle()
|
||||
if yyv1 == nil {
|
||||
yyrl1, _ := z.DecInferLen(yyl1, yybh1.MaxInitLen, 40)
|
||||
yyv1 = make(map[string][]string, yyrl1)
|
||||
*v = yyv1
|
||||
}
|
||||
var yymk1 string
|
||||
var yymv1 []string
|
||||
var yymg1 bool
|
||||
if yybh1.MapValueReset {
|
||||
yymg1 = true
|
||||
}
|
||||
if yyl1 > 0 {
|
||||
for yyj1 := 0; yyj1 < yyl1; yyj1++ {
|
||||
z.DecSendContainerState(codecSelfer_containerMapKey1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymk1 = ""
|
||||
} else {
|
||||
yymk1 = string(r.DecodeString())
|
||||
}
|
||||
|
||||
if yymg1 {
|
||||
yymv1 = yyv1[yymk1]
|
||||
} else {
|
||||
yymv1 = nil
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymv1 = nil
|
||||
} else {
|
||||
yyv3 := &yymv1
|
||||
yym4 := z.DecBinary()
|
||||
_ = yym4
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv3, false, d)
|
||||
}
|
||||
}
|
||||
|
||||
if yyv1 != nil {
|
||||
yyv1[yymk1] = yymv1
|
||||
}
|
||||
}
|
||||
} else if yyl1 < 0 {
|
||||
for yyj1 := 0; !r.CheckBreak(); yyj1++ {
|
||||
z.DecSendContainerState(codecSelfer_containerMapKey1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymk1 = ""
|
||||
} else {
|
||||
yymk1 = string(r.DecodeString())
|
||||
}
|
||||
|
||||
if yymg1 {
|
||||
yymv1 = yyv1[yymk1]
|
||||
} else {
|
||||
yymv1 = nil
|
||||
}
|
||||
z.DecSendContainerState(codecSelfer_containerMapValue1234)
|
||||
if r.TryDecodeAsNil() {
|
||||
yymv1 = nil
|
||||
} else {
|
||||
yyv6 := &yymv1
|
||||
yym7 := z.DecBinary()
|
||||
_ = yym7
|
||||
if false {
|
||||
} else {
|
||||
z.F.DecSliceStringX(yyv6, false, d)
|
||||
}
|
||||
}
|
||||
|
||||
if yyv1 != nil {
|
||||
yyv1[yymk1] = yymv1
|
||||
}
|
||||
}
|
||||
} // else len==0: TODO: Should we clear map entries?
|
||||
z.DecSendContainerState(codecSelfer_containerMapEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) encSlicestring(v []string, e *codec1978.Encoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperEncoder(e)
|
||||
_, _, _ = h, z, r
|
||||
r.EncodeArrayStart(len(v))
|
||||
for _, yyv1 := range v {
|
||||
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
|
||||
yym2 := z.EncBinary()
|
||||
_ = yym2
|
||||
if false {
|
||||
} else {
|
||||
r.EncodeString(codecSelferC_UTF81234, string(yyv1))
|
||||
}
|
||||
}
|
||||
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
|
||||
}
|
||||
|
||||
func (x codecSelfer1234) decSlicestring(v *[]string, d *codec1978.Decoder) {
|
||||
var h codecSelfer1234
|
||||
z, r := codec1978.GenHelperDecoder(d)
|
||||
_, _, _ = h, z, r
|
||||
|
||||
yyv1 := *v
|
||||
yyh1, yyl1 := z.DecSliceHelperStart()
|
||||
var yyc1 bool
|
||||
_ = yyc1
|
||||
if yyl1 == 0 {
|
||||
if yyv1 == nil {
|
||||
yyv1 = []string{}
|
||||
yyc1 = true
|
||||
} else if len(yyv1) != 0 {
|
||||
yyv1 = yyv1[:0]
|
||||
yyc1 = true
|
||||
}
|
||||
} else if yyl1 > 0 {
|
||||
var yyrr1, yyrl1 int
|
||||
var yyrt1 bool
|
||||
_, _ = yyrl1, yyrt1
|
||||
yyrr1 = yyl1 // len(yyv1)
|
||||
if yyl1 > cap(yyv1) {
|
||||
|
||||
yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 16)
|
||||
if yyrt1 {
|
||||
if yyrl1 <= cap(yyv1) {
|
||||
yyv1 = yyv1[:yyrl1]
|
||||
} else {
|
||||
yyv1 = make([]string, yyrl1)
|
||||
}
|
||||
} else {
|
||||
yyv1 = make([]string, yyrl1)
|
||||
}
|
||||
yyc1 = true
|
||||
yyrr1 = len(yyv1)
|
||||
} else if yyl1 != len(yyv1) {
|
||||
yyv1 = yyv1[:yyl1]
|
||||
yyc1 = true
|
||||
}
|
||||
yyj1 := 0
|
||||
for ; yyj1 < yyrr1; yyj1++ {
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
}
|
||||
if yyrt1 {
|
||||
for ; yyj1 < yyl1; yyj1++ {
|
||||
yyv1 = append(yyv1, "")
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
yyj1 := 0
|
||||
for ; !r.CheckBreak(); yyj1++ {
|
||||
|
||||
if yyj1 >= len(yyv1) {
|
||||
yyv1 = append(yyv1, "") // var yyz1 string
|
||||
yyc1 = true
|
||||
}
|
||||
yyh1.ElemContainerState(yyj1)
|
||||
if yyj1 < len(yyv1) {
|
||||
if r.TryDecodeAsNil() {
|
||||
yyv1[yyj1] = ""
|
||||
} else {
|
||||
yyv1[yyj1] = string(r.DecodeString())
|
||||
}
|
||||
|
||||
} else {
|
||||
z.DecSwallow()
|
||||
}
|
||||
|
||||
}
|
||||
if yyj1 < len(yyv1) {
|
||||
yyv1 = yyv1[:yyj1]
|
||||
yyc1 = true
|
||||
} else if yyj1 == 0 && yyv1 == nil {
|
||||
yyv1 = []string{}
|
||||
yyc1 = true
|
||||
}
|
||||
}
|
||||
yyh1.End()
|
||||
if yyc1 {
|
||||
*v = yyv1
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -100,6 +100,9 @@ type SubjectAccessReviewSpec struct {
|
|||
User string `json:"user,omitempty"`
|
||||
// Groups is the groups you're testing for.
|
||||
Groups []string `json:"group,omitempty"`
|
||||
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
|
||||
// it needs a reflection here.
|
||||
Extra map[string][]string `json:"extra,omitempty"`
|
||||
}
|
||||
|
||||
// SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes
|
||||
|
|
|
|||
|
|
@ -98,6 +98,7 @@ var map_SubjectAccessReviewSpec = map[string]string{
|
|||
"nonResourceAttributes": "NonResourceAttributes describes information for a non-resource access request",
|
||||
"user": "User is the user you're testing for. If you specify \"User\" but not \"Group\", then is it interpreted as \"What if User were not a member of any groups",
|
||||
"group": "Groups is the groups you're testing for.",
|
||||
"extra": "Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.",
|
||||
}
|
||||
|
||||
func (SubjectAccessReviewSpec) SwaggerDoc() map[string]string {
|
||||
|
|
|
|||
|
|
@ -27,6 +27,16 @@ type Info interface {
|
|||
GetUID() string
|
||||
// GetGroups returns the names of the groups the user is a member of
|
||||
GetGroups() []string
|
||||
|
||||
// GetExtra can contain any additional information that the authenticator
|
||||
// thought was interesting. One example would be scopes on a token.
|
||||
// Keys in this map should be namespaced to the authenticator or
|
||||
// authenticator/authorizer pair making use of them.
|
||||
// For instance: "example.org/foo" instead of "foo"
|
||||
// This is a map[string][]string because it needs to be serializeable into
|
||||
// a SubjectAccessReviewSpec.authorization.k8s.io for proper authorization
|
||||
// delegation flows
|
||||
GetExtra() map[string][]string
|
||||
}
|
||||
|
||||
// DefaultInfo provides a simple user information exchange object
|
||||
|
|
@ -35,6 +45,7 @@ type DefaultInfo struct {
|
|||
Name string
|
||||
UID string
|
||||
Groups []string
|
||||
Extra map[string][]string
|
||||
}
|
||||
|
||||
func (i *DefaultInfo) GetName() string {
|
||||
|
|
@ -48,3 +59,7 @@ func (i *DefaultInfo) GetUID() string {
|
|||
func (i *DefaultInfo) GetGroups() []string {
|
||||
return i.Groups
|
||||
}
|
||||
|
||||
func (i *DefaultInfo) GetExtra() map[string][]string {
|
||||
return i.Extra
|
||||
}
|
||||
|
|
|
|||
|
|
@ -355,7 +355,7 @@ func startServiceAccountTestServer(t *testing.T) (*clientset.Clientset, restclie
|
|||
// 2. A ServiceAccountToken authenticator that validates ServiceAccount tokens
|
||||
rootTokenAuth := authenticator.TokenFunc(func(token string) (user.Info, bool, error) {
|
||||
if token == rootToken {
|
||||
return &user.DefaultInfo{rootUserName, "", []string{}}, true, nil
|
||||
return &user.DefaultInfo{Name: rootUserName}, true, nil
|
||||
}
|
||||
return nil, false, nil
|
||||
})
|
||||
|
|
|
|||
Loading…
Reference in New Issue