Documentation ¶
Index ¶
- func New(ctx context.Context, opts ...AuthorizerOption) (types.Authorizer, error)
- func PublicShared(obj types.Object, act types.Action) types.PresetPolicy
- func SuperUser(su types.Subject) types.PresetPolicy
- type AuthorizerConfig
- type AuthorizerOption
- func WithLogger(l logr.Logger) AuthorizerOption
- func WithObjectPersister(p types.GroupingPersister) AuthorizerOption
- func WithPermissionPersister(p types.PermissionPersister) AuthorizerOption
- func WithPresetPolices(presets ...types.PresetPolicy) AuthorizerOption
- func WithSubjectPersister(p types.GroupingPersister) AuthorizerOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(ctx context.Context, opts ...AuthorizerOption) (types.Authorizer, error)
New creates a RBAC Authorizer
func PublicShared ¶
PublicShared specify that everbody could do act on obj
Types ¶
type AuthorizerConfig ¶
type AuthorizerConfig struct {
// contains filtered or unexported fields
}
AuthorizerConfig works together with AuthorizerOption to control the initialization of authorizer
type AuthorizerOption ¶
type AuthorizerOption func(*AuthorizerConfig)
AuthorizerOption controls how to init an authorizer
func WithLogger ¶
func WithLogger(l logr.Logger) AuthorizerOption
WithLogger sets logger for rbac components
func WithObjectPersister ¶
func WithObjectPersister(p types.GroupingPersister) AuthorizerOption
WithObjectPersister sets Persister for object could be omitted if object grouping is not used: no rules on categories
func WithPermissionPersister ¶
func WithPermissionPersister(p types.PermissionPersister) AuthorizerOption
WithPermissionPersister sets Persister for Permission manager all permission polices will be lost after restart if not set
func WithPresetPolices ¶
func WithPresetPolices(presets ...types.PresetPolicy) AuthorizerOption
WithPresetPolices add preset polices to authorizer
func WithSubjectPersister ¶
func WithSubjectPersister(p types.GroupingPersister) AuthorizerOption
WithSubjectPersister sets Persister for subject could be omitted if subject grouping is not used: no roles, only users