import "k8s.io/kubernetes/pkg/registry/rbac"
escalation_check.go helpers.go
func BindingAuthorized(ctx context.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool
BindingAuthorized returns true if the user associated with the context is explicitly authorized to bind the specified roleRef
EscalationAllowed checks if the user associated with the context is a superuser
func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool
IsOnlyMutatingGCFields checks finalizers and ownerrefs which GC manipulates and indicates that only those fields are changing
func RoleEscalationAuthorized(ctx context.Context, a authorizer.Authorizer) bool
RoleEscalationAuthorized checks if the user associated with the context is explicitly authorized to escalate the role resource associated with the context
| Path | Synopsis |
|---|---|
| clusterrole | Package clusterrole provides Registry interface and its RESTStorage implementation for storing ClusterRole objects. |
| clusterrolebinding | Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects. |
| clusterrolebinding/policybased | Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation. |
| clusterrolebinding/storage | |
| clusterrole/policybased | Package policybased implements a standard storage for ClusterRole that prevents privilege escalation. |
| clusterrole/storage | |
| rest | |
| role | Package role provides Registry interface and its RESTStorage implementation for storing Role objects. |
| rolebinding | Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects. |
| rolebinding/policybased | Package policybased implements a standard storage for RoleBinding that prevents privilege escalation. |
| rolebinding/storage | |
| role/policybased | Package policybased implements a standard storage for Role that prevents privilege escalation. |
| role/storage | |
| validation |
Package rbac imports 12 packages (graph) and is imported by 50 packages. Updated 2021-01-12. Refresh now. Tools for package owners.