/
policyrule.go
134 lines (110 loc) · 3.21 KB
/
policyrule.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
// Copyright 2023 Cover Whale Insurance Solutions Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package kopts
import (
rbacv1 "k8s.io/api/rbac/v1"
)
type Verb string
const (
Create Verb = "create"
Delete Verb = "delete"
Deletecollection Verb = "deletecollection"
Get Verb = "get"
List Verb = "list"
Patch Verb = "patch"
Update Verb = "update"
Watch Verb = "watch"
)
// PolicyRule is a Kubernetes policy rule
type PolicyRule struct {
rbacv1.PolicyRule
}
type PolicyRuleOpt func(*PolicyRule)
// NewPolicyRule returns a policy rule with the given name and options
func NewPolicyRule(name string, opts ...PolicyRuleOpt) PolicyRule {
pr := PolicyRule{
PolicyRule: rbacv1.PolicyRule{},
}
for _, v := range opts {
v(&pr)
}
return pr
}
// Set policy rule verb
func PolicyRuleVerb(v Verb) PolicyRuleOpt {
return policyRuleVerbs(v)
}
// Set multiple rule verbs
func PolicyRuleVerbs(verbs []Verb) PolicyRuleOpt {
return policyRuleVerbs(verbs...)
}
func policyRuleVerbs(verbs ...Verb) PolicyRuleOpt {
return func(pr *PolicyRule) {
for _, v := range verbs {
pr.Verbs = append(pr.Verbs, string(v))
}
}
}
// Set policy rule API group
func PolicyRuleAPIGroup(group string) PolicyRuleOpt {
return policyRuleAPIGroups(group)
}
// Set multiple rule API groups
func PolicyRuleAPIGroups(groups []string) PolicyRuleOpt {
return policyRuleAPIGroups(groups...)
}
func policyRuleAPIGroups(groups ...string) PolicyRuleOpt {
return func(pr *PolicyRule) {
pr.APIGroups = groups
}
}
// Set policy rule resource
func PolicyRuleResource(resource string) PolicyRuleOpt {
return policyRuleResources(resource)
}
// Set multiple policy rule resources
func PolicyRuleResources(resources []string) PolicyRuleOpt {
return policyRuleResources(resources...)
}
func policyRuleResources(resources ...string) PolicyRuleOpt {
return func(pr *PolicyRule) {
pr.Resources = resources
}
}
// Set policy rule resource name
func PolicyRuleResourceName(rn string) PolicyRuleOpt {
return policyRuleResourceNames(rn)
}
// Set multiple policy rule resource names
func PolicyRuleResourceNames(rn []string) PolicyRuleOpt {
return policyRuleResourceNames(rn...)
}
func policyRuleResourceNames(rn ...string) PolicyRuleOpt {
return func(pr *PolicyRule) {
pr.ResourceNames = rn
}
}
// Set policy rule resource URL
func PolicyRuleNonResourceURL(nru string) PolicyRuleOpt {
return policyRuleNonResourceURLs(nru)
}
// Set multiple policy rule resource URLs
func PolicyRuleNonResourceURLs(nru []string) PolicyRuleOpt {
return policyRuleNonResourceURLs(nru...)
}
func policyRuleNonResourceURLs(nru ...string) PolicyRuleOpt {
return func(pr *PolicyRule) {
pr.NonResourceURLs = nru
}
}