-
Notifications
You must be signed in to change notification settings - Fork 377
/
helpers.go
47 lines (37 loc) · 1.21 KB
/
helpers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package authorization
import (
"fmt"
corev1 "k8s.io/api/core/v1"
)
const (
userKind = "User"
groupKind = "Group"
serviceAccountKind = "ServiceAccount"
systemUserKind = "SystemUser"
systemGroupKind = "SystemGroup"
)
// SubjectsStrings returns users, groups, serviceaccounts, unknown for display purposes. currentNamespace is used to
// hide the subject.Namespace for ServiceAccounts in the currentNamespace
func SubjectsStrings(currentNamespace string, subjects []corev1.ObjectReference) ([]string, []string, []string, []string) {
users := []string{}
groups := []string{}
sas := []string{}
others := []string{}
for _, subject := range subjects {
switch subject.Kind {
case serviceAccountKind:
if len(subject.Namespace) > 0 && currentNamespace != subject.Namespace {
sas = append(sas, subject.Namespace+"/"+subject.Name)
} else {
sas = append(sas, subject.Name)
}
case userKind, systemUserKind:
users = append(users, subject.Name)
case groupKind, systemGroupKind:
groups = append(groups, subject.Name)
default:
others = append(others, fmt.Sprintf("%s/%s/%s", subject.Kind, subject.Namespace, subject.Name))
}
}
return users, groups, sas, others
}