-
Notifications
You must be signed in to change notification settings - Fork 53
/
rbac.go
74 lines (63 loc) · 2.33 KB
/
rbac.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package management
import (
"context"
"github.com/rancher/opni/pkg/core"
"github.com/rancher/opni/pkg/validation"
"google.golang.org/protobuf/types/known/emptypb"
)
func (s *Server) CreateRole(ctx context.Context, in *core.Role) (*emptypb.Empty, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
return &emptypb.Empty{}, s.coreDataSource.StorageBackend().CreateRole(ctx, in)
}
func (s *Server) DeleteRole(ctx context.Context, in *core.Reference) (*emptypb.Empty, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
return &emptypb.Empty{}, s.coreDataSource.StorageBackend().DeleteRole(ctx, in)
}
func (s *Server) GetRole(ctx context.Context, in *core.Reference) (*core.Role, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
role, err := s.coreDataSource.StorageBackend().GetRole(ctx, in)
return role, err
}
func (s *Server) CreateRoleBinding(ctx context.Context, in *core.RoleBinding) (*emptypb.Empty, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
if len(in.Taints) > 0 {
return nil, validation.ErrReadOnlyField
}
return &emptypb.Empty{}, s.coreDataSource.StorageBackend().CreateRoleBinding(ctx, in)
}
func (s *Server) DeleteRoleBinding(ctx context.Context, in *core.Reference) (*emptypb.Empty, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
return &emptypb.Empty{}, s.coreDataSource.StorageBackend().DeleteRoleBinding(ctx, in)
}
func (s *Server) GetRoleBinding(ctx context.Context, in *core.Reference) (*core.RoleBinding, error) {
if err := validation.Validate(in); err != nil {
return nil, err
}
rb, err := s.coreDataSource.StorageBackend().GetRoleBinding(ctx, in)
return rb, err
}
func (s *Server) ListRoles(ctx context.Context, _ *emptypb.Empty) (*core.RoleList, error) {
rl, err := s.coreDataSource.StorageBackend().ListRoles(ctx)
return rl, err
}
func (s *Server) ListRoleBindings(ctx context.Context, _ *emptypb.Empty) (*core.RoleBindingList, error) {
rbl, err := s.coreDataSource.StorageBackend().ListRoleBindings(ctx)
return rbl, err
}
func (s *Server) SubjectAccess(ctx context.Context, sar *core.SubjectAccessRequest) (*core.ReferenceList, error) {
if err := validation.Validate(sar); err != nil {
return nil, err
}
rl, err := s.rbacProvider.SubjectAccess(ctx, sar)
return rl, err
}