Ejemplo n.º 1
0
func (o *canIOptions) listAllPermissions() error {
	whatCanIDo, err := o.RulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(&authorizationapi.SelfSubjectRulesReview{})
	if err != nil {
		return err
	}

	writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags)
	fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n")
	for _, rule := range whatCanIDo.Status.Rules {
		describe.DescribePolicyRule(writer, rule, "")

	}
	writer.Flush()

	return nil
}
Ejemplo n.º 2
0
func (o *canIOptions) listAllPermissions() error {
	var rulesReviewStatus authorizationapi.SubjectRulesReviewStatus

	if len(o.User) == 0 && len(o.Groups) == 0 {
		rulesReview := &authorizationapi.SelfSubjectRulesReview{}
		if len(o.Scopes) > 0 {
			rulesReview.Spec.Scopes = o.Scopes
		}

		whatCanIDo, err := o.SelfRulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(rulesReview)
		if err != nil {
			return err
		}
		rulesReviewStatus = whatCanIDo.Status

	} else {
		rulesReview := &authorizationapi.SubjectRulesReview{
			Spec: authorizationapi.SubjectRulesReviewSpec{
				User:   o.User,
				Groups: o.Groups,
				Scopes: o.Scopes,
			},
		}

		whatCanYouDo, err := o.RulesReviewClient.SubjectRulesReviews(o.Namespace).Create(rulesReview)
		if err != nil {
			return err
		}
		rulesReviewStatus = whatCanYouDo.Status

	}

	writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags)
	fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n")
	for _, rule := range rulesReviewStatus.Rules {
		describe.DescribePolicyRule(writer, rule, "")

	}
	writer.Flush()

	return nil
}