func (r *requestAttributeGetter) GetAttribs(req *http.Request) authorizer.Attributes { attribs := authorizer.AttributesRecord{} ctx, ok := r.requestContextMapper.Get(req) if ok { user, ok := api.UserFrom(ctx) if ok { attribs.User = user } } requestInfo, _ := r.requestInfoResolver.GetRequestInfo(req) // Start with common attributes that apply to resource and non-resource requests attribs.ResourceRequest = requestInfo.IsResourceRequest attribs.Path = requestInfo.Path attribs.Verb = requestInfo.Verb attribs.APIGroup = requestInfo.APIGroup attribs.APIVersion = requestInfo.APIVersion attribs.Resource = requestInfo.Resource attribs.Subresource = requestInfo.Subresource attribs.Namespace = requestInfo.Namespace attribs.Name = requestInfo.Name return &attribs }
func (r *requestAttributeGetter) GetAttribs(req *http.Request) (authorizer.Attributes, error) { attribs := authorizer.AttributesRecord{} ctx, ok := r.requestContextMapper.Get(req) if !ok { return nil, errors.New("no context found for request") } user, ok := api.UserFrom(ctx) if ok { attribs.User = user } requestInfo, found := request.RequestInfoFrom(ctx) if !found { return nil, errors.New("no RequestInfo found in the context") } // Start with common attributes that apply to resource and non-resource requests attribs.ResourceRequest = requestInfo.IsResourceRequest attribs.Path = requestInfo.Path attribs.Verb = requestInfo.Verb attribs.APIGroup = requestInfo.APIGroup attribs.APIVersion = requestInfo.APIVersion attribs.Resource = requestInfo.Resource attribs.Subresource = requestInfo.Subresource attribs.Namespace = requestInfo.Namespace attribs.Name = requestInfo.Name return &attribs, nil }
func (r *requestAttributeGetter) GetAttribs(req *http.Request) authorizer.Attributes { attribs := authorizer.AttributesRecord{} ctx, ok := r.requestContextMapper.Get(req) if ok { user, ok := api.UserFrom(ctx) if ok { attribs.User = user } } apiRequestInfo, _ := r.apiRequestInfoResolver.GetAPIRequestInfo(req) attribs.Verb = apiRequestInfo.Verb // Check whether meaningful api information can be resolved for the current path if isAPIResourceRequest(r.apiRequestInfoResolver.APIPrefixes, req) { attribs.APIGroup = apiRequestInfo.APIGroup // If a path follows the conventions of the REST object store, then // we can extract the resource. Otherwise, not. attribs.Resource = apiRequestInfo.Resource // If the request specifies a namespace, then the namespace is filled in. // Assumes there is no empty string namespace. Unspecified results // in empty (does not understand defaulting rules.) attribs.Namespace = apiRequestInfo.Namespace } else { // If a request does not fall into an api namespace/resource pattern, it's a special path. attribs.NonResourcePath = req.URL.Path } return &attribs }
func (r *requestAttributeGetter) GetAttribs(req *http.Request) authorizer.Attributes { attribs := authorizer.AttributesRecord{} ctx, ok := r.requestContextMapper.Get(req) if ok { user, ok := api.UserFrom(ctx) if ok { attribs.User = user } } apiRequestInfo, _ := r.apiRequestInfoResolver.GetAPIRequestInfo(req) attribs.APIGroup = apiRequestInfo.APIGroup attribs.Verb = apiRequestInfo.Verb // If a path follows the conventions of the REST object store, then // we can extract the resource. Otherwise, not. attribs.Resource = apiRequestInfo.Resource // If the request specifies a namespace, then the namespace is filled in. // Assumes there is no empty string namespace. Unspecified results // in empty (does not understand defaulting rules.) attribs.Namespace = apiRequestInfo.Namespace return &attribs }
func (r *requestAttributeGetter) GetAttribs(req *http.Request) authorizer.Attributes { attribs := authorizer.AttributesRecord{} ctx, ok := r.requestContextMapper.Get(req) if ok { user, ok := api.UserFrom(ctx) if ok { attribs.User = user } } requestInfo, _ := r.requestInfoResolver.GetRequestInfo(req) // Start with common attributes that apply to resource and non-resource requests attribs.ResourceRequest = requestInfo.IsResourceRequest attribs.Path = requestInfo.Path attribs.Verb = requestInfo.Verb // If the request was for a resource in an API group, include that info attribs.APIGroup = requestInfo.APIGroup // If a path follows the conventions of the REST object store, then // we can extract the resource. Otherwise, not. attribs.Resource = requestInfo.Resource // If the request specifies a namespace, then the namespace is filled in. // Assumes there is no empty string namespace. Unspecified results // in empty (does not understand defaulting rules.) attribs.Namespace = requestInfo.Namespace return &attribs }
func GetAuthorizerAttributes(ctx api.Context) (authorizer.Attributes, error) { attribs := authorizer.AttributesRecord{} user, ok := api.UserFrom(ctx) if ok { attribs.User = user } requestInfo, found := request.RequestInfoFrom(ctx) if !found { return nil, errors.New("no RequestInfo found in the context") } // Start with common attributes that apply to resource and non-resource requests attribs.ResourceRequest = requestInfo.IsResourceRequest attribs.Path = requestInfo.Path attribs.Verb = requestInfo.Verb attribs.APIGroup = requestInfo.APIGroup attribs.APIVersion = requestInfo.APIVersion attribs.Resource = requestInfo.Resource attribs.Subresource = requestInfo.Subresource attribs.Namespace = requestInfo.Namespace attribs.Name = requestInfo.Name return &attribs, nil }