func (o *canIOptions) listAllPermissions() error {
whatCanIDo, err := o.RulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(&authorizationapi.SelfSubjectRulesReview{})
if err != nil {
return err
}
writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags)
fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n")
for _, rule := range whatCanIDo.Status.Rules {
describe.DescribePolicyRule(writer, rule, "")
}
writer.Flush()
return nil
}
func (o *canIOptions) listAllPermissions() error {
var rulesReviewStatus authorizationapi.SubjectRulesReviewStatus
if len(o.User) == 0 && len(o.Groups) == 0 {
rulesReview := &authorizationapi.SelfSubjectRulesReview{}
if len(o.Scopes) > 0 {
rulesReview.Spec.Scopes = o.Scopes
}
whatCanIDo, err := o.SelfRulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(rulesReview)
if err != nil {
return err
}
rulesReviewStatus = whatCanIDo.Status
} else {
rulesReview := &authorizationapi.SubjectRulesReview{
Spec: authorizationapi.SubjectRulesReviewSpec{
User: o.User,
Groups: o.Groups,
Scopes: o.Scopes,
},
}
whatCanYouDo, err := o.RulesReviewClient.SubjectRulesReviews(o.Namespace).Create(rulesReview)
if err != nil {
return err
}
rulesReviewStatus = whatCanYouDo.Status
}
writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags)
fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n")
for _, rule := range rulesReviewStatus.Rules {
describe.DescribePolicyRule(writer, rule, "")
}
writer.Flush()
return nil
}
