func (o *canIOptions) listAllPermissions() error { whatCanIDo, err := o.RulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(&authorizationapi.SelfSubjectRulesReview{}) if err != nil { return err } writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags) fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n") for _, rule := range whatCanIDo.Status.Rules { describe.DescribePolicyRule(writer, rule, "") } writer.Flush() return nil }
func (o *canIOptions) listAllPermissions() error { var rulesReviewStatus authorizationapi.SubjectRulesReviewStatus if len(o.User) == 0 && len(o.Groups) == 0 { rulesReview := &authorizationapi.SelfSubjectRulesReview{} if len(o.Scopes) > 0 { rulesReview.Spec.Scopes = o.Scopes } whatCanIDo, err := o.SelfRulesReviewClient.SelfSubjectRulesReviews(o.Namespace).Create(rulesReview) if err != nil { return err } rulesReviewStatus = whatCanIDo.Status } else { rulesReview := &authorizationapi.SubjectRulesReview{ Spec: authorizationapi.SubjectRulesReviewSpec{ User: o.User, Groups: o.Groups, Scopes: o.Scopes, }, } whatCanYouDo, err := o.RulesReviewClient.SubjectRulesReviews(o.Namespace).Create(rulesReview) if err != nil { return err } rulesReviewStatus = whatCanYouDo.Status } writer := tabwriter.NewWriter(o.Out, tabwriterMinWidth, tabwriterWidth, tabwriterPadding, tabwriterPadChar, tabwriterFlags) fmt.Fprint(writer, describe.PolicyRuleHeadings+"\n") for _, rule := range rulesReviewStatus.Rules { describe.DescribePolicyRule(writer, rule, "") } writer.Flush() return nil }