hongming
@@ -21,8 +21,8 @@ import (
|
||||
)
|
||||
|
||||
// +genclient
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
// +genclient:nonNamespaced
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
// +k8s:openapi-gen=true
|
||||
|
||||
// User is the Schema for the users API
|
||||
@@ -125,30 +125,38 @@ type UserList struct {
|
||||
Items []User `json:"items"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
// +genclient:nonNamespaced
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// +kubebuilder:printcolumn:name="Scope",type="string",JSONPath=".target.scope"
|
||||
// +kubebuilder:printcolumn:name="Target",type="string",JSONPath=".target.name"
|
||||
// +kubebuilder:resource:categories="iam",scope="Cluster"
|
||||
type Role struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
||||
Scope Scope `json:"scope"`
|
||||
Rules []RuleRef `json:"rules"`
|
||||
Target Target `json:"target"`
|
||||
Rules []RuleRef `json:"rules"`
|
||||
}
|
||||
|
||||
type Scope struct {
|
||||
Level Level `json:"level"`
|
||||
Scopes []string `json:"scopes"`
|
||||
type Target struct {
|
||||
Scope Scope `json:"scope"`
|
||||
Name string `json:"name"`
|
||||
}
|
||||
|
||||
type Level string
|
||||
type Scope string
|
||||
|
||||
const (
|
||||
LevelGlobal Level = "Global"
|
||||
LevelCluster Level = "Cluster"
|
||||
LevelWorkspace Level = "Workspace"
|
||||
LevelNamespace Level = "Namespace"
|
||||
ScopeALL = "*"
|
||||
GlobalScope Scope = "Global"
|
||||
ClusterScope Scope = "Cluster"
|
||||
WorkspaceScope Scope = "Workspace"
|
||||
NamespaceScope Scope = "Namespace"
|
||||
TargetAll = "*"
|
||||
UserKind = "User"
|
||||
PolicyRuleKind = "PolicyRule"
|
||||
RoleKind = "Role"
|
||||
RoleBindingKind = "RoleBinding"
|
||||
)
|
||||
|
||||
// RuleRef contains information that points to the role being used
|
||||
@@ -170,14 +178,17 @@ type RoleList struct {
|
||||
Items []Role `json:"items"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
// +genclient:nonNamespaced
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// +kubebuilder:printcolumn:name="Scope",type="string",JSONPath=".scope"
|
||||
// +kubebuilder:resource:categories="iam",scope="Cluster"
|
||||
type PolicyRule struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
||||
Level Level `json:"level"`
|
||||
Scope Scope `json:"scope"`
|
||||
Rego string `json:"rego"`
|
||||
}
|
||||
|
||||
@@ -190,15 +201,20 @@ type PolicyRuleList struct {
|
||||
Items []PolicyRule `json:"items"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
// +genclient:nonNamespaced
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// RoleBinding is the Schema for the rolebindings API
|
||||
// +kubebuilder:printcolumn:name="Scope",type="string",JSONPath=".scope"
|
||||
// +kubebuilder:printcolumn:name="RoleRef",type="string",JSONPath=".roleRef.name"
|
||||
// +kubebuilder:printcolumn:name="Subjects",type="string",JSONPath=".subjects[*].name"
|
||||
// +kubebuilder:resource:categories="iam",scope="Cluster"
|
||||
type RoleBinding struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
|
||||
Level Level `json:"level"`
|
||||
Scope Scope `json:"scope"`
|
||||
RoleRef RoleRef `json:"roleRef"`
|
||||
// Subjects holds references to the users the role applies to.
|
||||
// +optional
|
||||
@@ -234,3 +250,8 @@ type RoleBindingList struct {
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []RoleBinding `json:"items"`
|
||||
}
|
||||
|
||||
type UserDetail struct {
|
||||
*User
|
||||
GlobalRole *Role `json:"globalRole"`
|
||||
}
|
||||
|
||||
62
pkg/apis/iam/v1alpha2/zz_generated.deepcopy.go
generated
62
pkg/apis/iam/v1alpha2/zz_generated.deepcopy.go
generated
@@ -86,7 +86,7 @@ func (in *Role) DeepCopyInto(out *Role) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Scope.DeepCopyInto(&out.Scope)
|
||||
out.Target = in.Target
|
||||
if in.Rules != nil {
|
||||
in, out := &in.Rules, &out.Rules
|
||||
*out = make([]RuleRef, len(*in))
|
||||
@@ -237,26 +237,6 @@ func (in *RuleRef) DeepCopy() *RuleRef {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Scope) DeepCopyInto(out *Scope) {
|
||||
*out = *in
|
||||
if in.Scopes != nil {
|
||||
in, out := &in.Scopes, &out.Scopes
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scope.
|
||||
func (in *Scope) DeepCopy() *Scope {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(Scope)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Subject) DeepCopyInto(out *Subject) {
|
||||
*out = *in
|
||||
@@ -272,6 +252,21 @@ func (in *Subject) DeepCopy() *Subject {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Target) DeepCopyInto(out *Target) {
|
||||
*out = *in
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Target.
|
||||
func (in *Target) DeepCopy() *Target {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(Target)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *User) DeepCopyInto(out *User) {
|
||||
*out = *in
|
||||
@@ -315,6 +310,31 @@ func (in *UserCondition) DeepCopy() *UserCondition {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *UserDetail) DeepCopyInto(out *UserDetail) {
|
||||
*out = *in
|
||||
if in.User != nil {
|
||||
in, out := &in.User, &out.User
|
||||
*out = new(User)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.GlobalRole != nil {
|
||||
in, out := &in.GlobalRole, &out.GlobalRole
|
||||
*out = new(Role)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserDetail.
|
||||
func (in *UserDetail) DeepCopy() *UserDetail {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(UserDetail)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *UserList) DeepCopyInto(out *UserList) {
|
||||
*out = *in
|
||||
|
||||
Reference in New Issue
Block a user