-
Notifications
You must be signed in to change notification settings - Fork 65
/
cluster_authz.go
43 lines (37 loc) · 1.42 KB
/
cluster_authz.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package server
import (
"context"
sentryrpc "github.com/paralus/paralus/proto/rpc/sentry"
"github.com/paralus/paralus/pkg/sentry/authz"
"github.com/paralus/paralus/pkg/service"
)
type clusterAuthzServer struct {
bs service.BootstrapService
aps service.AccountPermissionService
gps service.GroupPermissionService
krs service.KubeconfigRevocationService
kcs service.KubectlClusterSettingsService
kss service.KubeconfigSettingService
ns service.NamespaceService
}
// GetUserAuthorization return authorization profile of user for a given cluster
func (s *clusterAuthzServer) GetUserAuthorization(ctx context.Context, req *sentryrpc.GetUserAuthorizationRequest) (*sentryrpc.GetUserAuthorizationResponse, error) {
resp, err := authz.GetAuthorization(ctx, req, s.bs, s.aps, s.gps, s.krs, s.kcs, s.kss, s.ns)
if err != nil {
_log.Errorw("error getting auth profile", "req", req, "error", err.Error())
return nil, err
}
return resp, nil
}
// NewClusterAuthzServer returns New ClusterAuthzServer
func NewClusterAuthzServer(bs service.BootstrapService, aps service.AccountPermissionService, gps service.GroupPermissionService, krs service.KubeconfigRevocationService, kcs service.KubectlClusterSettingsService, kss service.KubeconfigSettingService, ns service.NamespaceService) sentryrpc.ClusterAuthorizationServiceServer {
return &clusterAuthzServer{
bs: bs,
aps: aps,
gps: gps,
krs: krs,
kcs: kcs,
kss: kss,
ns: ns,
}
}