public static IEnumerable <V1PolicyRule> CreateRbacPolicies(this EntityRbacAttribute attribute) => new[] { attribute.CreateRbacPolicy(), attribute.CreateStatusRbacPolicy(), } .Where(p => p != null) .ToList() as List <V1PolicyRule>;
public static V1PolicyRule CreateRbacPolicy(this EntityRbacAttribute attribute) { var crds = attribute.Entities.Select(CustomEntityDefinitionExtensions.CreateResourceDefinition).ToList(); var policy = new V1PolicyRule { ApiGroups = crds.Select(crd => crd.Group).Distinct().ToList(), Resources = crds.Select(crd => crd.Plural).Distinct().ToList(), Verbs = attribute.Verbs.ConvertToStrings(), }; return(policy); }
public static V1PolicyRule?CreateStatusRbacPolicy(this EntityRbacAttribute attribute) { var crds = attribute.Entities .Where(type => type.GetProperty("Status") != null) .Select(CustomEntityDefinitionExtensions.CreateResourceDefinition) .ToList(); if (crds.Count == 0) { return(null); } var policy = new V1PolicyRule { ApiGroups = crds.Select(crd => crd.Group).Distinct().ToList(), Resources = crds.Select(crd => crd.Plural).Distinct().Select(name => $"{name}/status").ToList(), Verbs = (RbacVerb.Get | RbacVerb.Patch | RbacVerb.Update).ConvertToStrings(), }; return(policy); }