github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
32,351 Commits 1 Branch 31 Tags 1,019 MiB
d6e23b984c
Commit Graph

60 Commits

Author SHA1 Message Date
Michal Rostecki
fa0dd46ab7 Return (bool, error) in Authorizer.Authorize() 
Before this change, Authorize() method was just returning an error,
regardless of whether the user is unauthorized or whether there
is some other unrelated error. Returning boolean with information
about user authorization and error (which should be unrelated to
the authorization) separately will make it easier to debug.

Fixes #27974
 2016-07-18 12:06:54 +02:00
Daniel Smith
78c02cd052 Stop eating panics 2016-07-13 11:12:59 -07:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
Wojciech Tyczynski
f3c70ffeeb Log requests returning TooManyRequests error 2016-05-20 10:18:05 +02:00
deads2k
622932422d enable resource name and service account cases for impersonation 2016-04-26 09:31:43 -04:00
deads2k
ac4c545b91 add act-as powers 2016-04-14 12:49:10 -04:00
deads2k
02578a7ea7 add missing attributes to authorization interface 2016-03-29 08:46:21 -04:00
Jordan Liggitt
ad20045c8d Correctly identify namespace subresources in GetRequestInfo 2016-03-14 13:03:33 -04:00
deads2k
357aebc89c update long running to handle recommend watch mechanism 2016-02-24 10:20:25 -05:00
Jordan Liggitt
3038eec2aa Use a different verb for delete collection 2016-02-10 18:08:46 -05:00
deads2k
9fda7f1812 update StatusDetails to handle Groups 2015-12-17 09:14:12 -05:00
Jordan Liggitt
2321651518 Add non-resource and API group support to ABAC authorizer, version ABAC policy rules 2015-12-03 12:31:13 -05:00
deads2k
72e345aa4e handle the HEAD verb correctly for authorization 2015-11-20 11:34:35 -05:00
Jordan Liggitt
600b5e633d Fix GetRequestInfo subresource parsing for proxy/redirect verbs 2015-10-30 13:41:49 -04:00
deads2k
6fbb3f4b6e add nonResourceURL detection 2015-10-20 16:23:30 -04:00
Clayton Coleman
9136d49dc9 400 HTTP should not result in a stack trace printed 2015-10-09 14:33:41 -04:00
Jordan Liggitt
e024e55e8e Add verb to authorizer attributes 2015-10-01 23:54:02 -04:00
deads2k
df870cf36a remove Kind from APIRequestInfo 2015-09-30 09:46:22 -04:00
deads2k
8db054651c plumb APIGroup to authorization attributes and test 2015-09-30 09:45:10 -04:00
deads2k
dc8d0de70b update APIRequestInfo for APIGroup 2015-09-30 09:45:10 -04:00
gmarek
9d57f2c571 Remove dead RateLimit function from API server handlers 2015-09-23 13:44:37 +02:00
deads2k
630c6cc16a add patch verb to APIRequestInfo 2015-09-21 14:09:36 -04:00
feisky
800e8fb54c Fix kubelet logs --follow bug 2015-09-16 22:06:50 +08:00
tummychow
78ce5da988 Move util.StringSet into its own package 
A lot of packages use StringSet, but they don't use anything else from
the util package. Moving StringSet into another package will shrink
their dependency trees significantly.
 2015-09-10 12:04:15 -07:00
Mike Danese
17defc7383 run gofmt on everything we touched 2015-08-05 17:52:56 -07:00
Mike Danese
8e33cbfa28 rewrite go imports 2015-08-05 17:30:03 -07:00
Marek Grabowski
00cd52dd68 Merge pull request #10656 from krousey/timeouts 
Adding proper timeouts.
 2015-07-27 10:56:58 +02:00
Kris Rousey
1d033b9912 Adding proper timeouts. 2015-07-10 14:42:59 -07:00
Yifan Gu
b30e77c1b3 apiservier: avoid stacktracing for StatusUnauthorized and StatusForbidden. 2015-07-01 14:41:52 -07:00
Jordan Liggitt
a341b8f44f Remove ?namespace= param handling/defaulting 2015-06-16 22:40:01 -04:00
Eric Paris
6b3a6e6b98 Make copyright ownership statement generic 
Instead of saying "Google Inc." (which is not always correct) say "The
Kubernetes Authors", which is generic.
 2015-05-01 17:49:56 -04:00
Masahiro Sano
7c371ee36e lower log level on recovering from panic 2015-04-24 22:09:14 +09:00
Xiang Li
405ebf4b1e pkg/apiserver: use httpError in handlers.go 2015-04-21 23:05:56 -07:00
deads2k
c17ffb7c4c comments 1: comments 2015-04-10 15:39:20 -04:00
deads2k
72817a0801 add support for authorizing subresources 2015-04-10 12:42:52 -04:00
Brendan Burns
f327e97661 Add a limit to the number of in-flight requests that a server processes. 2015-04-01 15:06:15 -07:00
Wojciech Tyczynski
f7191d626d Change "/ns" to "/namespaces" in few remaining places. 2015-03-24 13:05:32 +01:00
Daniel Smith
78d05e5307 add URL path generation function 2015-02-24 10:10:04 -08:00
Andy Goldstein
5bd0e9ab05 Add streaming command execution & port forwarding 
Add streaming command execution & port forwarding via HTTP connection
upgrades (currently using SPDY).
 2015-02-20 09:57:02 -05:00
deads2k
3be343449f expose creation APIRequestInfoResolver 2015-02-16 13:56:03 -05:00
Jordan Liggitt
083ce268e0 Put user in context, map requests to context above resthandler layer 2015-02-12 20:58:04 -05:00
derekwaynecarr
7b34d6ef8e The namespace context for a get of an individual namespace is the namespace 2015-02-11 16:06:51 -05:00
derekwaynecarr
0bd0e12bbc Add support for Namespace as Kind 
Add example for using namespaces
 2015-02-10 09:50:50 -05:00
deads2k
8a2fe9bd2b modify policy to correctly identify resource versus kind 2015-02-04 13:36:01 -05:00
deads2k
1c9216a45e clarify api request information 2015-02-04 13:36:01 -05:00
Satnam Singh
d8bda4006a Increase API rate limit on read only port of apiserver 2015-01-30 11:58:59 -08:00
Satnam Singh
5d5752374b Set Retry-After header before calling WriteHeader 2015-01-28 14:28:37 -08:00
Satnam Singh
3a9e6d8f29 Switch to use Too Many Requests response code 
Name the 429 status code
 2015-01-27 14:54:30 -08:00
Satnam Singh
8350bb9700 Add a Retry-After header when rate limit is exceeded 2015-01-22 16:03:00 -08:00
derekwaynecarr
7cf664439f Move namespace from query param to path part 2014-12-16 15:55:47 -05:00