1. origin
  2. Commit 5ef5ce1a218dbddb204e32e30d9bb3b85589c8f5
Browse code

make policy interfaces

deads2k authored on 2015/06/17 22:56:12
Showing 12 changed files
pkg/api/v1/conversion_generated.go
History View file @ 5ef5ce1
... ... 
@@ -170,6 +170,121 @@ func convert_v1_TypeMeta_To_api_TypeMeta(in *v1.TypeMeta, out *api.TypeMeta, s c
170 170 
 	return nil
171 171 
 }
172 172
173 
+func convert_api_ClusterPolicyBindingList_To_v1_ClusterPolicyBindingList(in *authorizationapi.ClusterPolicyBindingList, out *apiv1.ClusterPolicyBindingList, s conversion.Scope) error {
174 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
175 
+		defaulting.(func(*authorizationapi.ClusterPolicyBindingList))(in)
176 
+	}
177 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
178 
+		return err
179 
+	}
180 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
181 
+		return err
182 
+	}
183 
+	if in.Items != nil {
184 
+		out.Items = make([]apiv1.ClusterPolicyBinding, len(in.Items))
185 
+		for i := range in.Items {
186 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
187 
+				return err
188 
+			}
189 
+		}
190 
+	} else {
191 
+		out.Items = nil
192 
+	}
193 
+	return nil
194 
+}
195 
+
196 
+func convert_api_ClusterPolicyList_To_v1_ClusterPolicyList(in *authorizationapi.ClusterPolicyList, out *apiv1.ClusterPolicyList, s conversion.Scope) error {
197 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
198 
+		defaulting.(func(*authorizationapi.ClusterPolicyList))(in)
199 
+	}
200 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
201 
+		return err
202 
+	}
203 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
204 
+		return err
205 
+	}
206 
+	if in.Items != nil {
207 
+		out.Items = make([]apiv1.ClusterPolicy, len(in.Items))
208 
+		for i := range in.Items {
209 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
210 
+				return err
211 
+			}
212 
+		}
213 
+	} else {
214 
+		out.Items = nil
215 
+	}
216 
+	return nil
217 
+}
218 
+
219 
+func convert_api_ClusterRole_To_v1_ClusterRole(in *authorizationapi.ClusterRole, out *apiv1.ClusterRole, s conversion.Scope) error {
220 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
221 
+		defaulting.(func(*authorizationapi.ClusterRole))(in)
222 
+	}
223 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
224 
+		return err
225 
+	}
226 
+	if err := convert_api_ObjectMeta_To_v1_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
227 
+		return err
228 
+	}
229 
+	if in.Rules != nil {
230 
+		out.Rules = make([]apiv1.PolicyRule, len(in.Rules))
231 
+		for i := range in.Rules {
232 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
233 
+				return err
234 
+			}
235 
+		}
236 
+	} else {
237 
+		out.Rules = nil
238 
+	}
239 
+	return nil
240 
+}
241 
+
242 
+func convert_api_ClusterRoleBindingList_To_v1_ClusterRoleBindingList(in *authorizationapi.ClusterRoleBindingList, out *apiv1.ClusterRoleBindingList, s conversion.Scope) error {
243 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
244 
+		defaulting.(func(*authorizationapi.ClusterRoleBindingList))(in)
245 
+	}
246 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
247 
+		return err
248 
+	}
249 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
250 
+		return err
251 
+	}
252 
+	if in.Items != nil {
253 
+		out.Items = make([]apiv1.ClusterRoleBinding, len(in.Items))
254 
+		for i := range in.Items {
255 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
256 
+				return err
257 
+			}
258 
+		}
259 
+	} else {
260 
+		out.Items = nil
261 
+	}
262 
+	return nil
263 
+}
264 
+
265 
+func convert_api_ClusterRoleList_To_v1_ClusterRoleList(in *authorizationapi.ClusterRoleList, out *apiv1.ClusterRoleList, s conversion.Scope) error {
266 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
267 
+		defaulting.(func(*authorizationapi.ClusterRoleList))(in)
268 
+	}
269 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
270 
+		return err
271 
+	}
272 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
273 
+		return err
274 
+	}
275 
+	if in.Items != nil {
276 
+		out.Items = make([]apiv1.ClusterRole, len(in.Items))
277 
+		for i := range in.Items {
278 
+			if err := convert_api_ClusterRole_To_v1_ClusterRole(&in.Items[i], &out.Items[i], s); err != nil {
279 
+				return err
280 
+			}
281 
+		}
282 
+	} else {
283 
+		out.Items = nil
284 
+	}
285 
+	return nil
286 
+}
287 
+
173 288 
 func convert_api_IsPersonalSubjectAccessReview_To_v1_IsPersonalSubjectAccessReview(in *authorizationapi.IsPersonalSubjectAccessReview, out *apiv1.IsPersonalSubjectAccessReview, s conversion.Scope) error {
174 289 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
175 290 
 		defaulting.(func(*authorizationapi.IsPersonalSubjectAccessReview))(in)
... ... 
@@ -180,6 +295,52 @@ func convert_api_IsPersonalSubjectAccessReview_To_v1_IsPersonalSubjectAccessRevi
180 180 
 	return nil
181 181 
 }
182 182
183 
+func convert_api_PolicyBindingList_To_v1_PolicyBindingList(in *authorizationapi.PolicyBindingList, out *apiv1.PolicyBindingList, s conversion.Scope) error {
184 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
185 
+		defaulting.(func(*authorizationapi.PolicyBindingList))(in)
186 
+	}
187 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
188 
+		return err
189 
+	}
190 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
191 
+		return err
192 
+	}
193 
+	if in.Items != nil {
194 
+		out.Items = make([]apiv1.PolicyBinding, len(in.Items))
195 
+		for i := range in.Items {
196 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
197 
+				return err
198 
+			}
199 
+		}
200 
+	} else {
201 
+		out.Items = nil
202 
+	}
203 
+	return nil
204 
+}
205 
+
206 
+func convert_api_PolicyList_To_v1_PolicyList(in *authorizationapi.PolicyList, out *apiv1.PolicyList, s conversion.Scope) error {
207 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
208 
+		defaulting.(func(*authorizationapi.PolicyList))(in)
209 
+	}
210 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
211 
+		return err
212 
+	}
213 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
214 
+		return err
215 
+	}
216 
+	if in.Items != nil {
217 
+		out.Items = make([]apiv1.Policy, len(in.Items))
218 
+		for i := range in.Items {
219 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
220 
+				return err
221 
+			}
222 
+		}
223 
+	} else {
224 
+		out.Items = nil
225 
+	}
226 
+	return nil
227 
+}
228 
+
183 229 
 func convert_api_ResourceAccessReview_To_v1_ResourceAccessReview(in *authorizationapi.ResourceAccessReview, out *apiv1.ResourceAccessReview, s conversion.Scope) error {
184 230 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
185 231 
 		defaulting.(func(*authorizationapi.ResourceAccessReview))(in)
... ... 
@@ -196,6 +357,75 @@ func convert_api_ResourceAccessReview_To_v1_ResourceAccessReview(in *authorizati
196 196 
 	return nil
197 197 
 }
198 198
199 
+func convert_api_Role_To_v1_Role(in *authorizationapi.Role, out *apiv1.Role, s conversion.Scope) error {
200 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
201 
+		defaulting.(func(*authorizationapi.Role))(in)
202 
+	}
203 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
204 
+		return err
205 
+	}
206 
+	if err := convert_api_ObjectMeta_To_v1_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
207 
+		return err
208 
+	}
209 
+	if in.Rules != nil {
210 
+		out.Rules = make([]apiv1.PolicyRule, len(in.Rules))
211 
+		for i := range in.Rules {
212 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
213 
+				return err
214 
+			}
215 
+		}
216 
+	} else {
217 
+		out.Rules = nil
218 
+	}
219 
+	return nil
220 
+}
221 
+
222 
+func convert_api_RoleBindingList_To_v1_RoleBindingList(in *authorizationapi.RoleBindingList, out *apiv1.RoleBindingList, s conversion.Scope) error {
223 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 
+		defaulting.(func(*authorizationapi.RoleBindingList))(in)
225 
+	}
226 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
227 
+		return err
228 
+	}
229 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
230 
+		return err
231 
+	}
232 
+	if in.Items != nil {
233 
+		out.Items = make([]apiv1.RoleBinding, len(in.Items))
234 
+		for i := range in.Items {
235 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
236 
+				return err
237 
+			}
238 
+		}
239 
+	} else {
240 
+		out.Items = nil
241 
+	}
242 
+	return nil
243 
+}
244 
+
245 
+func convert_api_RoleList_To_v1_RoleList(in *authorizationapi.RoleList, out *apiv1.RoleList, s conversion.Scope) error {
246 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
247 
+		defaulting.(func(*authorizationapi.RoleList))(in)
248 
+	}
249 
+	if err := convert_api_TypeMeta_To_v1_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
250 
+		return err
251 
+	}
252 
+	if err := convert_api_ListMeta_To_v1_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
253 
+		return err
254 
+	}
255 
+	if in.Items != nil {
256 
+		out.Items = make([]apiv1.Role, len(in.Items))
257 
+		for i := range in.Items {
258 
+			if err := convert_api_Role_To_v1_Role(&in.Items[i], &out.Items[i], s); err != nil {
259 
+				return err
260 
+			}
261 
+		}
262 
+	} else {
263 
+		out.Items = nil
264 
+	}
265 
+	return nil
266 
+}
267 
+
199 268 
 func convert_api_SubjectAccessReviewResponse_To_v1_SubjectAccessReviewResponse(in *authorizationapi.SubjectAccessReviewResponse, out *apiv1.SubjectAccessReviewResponse, s conversion.Scope) error {
200 269 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
201 270 
 		defaulting.(func(*authorizationapi.SubjectAccessReviewResponse))(in)
... ... 
@@ -209,6 +439,121 @@ func convert_api_SubjectAccessReviewResponse_To_v1_SubjectAccessReviewResponse(i
209 209 
 	return nil
210 210 
 }
211 211
212 
+func convert_v1_ClusterPolicyBindingList_To_api_ClusterPolicyBindingList(in *apiv1.ClusterPolicyBindingList, out *authorizationapi.ClusterPolicyBindingList, s conversion.Scope) error {
213 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
214 
+		defaulting.(func(*apiv1.ClusterPolicyBindingList))(in)
215 
+	}
216 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
217 
+		return err
218 
+	}
219 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
220 
+		return err
221 
+	}
222 
+	if in.Items != nil {
223 
+		out.Items = make([]authorizationapi.ClusterPolicyBinding, len(in.Items))
224 
+		for i := range in.Items {
225 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
226 
+				return err
227 
+			}
228 
+		}
229 
+	} else {
230 
+		out.Items = nil
231 
+	}
232 
+	return nil
233 
+}
234 
+
235 
+func convert_v1_ClusterPolicyList_To_api_ClusterPolicyList(in *apiv1.ClusterPolicyList, out *authorizationapi.ClusterPolicyList, s conversion.Scope) error {
236 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
237 
+		defaulting.(func(*apiv1.ClusterPolicyList))(in)
238 
+	}
239 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
240 
+		return err
241 
+	}
242 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
243 
+		return err
244 
+	}
245 
+	if in.Items != nil {
246 
+		out.Items = make([]authorizationapi.ClusterPolicy, len(in.Items))
247 
+		for i := range in.Items {
248 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
249 
+				return err
250 
+			}
251 
+		}
252 
+	} else {
253 
+		out.Items = nil
254 
+	}
255 
+	return nil
256 
+}
257 
+
258 
+func convert_v1_ClusterRole_To_api_ClusterRole(in *apiv1.ClusterRole, out *authorizationapi.ClusterRole, s conversion.Scope) error {
259 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
260 
+		defaulting.(func(*apiv1.ClusterRole))(in)
261 
+	}
262 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
263 
+		return err
264 
+	}
265 
+	if err := convert_v1_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
266 
+		return err
267 
+	}
268 
+	if in.Rules != nil {
269 
+		out.Rules = make([]authorizationapi.PolicyRule, len(in.Rules))
270 
+		for i := range in.Rules {
271 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
272 
+				return err
273 
+			}
274 
+		}
275 
+	} else {
276 
+		out.Rules = nil
277 
+	}
278 
+	return nil
279 
+}
280 
+
281 
+func convert_v1_ClusterRoleBindingList_To_api_ClusterRoleBindingList(in *apiv1.ClusterRoleBindingList, out *authorizationapi.ClusterRoleBindingList, s conversion.Scope) error {
282 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
283 
+		defaulting.(func(*apiv1.ClusterRoleBindingList))(in)
284 
+	}
285 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
286 
+		return err
287 
+	}
288 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
289 
+		return err
290 
+	}
291 
+	if in.Items != nil {
292 
+		out.Items = make([]authorizationapi.ClusterRoleBinding, len(in.Items))
293 
+		for i := range in.Items {
294 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
295 
+				return err
296 
+			}
297 
+		}
298 
+	} else {
299 
+		out.Items = nil
300 
+	}
301 
+	return nil
302 
+}
303 
+
304 
+func convert_v1_ClusterRoleList_To_api_ClusterRoleList(in *apiv1.ClusterRoleList, out *authorizationapi.ClusterRoleList, s conversion.Scope) error {
305 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
306 
+		defaulting.(func(*apiv1.ClusterRoleList))(in)
307 
+	}
308 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
309 
+		return err
310 
+	}
311 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
312 
+		return err
313 
+	}
314 
+	if in.Items != nil {
315 
+		out.Items = make([]authorizationapi.ClusterRole, len(in.Items))
316 
+		for i := range in.Items {
317 
+			if err := convert_v1_ClusterRole_To_api_ClusterRole(&in.Items[i], &out.Items[i], s); err != nil {
318 
+				return err
319 
+			}
320 
+		}
321 
+	} else {
322 
+		out.Items = nil
323 
+	}
324 
+	return nil
325 
+}
326 
+
212 327 
 func convert_v1_IsPersonalSubjectAccessReview_To_api_IsPersonalSubjectAccessReview(in *apiv1.IsPersonalSubjectAccessReview, out *authorizationapi.IsPersonalSubjectAccessReview, s conversion.Scope) error {
213 328 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
214 329 
 		defaulting.(func(*apiv1.IsPersonalSubjectAccessReview))(in)
... ... 
@@ -219,6 +564,52 @@ func convert_v1_IsPersonalSubjectAccessReview_To_api_IsPersonalSubjectAccessRevi
219 219 
 	return nil
220 220 
 }
221 221
222 
+func convert_v1_PolicyBindingList_To_api_PolicyBindingList(in *apiv1.PolicyBindingList, out *authorizationapi.PolicyBindingList, s conversion.Scope) error {
223 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 
+		defaulting.(func(*apiv1.PolicyBindingList))(in)
225 
+	}
226 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
227 
+		return err
228 
+	}
229 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
230 
+		return err
231 
+	}
232 
+	if in.Items != nil {
233 
+		out.Items = make([]authorizationapi.PolicyBinding, len(in.Items))
234 
+		for i := range in.Items {
235 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
236 
+				return err
237 
+			}
238 
+		}
239 
+	} else {
240 
+		out.Items = nil
241 
+	}
242 
+	return nil
243 
+}
244 
+
245 
+func convert_v1_PolicyList_To_api_PolicyList(in *apiv1.PolicyList, out *authorizationapi.PolicyList, s conversion.Scope) error {
246 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
247 
+		defaulting.(func(*apiv1.PolicyList))(in)
248 
+	}
249 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
250 
+		return err
251 
+	}
252 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
253 
+		return err
254 
+	}
255 
+	if in.Items != nil {
256 
+		out.Items = make([]authorizationapi.Policy, len(in.Items))
257 
+		for i := range in.Items {
258 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
259 
+				return err
260 
+			}
261 
+		}
262 
+	} else {
263 
+		out.Items = nil
264 
+	}
265 
+	return nil
266 
+}
267 
+
222 268 
 func convert_v1_ResourceAccessReview_To_api_ResourceAccessReview(in *apiv1.ResourceAccessReview, out *authorizationapi.ResourceAccessReview, s conversion.Scope) error {
223 269 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 270 
 		defaulting.(func(*apiv1.ResourceAccessReview))(in)
... ... 
@@ -235,6 +626,75 @@ func convert_v1_ResourceAccessReview_To_api_ResourceAccessReview(in *apiv1.Resou
235 235 
 	return nil
236 236 
 }
237 237
238 
+func convert_v1_Role_To_api_Role(in *apiv1.Role, out *authorizationapi.Role, s conversion.Scope) error {
239 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
240 
+		defaulting.(func(*apiv1.Role))(in)
241 
+	}
242 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
243 
+		return err
244 
+	}
245 
+	if err := convert_v1_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
246 
+		return err
247 
+	}
248 
+	if in.Rules != nil {
249 
+		out.Rules = make([]authorizationapi.PolicyRule, len(in.Rules))
250 
+		for i := range in.Rules {
251 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
252 
+				return err
253 
+			}
254 
+		}
255 
+	} else {
256 
+		out.Rules = nil
257 
+	}
258 
+	return nil
259 
+}
260 
+
261 
+func convert_v1_RoleBindingList_To_api_RoleBindingList(in *apiv1.RoleBindingList, out *authorizationapi.RoleBindingList, s conversion.Scope) error {
262 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
263 
+		defaulting.(func(*apiv1.RoleBindingList))(in)
264 
+	}
265 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
266 
+		return err
267 
+	}
268 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
269 
+		return err
270 
+	}
271 
+	if in.Items != nil {
272 
+		out.Items = make([]authorizationapi.RoleBinding, len(in.Items))
273 
+		for i := range in.Items {
274 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
275 
+				return err
276 
+			}
277 
+		}
278 
+	} else {
279 
+		out.Items = nil
280 
+	}
281 
+	return nil
282 
+}
283 
+
284 
+func convert_v1_RoleList_To_api_RoleList(in *apiv1.RoleList, out *authorizationapi.RoleList, s conversion.Scope) error {
285 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
286 
+		defaulting.(func(*apiv1.RoleList))(in)
287 
+	}
288 
+	if err := convert_v1_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
289 
+		return err
290 
+	}
291 
+	if err := convert_v1_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
292 
+		return err
293 
+	}
294 
+	if in.Items != nil {
295 
+		out.Items = make([]authorizationapi.Role, len(in.Items))
296 
+		for i := range in.Items {
297 
+			if err := convert_v1_Role_To_api_Role(&in.Items[i], &out.Items[i], s); err != nil {
298 
+				return err
299 
+			}
300 
+		}
301 
+	} else {
302 
+		out.Items = nil
303 
+	}
304 
+	return nil
305 
+}
306 
+
238 307 
 func convert_v1_SubjectAccessReviewResponse_To_api_SubjectAccessReviewResponse(in *apiv1.SubjectAccessReviewResponse, out *authorizationapi.SubjectAccessReviewResponse, s conversion.Scope) error {
239 308 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
240 309 
 		defaulting.(func(*apiv1.SubjectAccessReviewResponse))(in)
... ... 
@@ -1891,6 +2351,11 @@ func init() {
1891 1891 
 		convert_api_BuildRequest_To_v1_BuildRequest,
1892 1892 
 		convert_api_ClusterNetworkList_To_v1_ClusterNetworkList,
1893 1893 
 		convert_api_ClusterNetwork_To_v1_ClusterNetwork,
1894 
+		convert_api_ClusterPolicyBindingList_To_v1_ClusterPolicyBindingList,
1895 
+		convert_api_ClusterPolicyList_To_v1_ClusterPolicyList,
1896 
+		convert_api_ClusterRoleBindingList_To_v1_ClusterRoleBindingList,
1897 
+		convert_api_ClusterRoleList_To_v1_ClusterRoleList,
1898 
+		convert_api_ClusterRole_To_v1_ClusterRole,
1894 1899 
 		convert_api_DeploymentConfigList_To_v1_DeploymentConfigList,
1895 1900 
 		convert_api_DeploymentConfigRollbackSpec_To_v1_DeploymentConfigRollbackSpec,
1896 1901 
 		convert_api_DeploymentConfigRollback_To_v1_DeploymentConfigRollback,
... ... 
@@ -1917,12 +2382,17 @@ func init() {
1917 1917 
 		convert_api_ObjectMeta_To_v1_ObjectMeta,
1918 1918 
 		convert_api_ObjectReference_To_v1_ObjectReference,
1919 1919 
 		convert_api_Parameter_To_v1_Parameter,
1920 
+		convert_api_PolicyBindingList_To_v1_PolicyBindingList,
1921 
+		convert_api_PolicyList_To_v1_PolicyList,
1920 1922 
 		convert_api_ProjectList_To_v1_ProjectList,
1921 1923 
 		convert_api_ProjectRequest_To_v1_ProjectRequest,
1922 1924 
 		convert_api_ProjectSpec_To_v1_ProjectSpec,
1923 1925 
 		convert_api_ProjectStatus_To_v1_ProjectStatus,
1924 1926 
 		convert_api_Project_To_v1_Project,
1925 1927 
 		convert_api_ResourceAccessReview_To_v1_ResourceAccessReview,
1928 
+		convert_api_RoleBindingList_To_v1_RoleBindingList,
1929 
+		convert_api_RoleList_To_v1_RoleList,
1930 
+		convert_api_Role_To_v1_Role,
1926 1931 
 		convert_api_RouteList_To_v1_RouteList,
1927 1932 
 		convert_api_SourceControlUser_To_v1_SourceControlUser,
1928 1933 
 		convert_api_SourceRevision_To_v1_SourceRevision,
... ... 
@@ -1939,6 +2409,11 @@ func init() {
1939 1939 
 		convert_v1_BuildRequest_To_api_BuildRequest,
1940 1940 
 		convert_v1_ClusterNetworkList_To_api_ClusterNetworkList,
1941 1941 
 		convert_v1_ClusterNetwork_To_api_ClusterNetwork,
1942 
+		convert_v1_ClusterPolicyBindingList_To_api_ClusterPolicyBindingList,
1943 
+		convert_v1_ClusterPolicyList_To_api_ClusterPolicyList,
1944 
+		convert_v1_ClusterRoleBindingList_To_api_ClusterRoleBindingList,
1945 
+		convert_v1_ClusterRoleList_To_api_ClusterRoleList,
1946 
+		convert_v1_ClusterRole_To_api_ClusterRole,
1942 1947 
 		convert_v1_DeploymentConfigList_To_api_DeploymentConfigList,
1943 1948 
 		convert_v1_DeploymentConfigRollbackSpec_To_api_DeploymentConfigRollbackSpec,
1944 1949 
 		convert_v1_DeploymentConfigRollback_To_api_DeploymentConfigRollback,
... ... 
@@ -1965,12 +2440,17 @@ func init() {
1965 1965 
 		convert_v1_ObjectMeta_To_api_ObjectMeta,
1966 1966 
 		convert_v1_ObjectReference_To_api_ObjectReference,
1967 1967 
 		convert_v1_Parameter_To_api_Parameter,
1968 
+		convert_v1_PolicyBindingList_To_api_PolicyBindingList,
1969 
+		convert_v1_PolicyList_To_api_PolicyList,
1968 1970 
 		convert_v1_ProjectList_To_api_ProjectList,
1969 1971 
 		convert_v1_ProjectRequest_To_api_ProjectRequest,
1970 1972 
 		convert_v1_ProjectSpec_To_api_ProjectSpec,
1971 1973 
 		convert_v1_ProjectStatus_To_api_ProjectStatus,
1972 1974 
 		convert_v1_Project_To_api_Project,
1973 1975 
 		convert_v1_ResourceAccessReview_To_api_ResourceAccessReview,
1976 
+		convert_v1_RoleBindingList_To_api_RoleBindingList,
1977 
+		convert_v1_RoleList_To_api_RoleList,
1978 
+		convert_v1_Role_To_api_Role,
1974 1979 
 		convert_v1_RouteList_To_api_RouteList,
1975 1980 
 		convert_v1_SourceControlUser_To_api_SourceControlUser,
1976 1981 
 		convert_v1_SourceRevision_To_api_SourceRevision,
pkg/api/v1beta3/conversion_generated.go
History View file @ 5ef5ce1
... ... 
@@ -170,6 +170,140 @@ func convert_v1beta3_TypeMeta_To_api_TypeMeta(in *v1beta3.TypeMeta, out *api.Typ
170 170 
 	return nil
171 171 
 }
172 172
173 
+func convert_api_ClusterPolicy_To_v1beta3_ClusterPolicy(in *authorizationapi.ClusterPolicy, out *apiv1beta3.ClusterPolicy, s conversion.Scope) error {
174 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
175 
+		defaulting.(func(*authorizationapi.ClusterPolicy))(in)
176 
+	}
177 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
178 
+		return err
179 
+	}
180 
+	if err := convert_api_ObjectMeta_To_v1beta3_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
181 
+		return err
182 
+	}
183 
+	if err := s.Convert(&in.LastModified, &out.LastModified, 0); err != nil {
184 
+		return err
185 
+	}
186 
+	if err := s.Convert(&in.Roles, &out.Roles, 0); err != nil {
187 
+		return err
188 
+	}
189 
+	return nil
190 
+}
191 
+
192 
+func convert_api_ClusterPolicyBindingList_To_v1beta3_ClusterPolicyBindingList(in *authorizationapi.ClusterPolicyBindingList, out *apiv1beta3.ClusterPolicyBindingList, s conversion.Scope) error {
193 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
194 
+		defaulting.(func(*authorizationapi.ClusterPolicyBindingList))(in)
195 
+	}
196 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
197 
+		return err
198 
+	}
199 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
200 
+		return err
201 
+	}
202 
+	if in.Items != nil {
203 
+		out.Items = make([]apiv1beta3.ClusterPolicyBinding, len(in.Items))
204 
+		for i := range in.Items {
205 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
206 
+				return err
207 
+			}
208 
+		}
209 
+	} else {
210 
+		out.Items = nil
211 
+	}
212 
+	return nil
213 
+}
214 
+
215 
+func convert_api_ClusterPolicyList_To_v1beta3_ClusterPolicyList(in *authorizationapi.ClusterPolicyList, out *apiv1beta3.ClusterPolicyList, s conversion.Scope) error {
216 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
217 
+		defaulting.(func(*authorizationapi.ClusterPolicyList))(in)
218 
+	}
219 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
220 
+		return err
221 
+	}
222 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
223 
+		return err
224 
+	}
225 
+	if in.Items != nil {
226 
+		out.Items = make([]apiv1beta3.ClusterPolicy, len(in.Items))
227 
+		for i := range in.Items {
228 
+			if err := convert_api_ClusterPolicy_To_v1beta3_ClusterPolicy(&in.Items[i], &out.Items[i], s); err != nil {
229 
+				return err
230 
+			}
231 
+		}
232 
+	} else {
233 
+		out.Items = nil
234 
+	}
235 
+	return nil
236 
+}
237 
+
238 
+func convert_api_ClusterRole_To_v1beta3_ClusterRole(in *authorizationapi.ClusterRole, out *apiv1beta3.ClusterRole, s conversion.Scope) error {
239 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
240 
+		defaulting.(func(*authorizationapi.ClusterRole))(in)
241 
+	}
242 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
243 
+		return err
244 
+	}
245 
+	if err := convert_api_ObjectMeta_To_v1beta3_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
246 
+		return err
247 
+	}
248 
+	if in.Rules != nil {
249 
+		out.Rules = make([]apiv1beta3.PolicyRule, len(in.Rules))
250 
+		for i := range in.Rules {
251 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
252 
+				return err
253 
+			}
254 
+		}
255 
+	} else {
256 
+		out.Rules = nil
257 
+	}
258 
+	return nil
259 
+}
260 
+
261 
+func convert_api_ClusterRoleBindingList_To_v1beta3_ClusterRoleBindingList(in *authorizationapi.ClusterRoleBindingList, out *apiv1beta3.ClusterRoleBindingList, s conversion.Scope) error {
262 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
263 
+		defaulting.(func(*authorizationapi.ClusterRoleBindingList))(in)
264 
+	}
265 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
266 
+		return err
267 
+	}
268 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
269 
+		return err
270 
+	}
271 
+	if in.Items != nil {
272 
+		out.Items = make([]apiv1beta3.ClusterRoleBinding, len(in.Items))
273 
+		for i := range in.Items {
274 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
275 
+				return err
276 
+			}
277 
+		}
278 
+	} else {
279 
+		out.Items = nil
280 
+	}
281 
+	return nil
282 
+}
283 
+
284 
+func convert_api_ClusterRoleList_To_v1beta3_ClusterRoleList(in *authorizationapi.ClusterRoleList, out *apiv1beta3.ClusterRoleList, s conversion.Scope) error {
285 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
286 
+		defaulting.(func(*authorizationapi.ClusterRoleList))(in)
287 
+	}
288 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
289 
+		return err
290 
+	}
291 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
292 
+		return err
293 
+	}
294 
+	if in.Items != nil {
295 
+		out.Items = make([]apiv1beta3.ClusterRole, len(in.Items))
296 
+		for i := range in.Items {
297 
+			if err := convert_api_ClusterRole_To_v1beta3_ClusterRole(&in.Items[i], &out.Items[i], s); err != nil {
298 
+				return err
299 
+			}
300 
+		}
301 
+	} else {
302 
+		out.Items = nil
303 
+	}
304 
+	return nil
305 
+}
306 
+
173 307 
 func convert_api_IsPersonalSubjectAccessReview_To_v1beta3_IsPersonalSubjectAccessReview(in *authorizationapi.IsPersonalSubjectAccessReview, out *apiv1beta3.IsPersonalSubjectAccessReview, s conversion.Scope) error {
174 308 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
175 309 
 		defaulting.(func(*authorizationapi.IsPersonalSubjectAccessReview))(in)
... ... 
@@ -180,6 +314,52 @@ func convert_api_IsPersonalSubjectAccessReview_To_v1beta3_IsPersonalSubjectAcces
180 180 
 	return nil
181 181 
 }
182 182
183 
+func convert_api_PolicyBindingList_To_v1beta3_PolicyBindingList(in *authorizationapi.PolicyBindingList, out *apiv1beta3.PolicyBindingList, s conversion.Scope) error {
184 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
185 
+		defaulting.(func(*authorizationapi.PolicyBindingList))(in)
186 
+	}
187 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
188 
+		return err
189 
+	}
190 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
191 
+		return err
192 
+	}
193 
+	if in.Items != nil {
194 
+		out.Items = make([]apiv1beta3.PolicyBinding, len(in.Items))
195 
+		for i := range in.Items {
196 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
197 
+				return err
198 
+			}
199 
+		}
200 
+	} else {
201 
+		out.Items = nil
202 
+	}
203 
+	return nil
204 
+}
205 
+
206 
+func convert_api_PolicyList_To_v1beta3_PolicyList(in *authorizationapi.PolicyList, out *apiv1beta3.PolicyList, s conversion.Scope) error {
207 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
208 
+		defaulting.(func(*authorizationapi.PolicyList))(in)
209 
+	}
210 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
211 
+		return err
212 
+	}
213 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
214 
+		return err
215 
+	}
216 
+	if in.Items != nil {
217 
+		out.Items = make([]apiv1beta3.Policy, len(in.Items))
218 
+		for i := range in.Items {
219 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
220 
+				return err
221 
+			}
222 
+		}
223 
+	} else {
224 
+		out.Items = nil
225 
+	}
226 
+	return nil
227 
+}
228 
+
183 229 
 func convert_api_ResourceAccessReview_To_v1beta3_ResourceAccessReview(in *authorizationapi.ResourceAccessReview, out *apiv1beta3.ResourceAccessReview, s conversion.Scope) error {
184 230 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
185 231 
 		defaulting.(func(*authorizationapi.ResourceAccessReview))(in)
... ... 
@@ -196,6 +376,75 @@ func convert_api_ResourceAccessReview_To_v1beta3_ResourceAccessReview(in *author
196 196 
 	return nil
197 197 
 }
198 198
199 
+func convert_api_Role_To_v1beta3_Role(in *authorizationapi.Role, out *apiv1beta3.Role, s conversion.Scope) error {
200 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
201 
+		defaulting.(func(*authorizationapi.Role))(in)
202 
+	}
203 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
204 
+		return err
205 
+	}
206 
+	if err := convert_api_ObjectMeta_To_v1beta3_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
207 
+		return err
208 
+	}
209 
+	if in.Rules != nil {
210 
+		out.Rules = make([]apiv1beta3.PolicyRule, len(in.Rules))
211 
+		for i := range in.Rules {
212 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
213 
+				return err
214 
+			}
215 
+		}
216 
+	} else {
217 
+		out.Rules = nil
218 
+	}
219 
+	return nil
220 
+}
221 
+
222 
+func convert_api_RoleBindingList_To_v1beta3_RoleBindingList(in *authorizationapi.RoleBindingList, out *apiv1beta3.RoleBindingList, s conversion.Scope) error {
223 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 
+		defaulting.(func(*authorizationapi.RoleBindingList))(in)
225 
+	}
226 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
227 
+		return err
228 
+	}
229 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
230 
+		return err
231 
+	}
232 
+	if in.Items != nil {
233 
+		out.Items = make([]apiv1beta3.RoleBinding, len(in.Items))
234 
+		for i := range in.Items {
235 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
236 
+				return err
237 
+			}
238 
+		}
239 
+	} else {
240 
+		out.Items = nil
241 
+	}
242 
+	return nil
243 
+}
244 
+
245 
+func convert_api_RoleList_To_v1beta3_RoleList(in *authorizationapi.RoleList, out *apiv1beta3.RoleList, s conversion.Scope) error {
246 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
247 
+		defaulting.(func(*authorizationapi.RoleList))(in)
248 
+	}
249 
+	if err := convert_api_TypeMeta_To_v1beta3_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
250 
+		return err
251 
+	}
252 
+	if err := convert_api_ListMeta_To_v1beta3_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
253 
+		return err
254 
+	}
255 
+	if in.Items != nil {
256 
+		out.Items = make([]apiv1beta3.Role, len(in.Items))
257 
+		for i := range in.Items {
258 
+			if err := convert_api_Role_To_v1beta3_Role(&in.Items[i], &out.Items[i], s); err != nil {
259 
+				return err
260 
+			}
261 
+		}
262 
+	} else {
263 
+		out.Items = nil
264 
+	}
265 
+	return nil
266 
+}
267 
+
199 268 
 func convert_api_SubjectAccessReviewResponse_To_v1beta3_SubjectAccessReviewResponse(in *authorizationapi.SubjectAccessReviewResponse, out *apiv1beta3.SubjectAccessReviewResponse, s conversion.Scope) error {
200 269 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
201 270 
 		defaulting.(func(*authorizationapi.SubjectAccessReviewResponse))(in)
... ... 
@@ -209,6 +458,140 @@ func convert_api_SubjectAccessReviewResponse_To_v1beta3_SubjectAccessReviewRespo
209 209 
 	return nil
210 210 
 }
211 211
212 
+func convert_v1beta3_ClusterPolicy_To_api_ClusterPolicy(in *apiv1beta3.ClusterPolicy, out *authorizationapi.ClusterPolicy, s conversion.Scope) error {
213 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
214 
+		defaulting.(func(*apiv1beta3.ClusterPolicy))(in)
215 
+	}
216 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
217 
+		return err
218 
+	}
219 
+	if err := convert_v1beta3_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
220 
+		return err
221 
+	}
222 
+	if err := s.Convert(&in.LastModified, &out.LastModified, 0); err != nil {
223 
+		return err
224 
+	}
225 
+	if err := s.Convert(&in.Roles, &out.Roles, 0); err != nil {
226 
+		return err
227 
+	}
228 
+	return nil
229 
+}
230 
+
231 
+func convert_v1beta3_ClusterPolicyBindingList_To_api_ClusterPolicyBindingList(in *apiv1beta3.ClusterPolicyBindingList, out *authorizationapi.ClusterPolicyBindingList, s conversion.Scope) error {
232 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
233 
+		defaulting.(func(*apiv1beta3.ClusterPolicyBindingList))(in)
234 
+	}
235 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
236 
+		return err
237 
+	}
238 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
239 
+		return err
240 
+	}
241 
+	if in.Items != nil {
242 
+		out.Items = make([]authorizationapi.ClusterPolicyBinding, len(in.Items))
243 
+		for i := range in.Items {
244 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
245 
+				return err
246 
+			}
247 
+		}
248 
+	} else {
249 
+		out.Items = nil
250 
+	}
251 
+	return nil
252 
+}
253 
+
254 
+func convert_v1beta3_ClusterPolicyList_To_api_ClusterPolicyList(in *apiv1beta3.ClusterPolicyList, out *authorizationapi.ClusterPolicyList, s conversion.Scope) error {
255 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
256 
+		defaulting.(func(*apiv1beta3.ClusterPolicyList))(in)
257 
+	}
258 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
259 
+		return err
260 
+	}
261 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
262 
+		return err
263 
+	}
264 
+	if in.Items != nil {
265 
+		out.Items = make([]authorizationapi.ClusterPolicy, len(in.Items))
266 
+		for i := range in.Items {
267 
+			if err := convert_v1beta3_ClusterPolicy_To_api_ClusterPolicy(&in.Items[i], &out.Items[i], s); err != nil {
268 
+				return err
269 
+			}
270 
+		}
271 
+	} else {
272 
+		out.Items = nil
273 
+	}
274 
+	return nil
275 
+}
276 
+
277 
+func convert_v1beta3_ClusterRole_To_api_ClusterRole(in *apiv1beta3.ClusterRole, out *authorizationapi.ClusterRole, s conversion.Scope) error {
278 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
279 
+		defaulting.(func(*apiv1beta3.ClusterRole))(in)
280 
+	}
281 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
282 
+		return err
283 
+	}
284 
+	if err := convert_v1beta3_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
285 
+		return err
286 
+	}
287 
+	if in.Rules != nil {
288 
+		out.Rules = make([]authorizationapi.PolicyRule, len(in.Rules))
289 
+		for i := range in.Rules {
290 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
291 
+				return err
292 
+			}
293 
+		}
294 
+	} else {
295 
+		out.Rules = nil
296 
+	}
297 
+	return nil
298 
+}
299 
+
300 
+func convert_v1beta3_ClusterRoleBindingList_To_api_ClusterRoleBindingList(in *apiv1beta3.ClusterRoleBindingList, out *authorizationapi.ClusterRoleBindingList, s conversion.Scope) error {
301 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
302 
+		defaulting.(func(*apiv1beta3.ClusterRoleBindingList))(in)
303 
+	}
304 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
305 
+		return err
306 
+	}
307 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
308 
+		return err
309 
+	}
310 
+	if in.Items != nil {
311 
+		out.Items = make([]authorizationapi.ClusterRoleBinding, len(in.Items))
312 
+		for i := range in.Items {
313 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
314 
+				return err
315 
+			}
316 
+		}
317 
+	} else {
318 
+		out.Items = nil
319 
+	}
320 
+	return nil
321 
+}
322 
+
323 
+func convert_v1beta3_ClusterRoleList_To_api_ClusterRoleList(in *apiv1beta3.ClusterRoleList, out *authorizationapi.ClusterRoleList, s conversion.Scope) error {
324 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
325 
+		defaulting.(func(*apiv1beta3.ClusterRoleList))(in)
326 
+	}
327 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
328 
+		return err
329 
+	}
330 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
331 
+		return err
332 
+	}
333 
+	if in.Items != nil {
334 
+		out.Items = make([]authorizationapi.ClusterRole, len(in.Items))
335 
+		for i := range in.Items {
336 
+			if err := convert_v1beta3_ClusterRole_To_api_ClusterRole(&in.Items[i], &out.Items[i], s); err != nil {
337 
+				return err
338 
+			}
339 
+		}
340 
+	} else {
341 
+		out.Items = nil
342 
+	}
343 
+	return nil
344 
+}
345 
+
212 346 
 func convert_v1beta3_IsPersonalSubjectAccessReview_To_api_IsPersonalSubjectAccessReview(in *apiv1beta3.IsPersonalSubjectAccessReview, out *authorizationapi.IsPersonalSubjectAccessReview, s conversion.Scope) error {
213 347 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
214 348 
 		defaulting.(func(*apiv1beta3.IsPersonalSubjectAccessReview))(in)
... ... 
@@ -219,6 +602,52 @@ func convert_v1beta3_IsPersonalSubjectAccessReview_To_api_IsPersonalSubjectAcces
219 219 
 	return nil
220 220 
 }
221 221
222 
+func convert_v1beta3_PolicyBindingList_To_api_PolicyBindingList(in *apiv1beta3.PolicyBindingList, out *authorizationapi.PolicyBindingList, s conversion.Scope) error {
223 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 
+		defaulting.(func(*apiv1beta3.PolicyBindingList))(in)
225 
+	}
226 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
227 
+		return err
228 
+	}
229 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
230 
+		return err
231 
+	}
232 
+	if in.Items != nil {
233 
+		out.Items = make([]authorizationapi.PolicyBinding, len(in.Items))
234 
+		for i := range in.Items {
235 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
236 
+				return err
237 
+			}
238 
+		}
239 
+	} else {
240 
+		out.Items = nil
241 
+	}
242 
+	return nil
243 
+}
244 
+
245 
+func convert_v1beta3_PolicyList_To_api_PolicyList(in *apiv1beta3.PolicyList, out *authorizationapi.PolicyList, s conversion.Scope) error {
246 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
247 
+		defaulting.(func(*apiv1beta3.PolicyList))(in)
248 
+	}
249 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
250 
+		return err
251 
+	}
252 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
253 
+		return err
254 
+	}
255 
+	if in.Items != nil {
256 
+		out.Items = make([]authorizationapi.Policy, len(in.Items))
257 
+		for i := range in.Items {
258 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
259 
+				return err
260 
+			}
261 
+		}
262 
+	} else {
263 
+		out.Items = nil
264 
+	}
265 
+	return nil
266 
+}
267 
+
222 268 
 func convert_v1beta3_ResourceAccessReview_To_api_ResourceAccessReview(in *apiv1beta3.ResourceAccessReview, out *authorizationapi.ResourceAccessReview, s conversion.Scope) error {
223 269 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
224 270 
 		defaulting.(func(*apiv1beta3.ResourceAccessReview))(in)
... ... 
@@ -235,6 +664,75 @@ func convert_v1beta3_ResourceAccessReview_To_api_ResourceAccessReview(in *apiv1b
235 235 
 	return nil
236 236 
 }
237 237
238 
+func convert_v1beta3_Role_To_api_Role(in *apiv1beta3.Role, out *authorizationapi.Role, s conversion.Scope) error {
239 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
240 
+		defaulting.(func(*apiv1beta3.Role))(in)
241 
+	}
242 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
243 
+		return err
244 
+	}
245 
+	if err := convert_v1beta3_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
246 
+		return err
247 
+	}
248 
+	if in.Rules != nil {
249 
+		out.Rules = make([]authorizationapi.PolicyRule, len(in.Rules))
250 
+		for i := range in.Rules {
251 
+			if err := s.Convert(&in.Rules[i], &out.Rules[i], 0); err != nil {
252 
+				return err
253 
+			}
254 
+		}
255 
+	} else {
256 
+		out.Rules = nil
257 
+	}
258 
+	return nil
259 
+}
260 
+
261 
+func convert_v1beta3_RoleBindingList_To_api_RoleBindingList(in *apiv1beta3.RoleBindingList, out *authorizationapi.RoleBindingList, s conversion.Scope) error {
262 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
263 
+		defaulting.(func(*apiv1beta3.RoleBindingList))(in)
264 
+	}
265 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
266 
+		return err
267 
+	}
268 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
269 
+		return err
270 
+	}
271 
+	if in.Items != nil {
272 
+		out.Items = make([]authorizationapi.RoleBinding, len(in.Items))
273 
+		for i := range in.Items {
274 
+			if err := s.Convert(&in.Items[i], &out.Items[i], 0); err != nil {
275 
+				return err
276 
+			}
277 
+		}
278 
+	} else {
279 
+		out.Items = nil
280 
+	}
281 
+	return nil
282 
+}
283 
+
284 
+func convert_v1beta3_RoleList_To_api_RoleList(in *apiv1beta3.RoleList, out *authorizationapi.RoleList, s conversion.Scope) error {
285 
+	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
286 
+		defaulting.(func(*apiv1beta3.RoleList))(in)
287 
+	}
288 
+	if err := convert_v1beta3_TypeMeta_To_api_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
289 
+		return err
290 
+	}
291 
+	if err := convert_v1beta3_ListMeta_To_api_ListMeta(&in.ListMeta, &out.ListMeta, s); err != nil {
292 
+		return err
293 
+	}
294 
+	if in.Items != nil {
295 
+		out.Items = make([]authorizationapi.Role, len(in.Items))
296 
+		for i := range in.Items {
297 
+			if err := convert_v1beta3_Role_To_api_Role(&in.Items[i], &out.Items[i], s); err != nil {
298 
+				return err
299 
+			}
300 
+		}
301 
+	} else {
302 
+		out.Items = nil
303 
+	}
304 
+	return nil
305 
+}
306 
+
238 307 
 func convert_v1beta3_SubjectAccessReviewResponse_To_api_SubjectAccessReviewResponse(in *apiv1beta3.SubjectAccessReviewResponse, out *authorizationapi.SubjectAccessReviewResponse, s conversion.Scope) error {
239 308 
 	if defaulting, found := s.DefaultingInterface(reflect.TypeOf(*in)); found {
240 309 
 		defaulting.(func(*apiv1beta3.SubjectAccessReviewResponse))(in)
... ... 
@@ -1789,6 +2287,12 @@ func init() {
1789 1789 
 		convert_api_BuildRequest_To_v1beta3_BuildRequest,
1790 1790 
 		convert_api_ClusterNetworkList_To_v1beta3_ClusterNetworkList,
1791 1791 
 		convert_api_ClusterNetwork_To_v1beta3_ClusterNetwork,
1792 
+		convert_api_ClusterPolicyBindingList_To_v1beta3_ClusterPolicyBindingList,
1793 
+		convert_api_ClusterPolicyList_To_v1beta3_ClusterPolicyList,
1794 
+		convert_api_ClusterPolicy_To_v1beta3_ClusterPolicy,
1795 
+		convert_api_ClusterRoleBindingList_To_v1beta3_ClusterRoleBindingList,
1796 
+		convert_api_ClusterRoleList_To_v1beta3_ClusterRoleList,
1797 
+		convert_api_ClusterRole_To_v1beta3_ClusterRole,
1792 1798 
 		convert_api_DeploymentConfigList_To_v1beta3_DeploymentConfigList,
1793 1799 
 		convert_api_DeploymentConfigRollbackSpec_To_v1beta3_DeploymentConfigRollbackSpec,
1794 1800 
 		convert_api_DeploymentConfigRollback_To_v1beta3_DeploymentConfigRollback,
... ... 
@@ -1812,12 +2316,17 @@ func init() {
1812 1812 
 		convert_api_ObjectMeta_To_v1beta3_ObjectMeta,
1813 1813 
 		convert_api_ObjectReference_To_v1beta3_ObjectReference,
1814 1814 
 		convert_api_Parameter_To_v1beta3_Parameter,
1815 
+		convert_api_PolicyBindingList_To_v1beta3_PolicyBindingList,
1816 
+		convert_api_PolicyList_To_v1beta3_PolicyList,
1815 1817 
 		convert_api_ProjectList_To_v1beta3_ProjectList,
1816 1818 
 		convert_api_ProjectRequest_To_v1beta3_ProjectRequest,
1817 1819 
 		convert_api_ProjectSpec_To_v1beta3_ProjectSpec,
1818 1820 
 		convert_api_ProjectStatus_To_v1beta3_ProjectStatus,
1819 1821 
 		convert_api_Project_To_v1beta3_Project,
1820 1822 
 		convert_api_ResourceAccessReview_To_v1beta3_ResourceAccessReview,
1823 
+		convert_api_RoleBindingList_To_v1beta3_RoleBindingList,
1824 
+		convert_api_RoleList_To_v1beta3_RoleList,
1825 
+		convert_api_Role_To_v1beta3_Role,
1821 1826 
 		convert_api_RouteList_To_v1beta3_RouteList,
1822 1827 
 		convert_api_SourceControlUser_To_v1beta3_SourceControlUser,
1823 1828 
 		convert_api_SourceRevision_To_v1beta3_SourceRevision,
... ... 
@@ -1834,6 +2343,12 @@ func init() {
1834 1834 
 		convert_v1beta3_BuildRequest_To_api_BuildRequest,
1835 1835 
 		convert_v1beta3_ClusterNetworkList_To_api_ClusterNetworkList,
1836 1836 
 		convert_v1beta3_ClusterNetwork_To_api_ClusterNetwork,
1837 
+		convert_v1beta3_ClusterPolicyBindingList_To_api_ClusterPolicyBindingList,
1838 
+		convert_v1beta3_ClusterPolicyList_To_api_ClusterPolicyList,
1839 
+		convert_v1beta3_ClusterPolicy_To_api_ClusterPolicy,
1840 
+		convert_v1beta3_ClusterRoleBindingList_To_api_ClusterRoleBindingList,
1841 
+		convert_v1beta3_ClusterRoleList_To_api_ClusterRoleList,
1842 
+		convert_v1beta3_ClusterRole_To_api_ClusterRole,
1837 1843 
 		convert_v1beta3_DeploymentConfigList_To_api_DeploymentConfigList,
1838 1844 
 		convert_v1beta3_DeploymentConfigRollbackSpec_To_api_DeploymentConfigRollbackSpec,
1839 1845 
 		convert_v1beta3_DeploymentConfigRollback_To_api_DeploymentConfigRollback,
... ... 
@@ -1857,12 +2372,17 @@ func init() {
1857 1857 
 		convert_v1beta3_ObjectMeta_To_api_ObjectMeta,
1858 1858 
 		convert_v1beta3_ObjectReference_To_api_ObjectReference,
1859 1859 
 		convert_v1beta3_Parameter_To_api_Parameter,
1860 
+		convert_v1beta3_PolicyBindingList_To_api_PolicyBindingList,
1861 
+		convert_v1beta3_PolicyList_To_api_PolicyList,
1860 1862 
 		convert_v1beta3_ProjectList_To_api_ProjectList,
1861 1863 
 		convert_v1beta3_ProjectRequest_To_api_ProjectRequest,
1862 1864 
 		convert_v1beta3_ProjectSpec_To_api_ProjectSpec,
1863 1865 
 		convert_v1beta3_ProjectStatus_To_api_ProjectStatus,
1864 1866 
 		convert_v1beta3_Project_To_api_Project,
1865 1867 
 		convert_v1beta3_ResourceAccessReview_To_api_ResourceAccessReview,
1868 
+		convert_v1beta3_RoleBindingList_To_api_RoleBindingList,
1869 
+		convert_v1beta3_RoleList_To_api_RoleList,
1870 
+		convert_v1beta3_Role_To_api_Role,
1866 1871 
 		convert_v1beta3_RouteList_To_api_RouteList,
1867 1872 
 		convert_v1beta3_SourceControlUser_To_api_SourceControlUser,
1868 1873 
 		convert_v1beta3_SourceRevision_To_api_SourceRevision,
pkg/authorization/api/validation/validation.go
History View file @ 5ef5ce1
... ... 
@@ -68,6 +68,10 @@ func ValidatePolicy(policy *authorizationapi.Policy, isNamespaced bool) fielderr
68 68 
 	allErrs = append(allErrs, validation.ValidateObjectMeta(&policy.ObjectMeta, isNamespaced, ValidatePolicyName).Prefix("metadata")...)
69 69
70 70 
 	for roleKey, role := range policy.Roles {
71 
+		if role == nil {
72 
+			allErrs = append(allErrs, fielderrors.NewFieldRequired("roles."+roleKey))
73 
+		}
74 
+
71 75 
 		if roleKey != role.Name {
72 76 
 			allErrs = append(allErrs, fielderrors.NewFieldInvalid("roles."+roleKey+".metadata.name", role.Name, "must be "+roleKey))
73 77 
 		}
... ... 
@@ -126,6 +130,10 @@ func ValidatePolicyBinding(policyBinding *authorizationapi.PolicyBinding, isName
126 126 
 	}
127 127
128 128 
 	for roleBindingKey, roleBinding := range policyBinding.RoleBindings {
129 
+		if roleBinding == nil {
130 
+			allErrs = append(allErrs, fielderrors.NewFieldRequired("roleBindings."+roleBindingKey))
131 
+		}
132 
+
129 133 
 		if roleBinding.RoleRef.Namespace != policyBinding.PolicyRef.Namespace {
130 134 
 			allErrs = append(allErrs, fielderrors.NewFieldInvalid("roleBindings."+roleBindingKey+".roleRef.namespace", policyBinding.PolicyRef.Namespace, "must be "+policyBinding.PolicyRef.Namespace))
131 135 
 		}
pkg/authorization/authorizer/authorizer.go
History View file @ 5ef5ce1
... ... 
@@ -99,15 +99,15 @@ func (a *openshiftAuthorizer) getAllowedSubjectsFromNamespaceBindings(ctx kapi.C
99 99 
 			return nil, nil, err
100 100 
 		}
101 101
102 
-		for _, rule := range role.Rules {
102 
+		for _, rule := range role.Rules() {
103 103 
 			matches, err := attributes.RuleMatches(rule)
104 104 
 			if err != nil {
105 105 
 				return nil, nil, err
106 106 
 			}
107 107
108 108 
 			if matches {
109 
-				users.Insert(roleBinding.Users.List()...)
110 
-				groups.Insert(roleBinding.Groups.List()...)
109 
+				users.Insert(roleBinding.Users().List()...)
110 
+				groups.Insert(roleBinding.Groups().List()...)
111 111 
 			}
112 112 
 		}
113 113 
 	}
pkg/authorization/authorizer/authorizer_test.go
History View file @ 5ef5ce1
... ... 
@@ -11,8 +11,6 @@ import (
11 11 
 	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
12 12
13 13 
 	authorizationapi "github.com/openshift/origin/pkg/authorization/api"
14 
-	clusterpolicyregistry "github.com/openshift/origin/pkg/authorization/registry/clusterpolicy"
15 
-	clusterpolicybindingregistry "github.com/openshift/origin/pkg/authorization/registry/clusterpolicybinding"
16 14 
 	testpolicyregistry "github.com/openshift/origin/pkg/authorization/registry/test"
17 15 
 	"github.com/openshift/origin/pkg/authorization/rulevalidation"
18 16 
 	"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
... ... 
@@ -375,8 +373,8 @@ func TestVerbRestrictionsWork(t *testing.T) {
375 375 
 func (test *authorizeTest) test(t *testing.T) {
376 376 
 	policyRegistry := testpolicyregistry.NewPolicyRegistry(test.policies, test.policyRetrievalError)
377 377 
 	policyBindingRegistry := testpolicyregistry.NewPolicyBindingRegistry(test.bindings, test.bindingRetrievalError)
378 
-	clusterPolicyRegistry := clusterpolicyregistry.NewSimulatedRegistry(testpolicyregistry.NewClusterPolicyRegistry(test.clusterPolicies, test.policyRetrievalError))
379 
-	clusterPolicyBindingRegistry := clusterpolicybindingregistry.NewSimulatedRegistry(testpolicyregistry.NewClusterPolicyBindingRegistry(test.clusterBindings, test.bindingRetrievalError))
378 
+	clusterPolicyRegistry := testpolicyregistry.NewClusterPolicyRegistry(test.clusterPolicies, test.policyRetrievalError)
379 
+	clusterPolicyBindingRegistry := testpolicyregistry.NewClusterPolicyBindingRegistry(test.clusterBindings, test.bindingRetrievalError)
380 380 
 	authorizer := NewAuthorizer(rulevalidation.NewDefaultRuleResolver(policyRegistry, policyBindingRegistry, clusterPolicyRegistry, clusterPolicyBindingRegistry), NewForbiddenMessageResolver(""))
381 381
382 382 
 	actualAllowed, actualReason, actualError := authorizer.Authorize(test.context, *test.attributes)
pkg/authorization/authorizer/subjects_test.go
History View file @ 5ef5ce1
... ... 
@@ -7,8 +7,6 @@ import (
7 7 
 	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
8 8
9 9 
 	authorizationapi "github.com/openshift/origin/pkg/authorization/api"
10 
-	clusterpolicyregistry "github.com/openshift/origin/pkg/authorization/registry/clusterpolicy"
11 
-	clusterpolicybindingregistry "github.com/openshift/origin/pkg/authorization/registry/clusterpolicybinding"
12 10 
 	testpolicyregistry "github.com/openshift/origin/pkg/authorization/registry/test"
13 11 
 	"github.com/openshift/origin/pkg/authorization/rulevalidation"
14 12 
 )
... ... 
@@ -50,8 +48,8 @@ func TestSubjects(t *testing.T) {
50 50 
 func (test *subjectsTest) test(t *testing.T) {
51 51 
 	policyRegistry := testpolicyregistry.NewPolicyRegistry(test.policies, test.policyRetrievalError)
52 52 
 	policyBindingRegistry := testpolicyregistry.NewPolicyBindingRegistry(test.bindings, test.bindingRetrievalError)
53 
-	clusterPolicyRegistry := clusterpolicyregistry.NewSimulatedRegistry(testpolicyregistry.NewClusterPolicyRegistry(test.clusterPolicies, test.policyRetrievalError))
54 
-	clusterPolicyBindingRegistry := clusterpolicybindingregistry.NewSimulatedRegistry(testpolicyregistry.NewClusterPolicyBindingRegistry(test.clusterBindings, test.bindingRetrievalError))
53 
+	clusterPolicyRegistry := testpolicyregistry.NewClusterPolicyRegistry(test.clusterPolicies, test.policyRetrievalError)
54 
+	clusterPolicyBindingRegistry := testpolicyregistry.NewClusterPolicyBindingRegistry(test.clusterBindings, test.bindingRetrievalError)
55 55
56 56 
 	authorizer := NewAuthorizer(rulevalidation.NewDefaultRuleResolver(policyRegistry, policyBindingRegistry, clusterPolicyRegistry, clusterPolicyBindingRegistry), NewForbiddenMessageResolver(""))
57 57
pkg/authorization/cache/readonlycache.go
History View file @ 5ef5ce1
... ... 
@@ -139,3 +139,21 @@ func (c readOnlyAuthorizationCache) ListPolicyBindings(ctx kapi.Context, label l
139 139 
 		return policyBindingList, nil
140 140 
 	}
141 141 
 }
142 
+
143 
+// GetPolicy retrieves a specific policy.  It conforms to rulevalidation.PolicyGetter.
144 
+func (c readOnlyAuthorizationCache) GetClusterPolicy(ctx kapi.Context, name string) (*authorizationapi.ClusterPolicy, error) {
145 
+	clusterPolicy, err := c.ReadOnlyClusterPolicies().Get(name)
146 
+	if err != nil {
147 
+		return &authorizationapi.ClusterPolicy{}, err
148 
+	}
149 
+	return clusterPolicy, nil
150 
+}
151 
+
152 
+// ListPolicyBindings obtains list of policyBindings that match a selector.  It conforms to rulevalidation.BindingLister
153 
+func (c readOnlyAuthorizationCache) ListClusterPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyBindingList, error) {
154 
+	clusterPolicyBindingList, err := c.ReadOnlyClusterPolicyBindings().List(label, field)
155 
+	if err != nil {
156 
+		return &authorizationapi.ClusterPolicyBindingList{}, err
157 
+	}
158 
+	return clusterPolicyBindingList, nil
159 
+}
pkg/authorization/client/readonlyclient.go
History View file @ 5ef5ce1
... ... 
@@ -22,4 +22,6 @@ type ReadOnlyPolicyClient interface {
22 22 
 	// Methods that enable the ReadOnlyPolicyClient to conform to rulevalidation.PolicyGetter and rulevalidation.BindingLister interfaces
23 23 
 	GetPolicy(ctx kapi.Context, name string) (*authorizationapi.Policy, error)
24 24 
 	ListPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.PolicyBindingList, error)
25 
+	GetClusterPolicy(ctx kapi.Context, name string) (*authorizationapi.ClusterPolicy, error)
26 
+	ListClusterPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyBindingList, error)
25 27 
 }
pkg/authorization/interfaces/interfaces.go
History View file @ 5ef5ce1
26 28 
new file mode 100644
... ... 
@@ -0,0 +1,253 @@
0 
+package interfaces
1 
+
2 
+import (
3 
+	kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"
4 
+	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
5 
+
6 
+	authorizationapi "github.com/openshift/origin/pkg/authorization/api"
7 
+)
8 
+
9 
+type Policy interface {
10 
+	Name() string
11 
+	Namespace() string
12 
+
13 
+	Roles() map[string]Role
14 
+}
15 
+
16 
+type PolicyBinding interface {
17 
+	Name() string
18 
+	Namespace() string
19 
+
20 
+	PolicyRef() kapi.ObjectReference
21 
+	RoleBindings() map[string]RoleBinding
22 
+}
23 
+
24 
+type Role interface {
25 
+	Name() string
26 
+	Namespace() string
27 
+
28 
+	Rules() []authorizationapi.PolicyRule
29 
+}
30 
+
31 
+type RoleBinding interface {
32 
+	Name() string
33 
+	Namespace() string
34 
+
35 
+	RoleRef() kapi.ObjectReference
36 
+	Users() util.StringSet
37 
+	Groups() util.StringSet
38 
+}
39 
+
40 
+func NewClusterPolicyAdapter(policy *authorizationapi.ClusterPolicy) Policy {
41 
+	return ClusterPolicyAdapter{policy: policy}
42 
+}
43 
+func NewLocalPolicyAdapter(policy *authorizationapi.Policy) Policy {
44 
+	return PolicyAdapter{policy: policy}
45 
+}
46 
+
47 
+func NewClusterPolicyBindingAdapter(policyBinding *authorizationapi.ClusterPolicyBinding) PolicyBinding {
48 
+	return ClusterPolicyBindingAdapter{policyBinding: policyBinding}
49 
+}
50 
+func NewLocalPolicyBindingAdapter(policyBinding *authorizationapi.PolicyBinding) PolicyBinding {
51 
+	return PolicyBindingAdapter{policyBinding: policyBinding}
52 
+}
53 
+func NewClusterPolicyBindingAdapters(list *authorizationapi.ClusterPolicyBindingList) []PolicyBinding {
54 
+	ret := make([]PolicyBinding, 0, len(list.Items))
55 
+	for i := range list.Items {
56 
+		ret = append(ret, NewClusterPolicyBindingAdapter(&list.Items[i]))
57 
+	}
58 
+	return ret
59 
+}
60 
+func NewLocalPolicyBindingAdapters(list *authorizationapi.PolicyBindingList) []PolicyBinding {
61 
+	ret := make([]PolicyBinding, 0, len(list.Items))
62 
+	for i := range list.Items {
63 
+		ret = append(ret, NewLocalPolicyBindingAdapter(&list.Items[i]))
64 
+	}
65 
+	return ret
66 
+}
67 
+
68 
+type PolicyAdapter struct {
69 
+	policy *authorizationapi.Policy
70 
+
71 
+	adaptedRoles map[string]Role
72 
+}
73 
+
74 
+func (a PolicyAdapter) Name() string {
75 
+	return a.policy.Name
76 
+}
77 
+
78 
+func (a PolicyAdapter) Namespace() string {
79 
+	return a.policy.Namespace
80 
+}
81 
+
82 
+func (a PolicyAdapter) Roles() map[string]Role {
83 
+	if a.adaptedRoles == nil {
84 
+		adaptedRoles := map[string]Role{}
85 
+		for key := range a.policy.Roles {
86 
+			adaptedRoles[key] = RoleAdapter{a.policy.Roles[key]}
87 
+		}
88 
+		a.adaptedRoles = adaptedRoles
89 
+	}
90 
+	return a.adaptedRoles
91 
+}
92 
+
93 
+type RoleAdapter struct {
94 
+	role *authorizationapi.Role
95 
+}
96 
+
97 
+func (a RoleAdapter) Name() string {
98 
+	return a.role.Name
99 
+}
100 
+
101 
+func (a RoleAdapter) Namespace() string {
102 
+	return a.role.Namespace
103 
+}
104 
+
105 
+func (a RoleAdapter) Rules() []authorizationapi.PolicyRule {
106 
+	return a.role.Rules
107 
+}
108 
+
109 
+type ClusterPolicyAdapter struct {
110 
+	policy *authorizationapi.ClusterPolicy
111 
+
112 
+	adaptedRoles map[string]Role
113 
+}
114 
+
115 
+func (a ClusterPolicyAdapter) Name() string {
116 
+	return a.policy.Name
117 
+}
118 
+
119 
+func (a ClusterPolicyAdapter) Namespace() string {
120 
+	return a.policy.Namespace
121 
+}
122 
+
123 
+func (a ClusterPolicyAdapter) Roles() map[string]Role {
124 
+	if a.adaptedRoles == nil {
125 
+		adaptedRoles := map[string]Role{}
126 
+		for key := range a.policy.Roles {
127 
+			adaptedRoles[key] = ClusterRoleAdapter{a.policy.Roles[key]}
128 
+		}
129 
+		a.adaptedRoles = adaptedRoles
130 
+	}
131 
+	return a.adaptedRoles
132 
+}
133 
+
134 
+type ClusterRoleAdapter struct {
135 
+	role *authorizationapi.ClusterRole
136 
+}
137 
+
138 
+func (a ClusterRoleAdapter) Name() string {
139 
+	return a.role.Name
140 
+}
141 
+
142 
+func (a ClusterRoleAdapter) Namespace() string {
143 
+	return a.role.Namespace
144 
+}
145 
+
146 
+func (a ClusterRoleAdapter) Rules() []authorizationapi.PolicyRule {
147 
+	return a.role.Rules
148 
+}
149 
+
150 
+type PolicyBindingAdapter struct {
151 
+	policyBinding *authorizationapi.PolicyBinding
152 
+
153 
+	adaptedRoleBindings map[string]RoleBinding
154 
+}
155 
+
156 
+func (a PolicyBindingAdapter) Name() string {
157 
+	return a.policyBinding.Name
158 
+}
159 
+
160 
+func (a PolicyBindingAdapter) Namespace() string {
161 
+	return a.policyBinding.Namespace
162 
+}
163 
+
164 
+func (a PolicyBindingAdapter) PolicyRef() kapi.ObjectReference {
165 
+	return a.policyBinding.PolicyRef
166 
+}
167 
+
168 
+func (a PolicyBindingAdapter) RoleBindings() map[string]RoleBinding {
169 
+	if a.adaptedRoleBindings == nil {
170 
+		adaptedRoleBindings := map[string]RoleBinding{}
171 
+		for key := range a.policyBinding.RoleBindings {
172 
+			adaptedRoleBindings[key] = RoleBindingAdapter{a.policyBinding.RoleBindings[key]}
173 
+		}
174 
+		a.adaptedRoleBindings = adaptedRoleBindings
175 
+	}
176 
+	return a.adaptedRoleBindings
177 
+}
178 
+
179 
+type RoleBindingAdapter struct {
180 
+	roleBinding *authorizationapi.RoleBinding
181 
+}
182 
+
183 
+func (a RoleBindingAdapter) Name() string {
184 
+	return a.roleBinding.Name
185 
+}
186 
+
187 
+func (a RoleBindingAdapter) Namespace() string {
188 
+	return a.roleBinding.Namespace
189 
+}
190 
+
191 
+func (a RoleBindingAdapter) RoleRef() kapi.ObjectReference {
192 
+	return a.roleBinding.RoleRef
193 
+}
194 
+
195 
+func (a RoleBindingAdapter) Users() util.StringSet {
196 
+	return a.roleBinding.Users
197 
+}
198 
+func (a RoleBindingAdapter) Groups() util.StringSet {
199 
+	return a.roleBinding.Groups
200 
+}
201 
+
202 
+type ClusterPolicyBindingAdapter struct {
203 
+	policyBinding *authorizationapi.ClusterPolicyBinding
204 
+
205 
+	adaptedRoleBindings map[string]RoleBinding
206 
+}
207 
+
208 
+func (a ClusterPolicyBindingAdapter) Name() string {
209 
+	return a.policyBinding.Name
210 
+}
211 
+
212 
+func (a ClusterPolicyBindingAdapter) Namespace() string {
213 
+	return a.policyBinding.Namespace
214 
+}
215 
+
216 
+func (a ClusterPolicyBindingAdapter) PolicyRef() kapi.ObjectReference {
217 
+	return a.policyBinding.PolicyRef
218 
+}
219 
+
220 
+func (a ClusterPolicyBindingAdapter) RoleBindings() map[string]RoleBinding {
221 
+	if a.adaptedRoleBindings == nil {
222 
+		adaptedRoleBindings := map[string]RoleBinding{}
223 
+		for key := range a.policyBinding.RoleBindings {
224 
+			adaptedRoleBindings[key] = ClusterRoleBindingAdapter{a.policyBinding.RoleBindings[key]}
225 
+		}
226 
+		a.adaptedRoleBindings = adaptedRoleBindings
227 
+	}
228 
+	return a.adaptedRoleBindings
229 
+}
230 
+
231 
+type ClusterRoleBindingAdapter struct {
232 
+	roleBinding *authorizationapi.ClusterRoleBinding
233 
+}
234 
+
235 
+func (a ClusterRoleBindingAdapter) Name() string {
236 
+	return a.roleBinding.Name
237 
+}
238 
+
239 
+func (a ClusterRoleBindingAdapter) Namespace() string {
240 
+	return a.roleBinding.Namespace
241 
+}
242 
+
243 
+func (a ClusterRoleBindingAdapter) RoleRef() kapi.ObjectReference {
244 
+	return a.roleBinding.RoleRef
245 
+}
246 
+
247 
+func (a ClusterRoleBindingAdapter) Users() util.StringSet {
248 
+	return a.roleBinding.Users
249 
+}
250 
+func (a ClusterRoleBindingAdapter) Groups() util.StringSet {
251 
+	return a.roleBinding.Groups
252 
+}
pkg/authorization/registry/rolebinding/policybased/virtual_storage.go
History View file @ 5ef5ce1
... ... 
@@ -252,8 +252,8 @@ func (m *VirtualStorage) confirmNoEscalation(ctx kapi.Context, roleBinding *auth
252 252 
 	ruleResolver := rulevalidation.NewDefaultRuleResolver(
253 253 
 		m.PolicyRegistry,
254 254 
 		m.BindingRegistry,
255 
-		clusterpolicyregistry.NewSimulatedRegistry(m.ClusterPolicyRegistry),
256 
-		clusterpolicybindingregistry.NewSimulatedRegistry(m.ClusterPolicyBindingRegistry),
255 
+		m.ClusterPolicyRegistry,
256 
+		m.ClusterPolicyBindingRegistry,
257 257 
 	)
258 258 
 	ownerLocalRules, err := ruleResolver.GetEffectivePolicyRules(ctx)
259 259 
 	if err != nil {
pkg/authorization/rulevalidation/find_rules.go
History View file @ 5ef5ce1
... ... 
@@ -13,23 +13,24 @@ import (
13 13 
 	kerrors "github.com/GoogleCloudPlatform/kubernetes/pkg/util/errors"
14 14
15 15 
 	authorizationapi "github.com/openshift/origin/pkg/authorization/api"
16 
+	authorizationinterfaces "github.com/openshift/origin/pkg/authorization/interfaces"
16 17 
 )
17 18
18 19 
 type DefaultRuleResolver struct {
19 20 
 	policyGetter  PolicyGetter
20 21 
 	bindingLister BindingLister
21 22
22 
-	clusterPolicyGetter  PolicyGetter
23 
-	clusterBindingLister BindingLister
23 
+	clusterPolicyGetter  ClusterPolicyGetter
24 
+	clusterBindingLister ClusterBindingLister
24 25 
 }
25 26
26 
-func NewDefaultRuleResolver(policyGetter PolicyGetter, bindingLister BindingLister, clusterPolicyGetter PolicyGetter, clusterBindingLister BindingLister) *DefaultRuleResolver {
27 
+func NewDefaultRuleResolver(policyGetter PolicyGetter, bindingLister BindingLister, clusterPolicyGetter ClusterPolicyGetter, clusterBindingLister ClusterBindingLister) *DefaultRuleResolver {
27 28 
 	return &DefaultRuleResolver{policyGetter, bindingLister, clusterPolicyGetter, clusterBindingLister}
28 29 
 }
29 30
30 31 
 type AuthorizationRuleResolver interface {
31 
-	GetRoleBindings(ctx kapi.Context) ([]*authorizationapi.RoleBinding, error)
32 
-	GetRole(roleBinding *authorizationapi.RoleBinding) (*authorizationapi.Role, error)
32 
+	GetRoleBindings(ctx kapi.Context) ([]authorizationinterfaces.RoleBinding, error)
33 
+	GetRole(roleBinding authorizationinterfaces.RoleBinding) (authorizationinterfaces.Role, error)
33 34 
 	// GetEffectivePolicyRules returns the list of rules that apply to a given user in a given namespace and error.  If an error is returned, the slice of
34 35 
 	// PolicyRules may not be complete, but it contains all retrievable rules.  This is done because policy rules are purely additive and policy determinations
35 36 
 	// can be made on the basis of those rules that are found.
... ... 
@@ -37,61 +38,68 @@ type AuthorizationRuleResolver interface {
37 37 
 }
38 38
39 39 
 type PolicyGetter interface {
40 
-	// GetPolicy retrieves a specific policy.
41 40 
 	GetPolicy(ctx kapi.Context, id string) (*authorizationapi.Policy, error)
42 41 
 }
43 42
44 43 
 type BindingLister interface {
45 
-	// ListPolicyBindings obtains list of policyBindings that match a selector.
46 44 
 	ListPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.PolicyBindingList, error)
47 45 
 }
48 46
49 
-func (a *DefaultRuleResolver) getPolicy(ctx kapi.Context) (*authorizationapi.Policy, error) {
47 
+type ClusterPolicyGetter interface {
48 
+	GetClusterPolicy(ctx kapi.Context, id string) (*authorizationapi.ClusterPolicy, error)
49 
+}
50 
+
51 
+type ClusterBindingLister interface {
52 
+	ListClusterPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyBindingList, error)
53 
+}
54 
+
55 
+func (a *DefaultRuleResolver) getPolicy(ctx kapi.Context) (authorizationinterfaces.Policy, error) {
50 56 
 	namespace, _ := kapi.NamespaceFrom(ctx)
51 57
52 
-	var policy *authorizationapi.Policy
53 
-	var err error
54 58 
 	switch {
55 59 
 	case len(namespace) == 0:
56 
-		policy, err = a.clusterPolicyGetter.GetPolicy(ctx, authorizationapi.PolicyName)
60 
+		t, err := a.clusterPolicyGetter.GetClusterPolicy(ctx, authorizationapi.PolicyName)
61 
+		if err != nil {
62 
+			return nil, err
63 
+		}
64 
+		return authorizationinterfaces.NewClusterPolicyAdapter(t), nil
57 65 
 	default:
58 
-		policy, err = a.policyGetter.GetPolicy(ctx, authorizationapi.PolicyName)
59 
-	}
60 
-
61 
-	if err != nil {
62 
-		return nil, err
66 
+		t, err := a.policyGetter.GetPolicy(ctx, authorizationapi.PolicyName)
67 
+		if err != nil {
68 
+			return nil, err
69 
+		}
70 
+		return authorizationinterfaces.NewLocalPolicyAdapter(t), nil
63 71 
 	}
64 
-	return policy, nil
65 72 
 }
66 73
67 
-func (a *DefaultRuleResolver) getPolicyBindings(ctx kapi.Context) ([]authorizationapi.PolicyBinding, error) {
74 
+func (a *DefaultRuleResolver) getPolicyBindings(ctx kapi.Context) ([]authorizationinterfaces.PolicyBinding, error) {
68 75 
 	namespace, _ := kapi.NamespaceFrom(ctx)
69 76
70 
-	var policyBindingList *authorizationapi.PolicyBindingList
71 
-	var err error
72 77 
 	switch {
73 78 
 	case len(namespace) == 0:
74 
-		policyBindingList, err = a.clusterBindingLister.ListPolicyBindings(ctx, labels.Everything(), fields.Everything())
79 
+		t, err := a.clusterBindingLister.ListClusterPolicyBindings(ctx, labels.Everything(), fields.Everything())
80 
+		if err != nil {
81 
+			return nil, err
82 
+		}
83 
+		return authorizationinterfaces.NewClusterPolicyBindingAdapters(t), nil
75 84 
 	default:
76 
-		policyBindingList, err = a.bindingLister.ListPolicyBindings(ctx, labels.Everything(), fields.Everything())
77 
-	}
78 
-
79 
-	if err != nil {
80 
-		return nil, err
85 
+		t, err := a.bindingLister.ListPolicyBindings(ctx, labels.Everything(), fields.Everything())
86 
+		if err != nil {
87 
+			return nil, err
88 
+		}
89 
+		return authorizationinterfaces.NewLocalPolicyBindingAdapters(t), nil
81 90 
 	}
82 
-
83 
-	return policyBindingList.Items, nil
84 91 
 }
85 92
86 
-func (a *DefaultRuleResolver) GetRoleBindings(ctx kapi.Context) ([]*authorizationapi.RoleBinding, error) {
93 
+func (a *DefaultRuleResolver) GetRoleBindings(ctx kapi.Context) ([]authorizationinterfaces.RoleBinding, error) {
87 94 
 	policyBindings, err := a.getPolicyBindings(ctx)
88 95 
 	if err != nil {
89 96 
 		return nil, err
90 97 
 	}
91 98
92 
-	ret := make([]*authorizationapi.RoleBinding, 0, len(policyBindings))
99 
+	ret := make([]authorizationinterfaces.RoleBinding, 0, len(policyBindings))
93 100 
 	for _, policyBinding := range policyBindings {
94 
-		for _, value := range policyBinding.RoleBindings {
101 
+		for _, value := range policyBinding.RoleBindings() {
95 102 
 			ret = append(ret, value)
96 103 
 		}
97 104 
 	}
... ... 
@@ -99,22 +107,22 @@ func (a *DefaultRuleResolver) GetRoleBindings(ctx kapi.Context) ([]*authorizatio
99 99 
 	return ret, nil
100 100 
 }
101 101
102 
-func (a *DefaultRuleResolver) GetRole(roleBinding *authorizationapi.RoleBinding) (*authorizationapi.Role, error) {
103 
-	namespace := roleBinding.RoleRef.Namespace
104 
-	name := roleBinding.RoleRef.Name
102 
+func (a *DefaultRuleResolver) GetRole(roleBinding authorizationinterfaces.RoleBinding) (authorizationinterfaces.Role, error) {
103 
+	namespace := roleBinding.RoleRef().Namespace
104 
+	name := roleBinding.RoleRef().Name
105 105
106 106 
 	ctx := kapi.WithNamespace(kapi.NewContext(), namespace)
107 107 
 	policy, err := a.getPolicy(ctx)
108 108 
 	if kapierror.IsNotFound(err) {
109 
-		return nil, kapierror.NewNotFound("role", roleBinding.RoleRef.Name)
109 
+		return nil, kapierror.NewNotFound("role", roleBinding.RoleRef().Name)
110 110 
 	}
111 111 
 	if err != nil {
112 112 
 		return nil, err
113 113 
 	}
114 114
115 
-	role, exists := policy.Roles[name]
115 
+	role, exists := policy.Roles()[name]
116 116 
 	if !exists {
117 
-		return nil, fmt.Errorf("role %#v not found", roleBinding.RoleRef)
117 
+		return nil, fmt.Errorf("role %#v not found", roleBinding.RoleRef())
118 118 
 	}
119 119
120 120 
 	return role, nil
... ... 
@@ -136,7 +144,7 @@ func (a *DefaultRuleResolver) GetEffectivePolicyRules(ctx kapi.Context) ([]autho
136 136 
 	errs := []error{}
137 137 
 	rules := make([]authorizationapi.PolicyRule, 0, len(roleBindings))
138 138 
 	for _, roleBinding := range roleBindings {
139 
-		if !appliesToUser(roleBinding.Users, roleBinding.Groups, user) {
139 
+		if !appliesToUser(roleBinding.Users(), roleBinding.Groups(), user) {
140 140 
 			continue
141 141 
 		}
142 142
... ... 
@@ -146,7 +154,7 @@ func (a *DefaultRuleResolver) GetEffectivePolicyRules(ctx kapi.Context) ([]autho
146 146 
 			continue
147 147 
 		}
148 148
149 
-		for _, curr := range role.Rules {
149 
+		for _, curr := range role.Rules() {
150 150 
 			rules = append(rules, curr)
151 151 
 		}
152 152 
 	}
pkg/project/auth/cache_test.go
History View file @ 5ef5ce1
... ... 
@@ -94,6 +94,14 @@ func (this *MockReadOnlyPolicyClient) ListPolicyBindings(ctx kapi.Context, label
94 94 
 	return &authorizationapi.PolicyBindingList{}, nil
95 95 
 }
96 96
97 
+func (this *MockReadOnlyPolicyClient) GetClusterPolicy(ctx kapi.Context, name string) (*authorizationapi.ClusterPolicy, error) {
98 
+	return &authorizationapi.ClusterPolicy{}, nil
99 
+}
100 
+
101 
+func (this *MockReadOnlyPolicyClient) ListClusterPolicyBindings(ctx kapi.Context, label labels.Selector, field fields.Selector) (*authorizationapi.ClusterPolicyBindingList, error) {
102 
+	return &authorizationapi.ClusterPolicyBindingList{}, nil
103 
+}
104 
+
97 105 
 // mockReview implements the Review interface for test cases
98 106 
 type mockReview struct {
99 107 
 	users  []string