/
util.go
43 lines (35 loc) · 1.05 KB
/
util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package project
import (
restclient "k8s.io/client-go/rest"
authorizationv1 "github.com/openshift/api/authorization/v1"
authorizationv1typedclient "github.com/openshift/client-go/authorization/clientset/versioned/typed/authorization/v1"
)
func CanRequestProjects(config *restclient.Config, defaultNamespace string) (bool, error) {
oClient, err := authorizationv1typedclient.NewForConfig(config)
if err != nil {
return false, err
}
sar := &authorizationv1.SubjectAccessReview{
Action: authorizationv1.Action{
Namespace: defaultNamespace,
Verb: "list",
Resource: "projectrequests",
},
}
listResponse, err := oClient.SubjectAccessReviews().Create(sar)
if err != nil {
return false, err
}
sar = &authorizationv1.SubjectAccessReview{
Action: authorizationv1.Action{
Namespace: defaultNamespace,
Verb: "create",
Resource: "projectrequests",
},
}
createResponse, err := oClient.SubjectAccessReviews().Create(sar)
if err != nil {
return false, err
}
return listResponse.Allowed && createResponse.Allowed, nil
}