scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-27 03:44:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #70314 from samdamana/auth-revert

Browse Source 
Revert "limit forbidden error to details of what was forbidden"
This commit is contained in:
k8s-ci-robot
2018-10-29 17:11:27 -07:00
committed by GitHub
parent 952e7b07c6 3558f83957
commit 361f8c31bd
5 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go
View File

@@ -73,7 +73,7 @@ func WithAuthorization(handler http.Handler, a authorizer.Authorizer, s runtime.
glog.V(4).Infof("Forbidden: %#v, Reason: %q", req.RequestURI, reason)
audit.LogAnnotation(ae, decisionAnnotationKey, decisionForbid)
audit.LogAnnotation(ae, reasonAnnotationKey, reason)
responsewriters.Forbidden(ctx, attributes, w, req, "", s)
responsewriters.Forbidden(ctx, attributes, w, req, reason, s)
})
}

2
staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go
View File

@@ -110,7 +110,7 @@ func WithImpersonation(handler http.Handler, a authorizer.Authorizer, s runtime.
decision, reason, err := a.Authorize(actingAsAttributes)
if err != nil || decision != authorizer.DecisionAllow {
glog.V(4).Infof("Forbidden: %#v, Reason: %s, Error: %v", req.RequestURI, reason, err)
responsewriters.Forbidden(ctx, actingAsAttributes, w, req, "", s)
responsewriters.Forbidden(ctx, actingAsAttributes, w, req, reason, s)
return
}
}