k8s_openapi/v1_32/api/rbac/v1/
policy_rule.rs1#[derive(Clone, Debug, Default, PartialEq)]
5pub struct PolicyRule {
6 pub api_groups: Option<Vec<String>>,
8
9 pub non_resource_urls: Option<Vec<String>>,
11
12 pub resource_names: Option<Vec<String>>,
14
15 pub resources: Option<Vec<String>>,
17
18 pub verbs: Vec<String>,
20}
21
22impl crate::DeepMerge for PolicyRule {
23 fn merge_from(&mut self, other: Self) {
24 crate::merge_strategies::list::atomic(&mut self.api_groups, other.api_groups);
25 crate::merge_strategies::list::atomic(&mut self.non_resource_urls, other.non_resource_urls);
26 crate::merge_strategies::list::atomic(&mut self.resource_names, other.resource_names);
27 crate::merge_strategies::list::atomic(&mut self.resources, other.resources);
28 crate::merge_strategies::list::atomic(&mut self.verbs, other.verbs);
29 }
30}
31
32impl<'de> crate::serde::Deserialize<'de> for PolicyRule {
33 fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
34 #[allow(non_camel_case_types)]
35 enum Field {
36 Key_api_groups,
37 Key_non_resource_urls,
38 Key_resource_names,
39 Key_resources,
40 Key_verbs,
41 Other,
42 }
43
44 impl<'de> crate::serde::Deserialize<'de> for Field {
45 fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where D: crate::serde::Deserializer<'de> {
46 struct Visitor;
47
48 impl crate::serde::de::Visitor<'_> for Visitor {
49 type Value = Field;
50
51 fn expecting(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
52 f.write_str("field identifier")
53 }
54
55 fn visit_str<E>(self, v: &str) -> Result<Self::Value, E> where E: crate::serde::de::Error {
56 Ok(match v {
57 "apiGroups" => Field::Key_api_groups,
58 "nonResourceURLs" => Field::Key_non_resource_urls,
59 "resourceNames" => Field::Key_resource_names,
60 "resources" => Field::Key_resources,
61 "verbs" => Field::Key_verbs,
62 _ => Field::Other,
63 })
64 }
65 }
66
67 deserializer.deserialize_identifier(Visitor)
68 }
69 }
70
71 struct Visitor;
72
73 impl<'de> crate::serde::de::Visitor<'de> for Visitor {
74 type Value = PolicyRule;
75
76 fn expecting(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
77 f.write_str("PolicyRule")
78 }
79
80 fn visit_map<A>(self, mut map: A) -> Result<Self::Value, A::Error> where A: crate::serde::de::MapAccess<'de> {
81 let mut value_api_groups: Option<Vec<String>> = None;
82 let mut value_non_resource_urls: Option<Vec<String>> = None;
83 let mut value_resource_names: Option<Vec<String>> = None;
84 let mut value_resources: Option<Vec<String>> = None;
85 let mut value_verbs: Option<Vec<String>> = None;
86
87 while let Some(key) = crate::serde::de::MapAccess::next_key::<Field>(&mut map)? {
88 match key {
89 Field::Key_api_groups => value_api_groups = crate::serde::de::MapAccess::next_value(&mut map)?,
90 Field::Key_non_resource_urls => value_non_resource_urls = crate::serde::de::MapAccess::next_value(&mut map)?,
91 Field::Key_resource_names => value_resource_names = crate::serde::de::MapAccess::next_value(&mut map)?,
92 Field::Key_resources => value_resources = crate::serde::de::MapAccess::next_value(&mut map)?,
93 Field::Key_verbs => value_verbs = crate::serde::de::MapAccess::next_value(&mut map)?,
94 Field::Other => { let _: crate::serde::de::IgnoredAny = crate::serde::de::MapAccess::next_value(&mut map)?; },
95 }
96 }
97
98 Ok(PolicyRule {
99 api_groups: value_api_groups,
100 non_resource_urls: value_non_resource_urls,
101 resource_names: value_resource_names,
102 resources: value_resources,
103 verbs: value_verbs.unwrap_or_default(),
104 })
105 }
106 }
107
108 deserializer.deserialize_struct(
109 "PolicyRule",
110 &[
111 "apiGroups",
112 "nonResourceURLs",
113 "resourceNames",
114 "resources",
115 "verbs",
116 ],
117 Visitor,
118 )
119 }
120}
121
122impl crate::serde::Serialize for PolicyRule {
123 fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> where S: crate::serde::Serializer {
124 let mut state = serializer.serialize_struct(
125 "PolicyRule",
126 1 +
127 self.api_groups.as_ref().map_or(0, |_| 1) +
128 self.non_resource_urls.as_ref().map_or(0, |_| 1) +
129 self.resource_names.as_ref().map_or(0, |_| 1) +
130 self.resources.as_ref().map_or(0, |_| 1),
131 )?;
132 if let Some(value) = &self.api_groups {
133 crate::serde::ser::SerializeStruct::serialize_field(&mut state, "apiGroups", value)?;
134 }
135 if let Some(value) = &self.non_resource_urls {
136 crate::serde::ser::SerializeStruct::serialize_field(&mut state, "nonResourceURLs", value)?;
137 }
138 if let Some(value) = &self.resource_names {
139 crate::serde::ser::SerializeStruct::serialize_field(&mut state, "resourceNames", value)?;
140 }
141 if let Some(value) = &self.resources {
142 crate::serde::ser::SerializeStruct::serialize_field(&mut state, "resources", value)?;
143 }
144 crate::serde::ser::SerializeStruct::serialize_field(&mut state, "verbs", &self.verbs)?;
145 crate::serde::ser::SerializeStruct::end(state)
146 }
147}
148
149#[cfg(feature = "schemars")]
150impl crate::schemars::JsonSchema for PolicyRule {
151 fn schema_name() -> String {
152 "io.k8s.api.rbac.v1.PolicyRule".to_owned()
153 }
154
155 fn json_schema(__gen: &mut crate::schemars::gen::SchemaGenerator) -> crate::schemars::schema::Schema {
156 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
157 metadata: Some(Box::new(crate::schemars::schema::Metadata {
158 description: Some("PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.".to_owned()),
159 ..Default::default()
160 })),
161 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Object))),
162 object: Some(Box::new(crate::schemars::schema::ObjectValidation {
163 properties: [
164 (
165 "apiGroups".to_owned(),
166 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
167 metadata: Some(Box::new(crate::schemars::schema::Metadata {
168 description: Some("APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. \"\" represents the core API group and \"*\" represents all API groups.".to_owned()),
169 ..Default::default()
170 })),
171 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Array))),
172 array: Some(Box::new(crate::schemars::schema::ArrayValidation {
173 items: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(
174 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
175 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::String))),
176 ..Default::default()
177 })
178 ))),
179 ..Default::default()
180 })),
181 ..Default::default()
182 }),
183 ),
184 (
185 "nonResourceURLs".to_owned(),
186 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
187 metadata: Some(Box::new(crate::schemars::schema::Metadata {
188 description: Some("NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as \"pods\" or \"secrets\") or non-resource URL paths (such as \"/api\"), but not both.".to_owned()),
189 ..Default::default()
190 })),
191 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Array))),
192 array: Some(Box::new(crate::schemars::schema::ArrayValidation {
193 items: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(
194 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
195 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::String))),
196 ..Default::default()
197 })
198 ))),
199 ..Default::default()
200 })),
201 ..Default::default()
202 }),
203 ),
204 (
205 "resourceNames".to_owned(),
206 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
207 metadata: Some(Box::new(crate::schemars::schema::Metadata {
208 description: Some("ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.".to_owned()),
209 ..Default::default()
210 })),
211 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Array))),
212 array: Some(Box::new(crate::schemars::schema::ArrayValidation {
213 items: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(
214 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
215 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::String))),
216 ..Default::default()
217 })
218 ))),
219 ..Default::default()
220 })),
221 ..Default::default()
222 }),
223 ),
224 (
225 "resources".to_owned(),
226 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
227 metadata: Some(Box::new(crate::schemars::schema::Metadata {
228 description: Some("Resources is a list of resources this rule applies to. '*' represents all resources.".to_owned()),
229 ..Default::default()
230 })),
231 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Array))),
232 array: Some(Box::new(crate::schemars::schema::ArrayValidation {
233 items: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(
234 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
235 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::String))),
236 ..Default::default()
237 })
238 ))),
239 ..Default::default()
240 })),
241 ..Default::default()
242 }),
243 ),
244 (
245 "verbs".to_owned(),
246 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
247 metadata: Some(Box::new(crate::schemars::schema::Metadata {
248 description: Some("Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.".to_owned()),
249 ..Default::default()
250 })),
251 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::Array))),
252 array: Some(Box::new(crate::schemars::schema::ArrayValidation {
253 items: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(
254 crate::schemars::schema::Schema::Object(crate::schemars::schema::SchemaObject {
255 instance_type: Some(crate::schemars::schema::SingleOrVec::Single(Box::new(crate::schemars::schema::InstanceType::String))),
256 ..Default::default()
257 })
258 ))),
259 ..Default::default()
260 })),
261 ..Default::default()
262 }),
263 ),
264 ].into(),
265 required: [
266 "verbs".to_owned(),
267 ].into(),
268 ..Default::default()
269 })),
270 ..Default::default()
271 })
272 }
273}