openshift-ci-robot
commented
6 years ago Hi @sixtyeight. Thanks for your PR.
I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
I understand the commands that are listed here.
Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
pgier
mrogers950
Using the provided SubjectAccessReview examples will result in an access denied decision in case the user cannot LIST the given resource-type. As OpenShift looks for a "resourceName" property and not the "name" property it executes a LIST for the resource-type instead of the expected GET on resource-type / resource-name.
https://docs.openshift.com/container-platform/3.11/rest_api/oapi/v1.SubjectAccessReview.html#object-schema