[bug] `kubectl auth can-i --as=user --as-group=group` is not giving correct results, impersonation args are ignored

### Is there an existing issue for this?

- [x] I have searched the existing issues

### Current Behavior

The command `kubectl auth can-i --as=some-user --as=some-group` does not give correct results. It always gives the result for the currently (actually) authenticating user.

The cause is most possibly because the way we proxy the requests over Omni to Kubernetes: we ignore the impersonation headers: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation

We should either implement impersonation (careful with the privilege escalation!) or at least return an error saying we don't support it.

### Expected Behavior

The command giving correct results.

### Steps To Reproduce

1. Be admin.
2. Run any `kubectl auth can-i --as=...` command.
3. See `yes` as the result.

### What browsers are you seeing the problem on?

_No response_

### Anything else?

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[bug] `kubectl auth can-i --as=user --as-group=group` is not giving correct results, impersonation args are ignored #1002

Is there an existing issue for this?

Current Behavior

Expected Behavior

Steps To Reproduce

What browsers are you seeing the problem on?

Anything else?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[bug] kubectl auth can-i --as=user --as-group=group is not giving correct results, impersonation args are ignored #1002

Description

Is there an existing issue for this?

Current Behavior

Expected Behavior

Steps To Reproduce

What browsers are you seeing the problem on?

Anything else?

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

[bug] `kubectl auth can-i --as=user --as-group=group` is not giving correct results, impersonation args are ignored #1002