mirror of
https://github.com/niusmallnan/steve.git
synced 2025-09-10 17:39:37 +00:00
Refactor
This commit is contained in:
Darren Shepherd
59
pkg/schemaserver/server/access.go
Normal file
59
pkg/schemaserver/server/access.go
Normal file
@@ -0,0 +1,59 @@
|
||||
package server
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/rancher/steve/pkg/schemaserver/httperror"
|
||||
"github.com/rancher/steve/pkg/schemaserver/types"
|
||||
"github.com/rancher/wrangler/pkg/schemas/validation"
|
||||
"github.com/rancher/wrangler/pkg/slice"
|
||||
)
|
||||
|
||||
type AllAccess struct {
|
||||
}
|
||||
|
||||
func (*AllAccess) CanCreate(apiOp *types.APIRequest, schema *types.APISchema) error {
|
||||
if slice.ContainsString(schema.CollectionMethods, http.MethodPost) {
|
||||
return nil
|
||||
}
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "can not create "+schema.ID)
|
||||
}
|
||||
|
||||
func (*AllAccess) CanGet(apiOp *types.APIRequest, schema *types.APISchema) error {
|
||||
if slice.ContainsString(schema.ResourceMethods, http.MethodGet) {
|
||||
return nil
|
||||
}
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "can not get "+schema.ID)
|
||||
}
|
||||
|
||||
func (*AllAccess) CanList(apiOp *types.APIRequest, schema *types.APISchema) error {
|
||||
if slice.ContainsString(schema.CollectionMethods, http.MethodGet) {
|
||||
return nil
|
||||
}
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "can not list "+schema.ID)
|
||||
}
|
||||
|
||||
func (*AllAccess) CanUpdate(apiOp *types.APIRequest, obj types.APIObject, schema *types.APISchema) error {
|
||||
if slice.ContainsString(schema.ResourceMethods, http.MethodPut) {
|
||||
return nil
|
||||
}
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "can not update "+schema.ID)
|
||||
}
|
||||
|
||||
func (*AllAccess) CanDelete(apiOp *types.APIRequest, obj types.APIObject, schema *types.APISchema) error {
|
||||
if slice.ContainsString(schema.ResourceMethods, http.MethodDelete) {
|
||||
return nil
|
||||
}
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "can not delete "+schema.ID)
|
||||
}
|
||||
|
||||
func (a *AllAccess) CanWatch(apiOp *types.APIRequest, schema *types.APISchema) error {
|
||||
return a.CanList(apiOp, schema)
|
||||
}
|
||||
|
||||
func (*AllAccess) CanAction(apiOp *types.APIRequest, schema *types.APISchema, name string) error {
|
||||
if _, ok := schema.ActionHandlers[name]; ok {
|
||||
return httperror.NewAPIError(validation.PermissionDenied, "no such action "+name)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user