rancher/norman
1
0
Fork 0
mirror of https://github.com/rancher/norman.git synced 2025-09-25 06:26:50 +00:00
Code Issues Releases Wiki Activity

Add CanDo function to AccessControl interface

Browse Source 
Enables us to authorize actions and links
This commit is contained in:
Craig Jellick
2018-04-25 12:16:16 -07:00
committed by Darren Shepherd
parent 063fbdfa71
commit bde68141b6
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
authorization/all.go
View File

@@ -46,6 +46,13 @@ func (*AllAccess) CanDelete(apiContext *types.APIContext, obj map[string]interfa
return httperror.NewAPIError(httperror.PermissionDenied, "can not delete "+schema.ID)
}
func (*AllAccess) CanDo(apiGroup, resource, verb string, apiContext *types.APIContext, obj map[string]interface{}, schema *types.Schema) error {
if slice.ContainsString(schema.ResourceMethods, verb) {
return nil
}
return httperror.NewAPIError(httperror.PermissionDenied, "can not perform "+verb+" "+schema.ID)
}
func (*AllAccess) Filter(apiContext *types.APIContext, schema *types.Schema, obj map[string]interface{}, context map[string]string) map[string]interface{} {
return obj
}