Add CanDo function to AccessControl interface

Enables us to authorize actions and links

authorization/all.go

@@ -46,6 +46,13 @@ func (*AllAccess) CanDelete(apiContext *types.APIContext, obj map[string]interfa
 	return httperror.NewAPIError(httperror.PermissionDenied, "can not delete "+schema.ID)
 }
 
+func (*AllAccess) CanDo(apiGroup, resource, verb string, apiContext *types.APIContext, obj map[string]interface{}, schema *types.Schema) error {
+	if slice.ContainsString(schema.ResourceMethods, verb) {
+		return nil
+	}
+	return httperror.NewAPIError(httperror.PermissionDenied, "can not perform "+verb+" "+schema.ID)
+}
+
 func (*AllAccess) Filter(apiContext *types.APIContext, schema *types.Schema, obj map[string]interface{}, context map[string]string) map[string]interface{} {
 	return obj
 }

types/server_types.go

@@ -74,6 +74,9 @@ type AccessControl interface {
 	CanGet(apiContext *APIContext, schema *Schema) error
 	CanUpdate(apiContext *APIContext, obj map[string]interface{}, schema *Schema) error
 	CanDelete(apiContext *APIContext, obj map[string]interface{}, schema *Schema) error
+	// CanDo function should not yet be used if a corresponding specific method exists. It has been added to
+	// satisfy a specific usecase for the short term until full-blown dynamic RBAC can be implemented.
+	CanDo(apiGroup, resource, verb string, apiContext *APIContext, obj map[string]interface{}, schema *Schema) error
 
 	Filter(apiContext *APIContext, schema *Schema, obj map[string]interface{}, context map[string]string) map[string]interface{}
 	FilterList(apiContext *APIContext, schema *Schema, obj []map[string]interface{}, context map[string]string) []map[string]interface{}