steve/pkg/accesscontrol/access_control.go

package accesscontrol

import (
	"fmt"

	"github.com/rancher/norman/pkg/authorization"
	"github.com/rancher/norman/pkg/types"
)

type AccessControl struct {
	authorization.AllAccess
}

func NewAccessControl() *AccessControl {
	return &AccessControl{}
}

func (a *AccessControl) CanWatch(apiOp *types.APIRequest, schema *types.Schema) error {
	access := GetAccessListMap(schema)
	if !access.Grants("watch", "*", "*") {
		return fmt.Errorf("watch not allowed")
	}
	return nil
}
Initial commit 2019-08-04 17:41:32 +00:00			`package accesscontrol`

			`import (`
			`"fmt"`

			`"github.com/rancher/norman/pkg/authorization"`
			`"github.com/rancher/norman/pkg/types"`
			`)`

			`type AccessControl struct {`
			`authorization.AllAccess`
			`}`

			`func NewAccessControl() *AccessControl {`
			`return &AccessControl{}`
			`}`

			`func (a AccessControl) CanWatch(apiOp types.APIRequest, schema *types.Schema) error {`
			`access := GetAccessListMap(schema)`
			`if !access.Grants("watch", "", "") {`
			`return fmt.Errorf("watch not allowed")`
			`}`
			`return nil`
			`}`