func GetPropertyData(userName string, propertyName string, usersList *en.EntityManager) (interface{}, error) {
	data, err := usersList.GetPropertyAttachedToEntity(userName, propertyName)
	if err != nil {
		return nil, err
	}
	return data, err
}
Beispiel #2
0
// Get all the permissions of a given user to a given resource-
// return the user's list of permissions to the given resource
// The permissions may be listed as the user's permissions, permissions to groups
// in which the user is a member or permissions that are given to 'all'
func GetUserPermissions(el *en.EntityManager, userName string, resourceName string) (PermissionsMap, error) {
	lock.Lock()
	defer lock.Unlock()

	if el == nil {
		return nil, fmt.Errorf("Error: EntityManager is nil")
	}
	err := en.IsEntityNameValid(userName)
	if err != nil {
		return nil, err
	}
	err = en.IsEntityNameValid(resourceName)
	if err != nil {
		return nil, err
	}
	permissions := make(PermissionsMap)
	data, err := el.GetPropertyAttachedToEntity(resourceName, stc.AclPropertyName)
	if err != nil {
		return nil, fmt.Errorf("Resource '%v' dose not have an ACL property", resourceName)
	}
	acl, ok := data.(*Acl)
	if ok == false {
		return nil, fmt.Errorf("Resource '%v' ACL property is in the wrong type", resourceName)
	}
	for name, p := range acl.Permissions {
		if name == userName || name == stc.AclAllEntryName || el.IsUserPartOfAGroup(name, userName) {
			for permission, _ := range p.Permissions {
				permissions[permission] = ""
			}
		}
	}
	logger.Trace.Println("The permissions of:", userName, "are:", permissions)
	return permissions, nil
}
Beispiel #3
0
func generateAcl(el *en.EntityManager) bool {
	for n, _ := range el.Resources {
		tmpE, _ := el.GetPropertyAttachedToEntity(n, stc.AclPropertyName)
		a, ok := tmpE.(*Acl)
		if ok == false {
			return false
		}
		for name, _ := range el.Users {
			a.AddPermissionToResource(el, name, Permission("uP"+n))
		}
	}
	return true
}
Beispiel #4
0
// Add the given permission to the given resource for the given user
func (a *Acl) AddPermissionToResource(el *en.EntityManager, userName string, permission Permission) error {
	lock.Lock()
	defer lock.Unlock()

	if el == nil {
		return fmt.Errorf("Error: entityManager is nil")
	}
	err := en.IsEntityNameValid(userName)
	if err != nil {
		return err
	}
	if el.IsEntityInList(userName) == false {
		return fmt.Errorf("Error: Can't add permission to entity '%v', it is not in the resource entity list", userName)
	}
	e, exist := a.Permissions[userName]
	if exist == false {
		e, _ = NewEntry(userName)
	}
	logger.Trace.Println("Add permission:", permission, "to:", userName)
	_, err = e.AddPermission(permission)
	a.Permissions[userName] = e
	return err
}
Beispiel #5
0
// Return all the users that have the given permission to the given resource
func GetWhoUseAPermission(el *en.EntityManager, resourceName string, permission string) PermissionSet {
	if el == nil {
		return nil
	}
	err := en.IsEntityNameValid(resourceName)
	if err != nil {
		return nil
	}
	data, err := el.GetPropertyAttachedToEntity(resourceName, stc.AclPropertyName)
	if err != nil {
		return nil
	}
	p := make(PermissionSet)

	acl, ok := data.(*Acl)
	if ok == false {
		return p
	}
	for name, _ := range acl.Permissions {
		pVec, _ := GetUserPermissions(el, name, resourceName)
		for v, _ := range pVec {
			if string(v) == permission {
				p[name] = true
				break
			}
		}
	}
	for name, _ := range p {
		groupMembers := el.GetGroupUsers(name)
		for _, name1 := range groupMembers {
			p[name1] = true
		}
	}
	logger.Trace.Println("Who uses permission:", permission, "results:", p)
	return p
}