Example #1
0
func createApiUser(t auth.Token, user *auth.User) (*apiUser, error) {
	permissions, err := user.Permissions()
	if err != nil {
		return nil, err
	}
	permData := make([]rolePermissionData, len(permissions))
	for i, p := range permissions {
		if !permission.Check(t, p.Scheme, p.Context) {
			return nil, nil
		}
		permData[i] = rolePermissionData{
			Name:         p.Scheme.FullName(),
			ContextType:  string(p.Context.CtxType),
			ContextValue: p.Context.Value,
		}
	}
	roleData := make([]rolePermissionData, len(user.Roles))
	for i, userRole := range user.Roles {
		r, err := permission.FindRole(userRole.Name)
		if err != nil {
			return nil, err
		}
		roleData[i] = rolePermissionData{
			Name:         userRole.Name,
			ContextType:  string(r.ContextType),
			ContextValue: userRole.ContextValue,
		}
	}
	return &apiUser{
		Email:       user.Email,
		Roles:       roleData,
		Permissions: permData,
	}, nil
}
Example #2
0
func deployableApps(u *auth.User) ([]string, error) {
	perms, err := u.Permissions()
	if err != nil {
		return nil, err
	}
	contexts := permission.ContextsFromListForPermission(perms, permission.PermAppDeploy)
	if len(contexts) == 0 {
		return nil, nil
	}
	filter := appFilterByContext(contexts, nil)
	apps, err := app.List(filter)
	if err != nil {
		return nil, err
	}
	appNames := make([]string, len(apps))
	for i := range apps {
		appNames[i] = apps[i].Name
	}
	return appNames, nil
}