Esempio n. 1
0
File: topic.go Progetto: ovh/tat
// IsUserAdmin return true if user is Tat admin or is admin on this topic
// Check personal access to topic, and group access
func IsUserAdmin(topic *tat.Topic, user *tat.User) bool {

	if user.IsAdmin {
		return true
	}

	if tat.ArrayContains(topic.AdminUsers, user.Username) {
		return true
	}

	userGroups, err := group.GetGroups(user.Username)
	if err != nil {
		log.Errorf("Error while fetching user groups")
		return false
	}

	var groups []string
	for _, g := range userGroups {
		groups = append(groups, g.Name)
	}

	if tat.ItemInBothArrays(topic.AdminGroups, groups) {
		return true
	}

	// user is "Admin" on his /Private/usrname topics
	return strings.HasPrefix(topic.Topic, "/Private/"+user.Username)
}
Esempio n. 2
0
File: topic.go Progetto: ovh/tat
// GetUserRights return isRW, isAdmin for user
// Check personal access to topic, and group access
func GetUserRights(topic *tat.Topic, user *tat.User) (bool, bool) {

	isUserAdmin := tat.ArrayContains(topic.AdminUsers, user.Username)
	if isUserAdmin {
		return true, true
	}

	userGroups, err := group.GetGroups(user.Username)
	if err != nil {
		log.Errorf("Error while fetching user groups")
		return false, false
	}

	var groups []string
	for _, g := range userGroups {
		groups = append(groups, g.Name)
	}

	isUserRW := tat.ArrayContains(topic.RWUsers, user.Username)
	isRW := isUserRW || tat.ItemInBothArrays(topic.RWGroups, groups)
	isAdmin := isUserAdmin || tat.ItemInBothArrays(topic.AdminUsers, groups)
	return isRW, isAdmin
}