func (gs *GrantManager) AccountCapability(
ctx scope.Context, account Account) (*security.PublicKeyCapability, error) {
kp := account.KeyPair()
cid := security.PublicKeyCapabilityID(gs.SubjectKeyPair, &kp, gs.SubjectNonce)
c, err := gs.Capabilities.Get(ctx, cid)
if err != nil {
if err == ErrCapabilityNotFound {
return nil, nil
}
return nil, err
}
return &security.PublicKeyCapability{Capability: c}, nil
}
func (gs *GrantManager) RevokeFromAccount(ctx scope.Context, account Account) error {
kp := account.KeyPair()
cid := security.PublicKeyCapabilityID(gs.SubjectKeyPair, &kp, gs.SubjectNonce)
return gs.Capabilities.Remove(ctx, cid)
}