// Get all the permissions of a given user to a given resource- // return the user's list of permissions to the given resource // The permissions may be listed as the user's permissions, permissions to groups // in which the user is a member or permissions that are given to 'all' func GetUserPermissions(el *en.EntityManager, userName string, resourceName string) (PermissionsMap, error) { lock.Lock() defer lock.Unlock() if el == nil { return nil, fmt.Errorf("Error: EntityManager is nil") } err := en.IsEntityNameValid(userName) if err != nil { return nil, err } err = en.IsEntityNameValid(resourceName) if err != nil { return nil, err } permissions := make(PermissionsMap) data, err := el.GetPropertyAttachedToEntity(resourceName, stc.AclPropertyName) if err != nil { return nil, fmt.Errorf("Resource '%v' dose not have an ACL property", resourceName) } acl, ok := data.(*Acl) if ok == false { return nil, fmt.Errorf("Resource '%v' ACL property is in the wrong type", resourceName) } for name, p := range acl.Permissions { if name == userName || name == stc.AclAllEntryName || el.IsUserPartOfAGroup(name, userName) { for permission, _ := range p.Permissions { permissions[permission] = "" } } } logger.Trace.Println("The permissions of:", userName, "are:", permissions) return permissions, nil }