Fix nil account bug
This commit is contained in:
parent
f6d9416a9e
commit
5d14970a55
@ -4,6 +4,7 @@ package auth
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
@ -60,13 +61,13 @@ type Account struct {
|
||||
}
|
||||
|
||||
// HasScope returns a boolean indicating if the account has the given scope
|
||||
func (a *Account) HasScope(scope string) bool {
|
||||
func (a *Account) HasScope(scopes ...string) bool {
|
||||
if a.Scopes == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
for _, s := range a.Scopes {
|
||||
if s == scope {
|
||||
if s == strings.Join(scopes, ".") {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
@ -3,15 +3,15 @@ package auth
|
||||
import "testing"
|
||||
|
||||
func TestHasScope(t *testing.T) {
|
||||
if new(Account).HasScope("namespace.foo") {
|
||||
if new(Account).HasScope("namespace", "foo") {
|
||||
t.Errorf("Expected the blank account to not have a role")
|
||||
}
|
||||
|
||||
acc := Account{Scopes: []string{"namespace.foo"}}
|
||||
if !acc.HasScope("namespace.foo") {
|
||||
if !acc.HasScope("namespace", "foo") {
|
||||
t.Errorf("Expected the account to have the namespace.foo role")
|
||||
}
|
||||
if acc.HasScope("namespace.bar") {
|
||||
if acc.HasScope("namespace", "bar") {
|
||||
t.Errorf("Expected the account to not have the namespace.bar role")
|
||||
}
|
||||
}
|
||||
|
@ -208,14 +208,14 @@ func AuthHandler(fn func() auth.Auth) server.HandlerWrapper {
|
||||
|
||||
// Verify the caller has access to the resource
|
||||
err := a.Verify(account, res)
|
||||
if err != nil && len(account.ID) > 0 {
|
||||
if err != nil && account != nil {
|
||||
return errors.Forbidden(req.Service(), "Forbidden call made to %v:%v by %v", req.Service(), req.Endpoint(), account.ID)
|
||||
} else if err != nil {
|
||||
return errors.Unauthorized(req.Service(), "Unauthorised call made to %v:%v", req.Service(), req.Endpoint())
|
||||
}
|
||||
|
||||
// There is an account, set it in the context
|
||||
if len(account.ID) > 0 {
|
||||
if account != nil {
|
||||
ctx = auth.ContextWithAccount(ctx, account)
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user