unistack-org/micro
4
0
Fork 2
Code Issues 18 Pull Requests Actions Packages Projects Releases 331 Wiki Activity

Add auth scope constants

Browse Source
This commit is contained in:
Ben Toogood
2020-05-22 11:37:12 +01:00
parent fbb91c6cb7
commit 9c072a372c
2 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
auth/rules/rules.go
View File

@@ -51,9 +51,9 @@ func Verify(rules []*auth.Rule, acc *auth.Account, res *auth.Resource) error {
// loop through the rules and check for a rule which applies to this account
for _, rule := range filteredRules {
// a blank scope indicates the rule applies to everyone, even nil accounts
if rule.Scope == "" && rule.Access == auth.AccessDenied {
if rule.Scope == auth.ScopePublic && rule.Access == auth.AccessDenied {
return auth.ErrForbidden
} else if rule.Scope == "" && rule.Access == auth.AccessGranted {
} else if rule.Scope == auth.ScopePublic && rule.Access == auth.AccessGranted {
return nil
}
@@ -63,9 +63,9 @@ func Verify(rules []*auth.Rule, acc *auth.Account, res *auth.Resource) error {
}
// this rule applies to any account
if rule.Scope == "*" && rule.Access == auth.AccessDenied {
if rule.Scope == auth.ScopeAccount && rule.Access == auth.AccessDenied {
return auth.ErrForbidden
} else if rule.Scope == "*" && rule.Access == auth.AccessGranted {
} else if rule.Scope == auth.ScopeAccount && rule.Access == auth.AccessGranted {
return nil
}