37 Star 407 Fork 74

GVPrancher/rancher

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
rbac.go 2.55 KB
一键复制 编辑 原始数据 按行查看 历史
Craig Jellick 提交于 2018-04-25 13:54 . Do auth checks on actions and links
package clustermanager
import (
"github.com/rancher/norman/types"
"github.com/sirupsen/logrus"
)
func (m *Manager) CanCreate(apiContext *types.APIContext, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanCreate(apiContext, schema)
}
func (m *Manager) CanList(apiContext *types.APIContext, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanList(apiContext, schema)
}
func (m *Manager) CanGet(apiContext *types.APIContext, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanGet(apiContext, schema)
}
func (m *Manager) CanUpdate(apiContext *types.APIContext, obj map[string]interface{}, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanUpdate(apiContext, obj, schema)
}
func (m *Manager) CanDelete(apiContext *types.APIContext, obj map[string]interface{}, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanDelete(apiContext, obj, schema)
}
func (m *Manager) CanDo(apiGroup, resource, verb string, apiContext *types.APIContext, obj map[string]interface{}, schema *types.Schema) error {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
return err
}
return ac.CanDo(apiGroup, resource, verb, apiContext, obj, schema)
}
func (m *Manager) Filter(apiContext *types.APIContext, schema *types.Schema, obj map[string]interface{}, context map[string]string) map[string]interface{} {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
logrus.Warnf("failed to find access control: %v", err)
return nil
}
return ac.Filter(apiContext, schema, obj, context)
}
func (m *Manager) FilterList(apiContext *types.APIContext, schema *types.Schema, obj []map[string]interface{}, context map[string]string) []map[string]interface{} {
ac, err := m.getAccessControl(apiContext, schema)
if err != nil {
logrus.Warnf("failed to find access control: %v", err)
return nil
}
return ac.FilterList(apiContext, schema, obj, context)
}
func (m *Manager) getAccessControl(apiContext *types.APIContext, schema *types.Schema) (types.AccessControl, error) {
return m.AccessControl(apiContext, getContext(schema))
}
func getContext(schema *types.Schema) types.StorageContext {
if schema == nil || schema.Store == nil {
return types.DefaultStorageContext
}
return schema.Store.Context()
}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
Go
1
https://gitee.com/rancher/rancher.git
git@gitee.com:rancher/rancher.git
rancher
rancher
rancher
v2.2.10

搜索帮助