add role access limitions for menu items.

This allows external-plugin menu items to conditionally
be added to the UI depending on the logged in users
current role.

pkg/api/index.go

@@ -70,7 +70,28 @@ func setIndexViewData(c *middleware.Context) (*dtos.IndexViewData, error) {
 			data.PluginCss = append(data.PluginCss, css.Href)
 		}
 		for _, item := range plugin.MainNavLinks {
-			data.MainNavLinks = append(data.MainNavLinks, &dtos.NavLink{Text: item.Text, Href: item.Href, Icon: item.Icon})
+			// only show menu items for the specified roles.
+			var validRoles []m.RoleType
+			if string(item.ReqRole) == "" || item.ReqRole == m.ROLE_VIEWER {
+				validRoles = []m.RoleType{m.ROLE_ADMIN, m.ROLE_EDITOR, m.ROLE_VIEWER}
+			} else if item.ReqRole == m.ROLE_EDITOR {
+				validRoles = []m.RoleType{m.ROLE_ADMIN, m.ROLE_EDITOR}
+			} else if item.ReqRole == m.ROLE_ADMIN {
+				validRoles = []m.RoleType{m.ROLE_ADMIN}
+			}
+			ok := true
+			if len(validRoles) > 0 {
+				ok = false
+				for _, role := range validRoles {
+					if role == c.OrgRole {
+						ok = true
+						break
+					}
+				}
+			}
+			if ok {
+				data.MainNavLinks = append(data.MainNavLinks, &dtos.NavLink{Text: item.Text, Href: item.Href, Icon: item.Icon})
+			}
 		}
 	}
 

pkg/plugins/models.go

@@ -41,9 +41,10 @@ type ExternalPluginJs struct {
 }
 
 type ExternalPluginNavLink struct {
-	Text string `json:"text"`
-	Icon string `json:"icon"`
-	Href string `json:"href"`
+	Text    string          `json:"text"`
+	Icon    string          `json:"icon"`
+	Href    string          `json:"href"`
+	ReqRole models.RoleType `json:"reqRole"`
 }
 
 type ExternalPluginCss struct {