mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 04:04:00 -06:00
509691b416
* extract genericService from RuleService just to reuse it later * implement silence service --------- Co-authored-by: William Wernert <william.wernert@grafana.com> Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
29 lines
1.1 KiB
Go
29 lines
1.1 KiB
Go
package accesscontrol
|
|
|
|
import (
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
"github.com/grafana/grafana/pkg/services/auth/identity"
|
|
"golang.org/x/net/context"
|
|
)
|
|
|
|
type genericService struct {
|
|
ac accesscontrol.AccessControl
|
|
}
|
|
|
|
// HasAccess returns true if the identity.Requester has all permissions specified by the evaluator. Returns error if access control backend could not evaluate permissions
|
|
func (r genericService) HasAccess(ctx context.Context, user identity.Requester, evaluator accesscontrol.Evaluator) (bool, error) {
|
|
return r.ac.Evaluate(ctx, user, evaluator)
|
|
}
|
|
|
|
// HasAccessOrError returns nil if the identity.Requester has enough permissions to pass the accesscontrol.Evaluator. Otherwise, returns authorization error that contains action that was performed
|
|
func (r genericService) HasAccessOrError(ctx context.Context, user identity.Requester, evaluator accesscontrol.Evaluator, action func() string) error {
|
|
has, err := r.HasAccess(ctx, user, evaluator)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !has {
|
|
return NewAuthorizationErrorWithPermissions(action(), evaluator)
|
|
}
|
|
return nil
|
|
}
|