TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-12-05 04:11:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

ipn/{ipnauth, ipnserver}: extend the ipnauth.Actor interface with a CheckProfileAccess method

Browse Source 
The implementations define it to verify whether the actor has the requested access to a login profile.

Updates #14823

Signed-off-by: Nick Khyl <nickk@tailscale.com>
This commit is contained in:
Nick Khyl
2025-01-29 15:34:20 -06:00
committed by Nick Khyl
parent 4e7f4086b2
commit 081595de63
4 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ipn/ipnauth/actor.go
View File

@@ -27,6 +27,10 @@ type Actor interface {
// a connected LocalAPI client. Otherwise, it returns a zero value and false.
ClientID() (_ ClientID, ok bool)
// CheckProfileAccess checks whether the actor has the requested access rights
// to the specified Tailscale profile. It returns an error if the access is denied.
CheckProfileAccess(profile ipn.LoginProfileView, requestedAccess ProfileAccess) error
// IsLocalSystem reports whether the actor is the Windows' Local System account.
//
// Deprecated: this method exists for compatibility with the current (as of 2024-08-27)