2022-01-26 10:16:33 +01:00
|
|
|
package domain
|
|
|
|
|
2023-05-05 17:34:53 +02:00
|
|
|
import "context"
|
|
|
|
|
2022-01-26 10:16:33 +01:00
|
|
|
type Permissions struct {
|
|
|
|
Permissions []string
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *Permissions) AppendPermissions(ctxID string, permissions ...string) {
|
|
|
|
for _, permission := range permissions {
|
|
|
|
p.appendPermission(ctxID, permission)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *Permissions) appendPermission(ctxID, permission string) {
|
|
|
|
if ctxID != "" {
|
|
|
|
permission = permission + ":" + ctxID
|
|
|
|
}
|
|
|
|
for _, existingPermission := range p.Permissions {
|
|
|
|
if existingPermission == permission {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
p.Permissions = append(p.Permissions, permission)
|
|
|
|
}
|
2023-05-05 17:34:53 +02:00
|
|
|
|
|
|
|
type PermissionCheck func(ctx context.Context, permission, orgID, resourceID string) (err error)
|
|
|
|
|
|
|
|
const (
|
2024-05-07 07:38:26 +02:00
|
|
|
PermissionUserWrite = "user.write"
|
|
|
|
PermissionUserRead = "user.read"
|
|
|
|
PermissionUserDelete = "user.delete"
|
|
|
|
PermissionUserCredentialWrite = "user.credential.write"
|
|
|
|
PermissionSessionWrite = "session.write"
|
|
|
|
PermissionSessionDelete = "session.delete"
|
2024-08-15 06:37:06 +02:00
|
|
|
PermissionOrgRead = "org.read"
|
2024-08-14 20:18:29 +02:00
|
|
|
PermissionIDPRead = "iam.idp.read"
|
|
|
|
PermissionOrgIDPRead = "org.idp.read"
|
2023-05-05 17:34:53 +02:00
|
|
|
)
|