TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 19:14:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
320679467b
zitadel/internal/v2/command/auth_checks.go
Fabi dfcb96d6a3
feat: user grants command side (#1191) 
* fix: user grant command side

* fix: user grant command side

* fix: user grant command side check permissions

* fix: unique constraint on user grants

* fix: add usergrant

* fix: add usergrant

* fix: add usergrant

* fix: user grant remove

* Update internal/v2/command/auth_checks.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/v2/command/auth_checks.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/v2/command/project.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/v2/command/user_grant.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: project events

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-01-22 13:31:52 +01:00

32 lines
759 B
Go
Raw Blame History

package command
import (
"context"
"github.com/caos/zitadel/internal/api/authz"
caos_errors "github.com/caos/zitadel/internal/errors"
)
func checkExplicitProjectPermission(ctx context.Context, grantID, projectID string) error {
permissions := authz.GetRequestPermissionsFromCtx(ctx)
if authz.HasGlobalPermission(permissions) {
return nil
}
ids := authz.GetAllPermissionCtxIDs(permissions)
if grantID != "" && listContainsID(ids, grantID) {
return nil
}
if listContainsID(ids, projectID) {
return nil
}
return caos_errors.ThrowPermissionDenied(nil, "EVENT-Shu7e", "Errors.UserGrant.NoPermissionForProject")
}
func listContainsID(ids []string, id string) bool {
for _, i := range ids {
if i == id {
return true
}
}
return false
}
Reference in New Issue View Git Blame Copy Permalink