mirror of
				https://github.com/zitadel/zitadel.git
				synced 2025-10-26 11:21:06 +00:00 
			
		
		
		
	 f680dd934d
			
		
	
	f680dd934d
	
	
	
		
			
			* chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com>
		
			
				
	
	
		
			33 lines
		
	
	
		
			751 B
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			33 lines
		
	
	
		
			751 B
		
	
	
	
		
			Go
		
	
	
	
	
	
| package command
 | |
| 
 | |
| import (
 | |
| 	"context"
 | |
| 
 | |
| 	"github.com/zitadel/zitadel/internal/api/authz"
 | |
| 	"github.com/zitadel/zitadel/internal/zerrors"
 | |
| )
 | |
| 
 | |
| func checkExplicitProjectPermission(ctx context.Context, grantID, projectID string) error {
 | |
| 	permissions := authz.GetRequestPermissionsFromCtx(ctx)
 | |
| 	if authz.HasGlobalPermission(permissions) {
 | |
| 		return nil
 | |
| 	}
 | |
| 	ids := authz.GetAllPermissionCtxIDs(permissions)
 | |
| 	if grantID != "" && listContainsID(ids, grantID) {
 | |
| 		return nil
 | |
| 	}
 | |
| 	if listContainsID(ids, projectID) {
 | |
| 		return nil
 | |
| 	}
 | |
| 	return zerrors.ThrowPermissionDenied(nil, "EVENT-Shu7e", "Errors.UserGrant.NoPermissionForProject")
 | |
| }
 | |
| 
 | |
| func listContainsID(ids []string, id string) bool {
 | |
| 	for _, i := range ids {
 | |
| 		if i == id {
 | |
| 			return true
 | |
| 		}
 | |
| 	}
 | |
| 	return false
 | |
| }
 |