Livio Amstutz a4763b1e4c
feat: features (#1427)
* features

* features

* features

* fix json tags

* add features handler to auth

* mocks for tests

* add setup step

* fixes

* add featurelist to auth api

* grandfather state and typos

* typo

* merge new-eventstore

* fix login policy tests

* label policy in features

* audit log retention
2021-03-25 17:26:21 +01:00

39 lines
979 B
Go

package domain
import (
"strings"
"github.com/caos/zitadel/internal/api/authz"
)
const (
IAMRolePrefix = "IAM"
OrgRolePrefix = "ORG"
ProjectRolePrefix = "PROJECT"
ProjectGrantRolePrefix = "PROJECT_GRANT"
RoleOrgOwner = "ORG_OWNER"
RoleOrgProjectCreator = "ORG_PROJECT_CREATOR"
RoleIAMOwner = "IAM_OWNER"
RoleProjectOwner = "PROJECT_OWNER"
RoleProjectOwnerGlobal = "PROJECT_OWNER_GLOBAL"
)
func CheckForInvalidRoles(roles []string, rolePrefix string, validRoles []authz.RoleMapping) []string {
invalidRoles := make([]string, 0)
for _, role := range roles {
if !containsRole(role, rolePrefix, validRoles) {
invalidRoles = append(invalidRoles, role)
}
}
return invalidRoles
}
func containsRole(role, rolePrefix string, validRoles []authz.RoleMapping) bool {
for _, validRole := range validRoles {
if role == validRole.Role && strings.HasPrefix(role, rolePrefix) {
return true
}
}
return false
}