William Petit
3ef495445a
serveur - Création d'un service d'autorisation dynamique basé sur des "voter" (à la Symfony) - Mise en place des autorisations sur les principales queries/mutations de l'API GraphQL
49 lines
899 B
Go
49 lines
899 B
Go
package model
|
|
|
|
import (
|
|
"context"
|
|
|
|
"forge.cadoles.com/Cadoles/daddy/internal/voter"
|
|
)
|
|
|
|
type DecisionSupportFileVoter struct {
|
|
}
|
|
|
|
func (v *DecisionSupportFileVoter) Vote(ctx context.Context, subject interface{}, obj interface{}, act interface{}) (voter.Decision, error) {
|
|
user, ok := subject.(*User)
|
|
if !ok {
|
|
return voter.Abstain, nil
|
|
}
|
|
|
|
dsf, ok := obj.(*DecisionSupportFile)
|
|
if !ok {
|
|
return voter.Abstain, nil
|
|
}
|
|
|
|
action, ok := act.(Action)
|
|
if !ok {
|
|
return voter.Abstain, nil
|
|
}
|
|
|
|
switch action {
|
|
case ActionCreate:
|
|
return voter.Allow, nil
|
|
case ActionRead:
|
|
return voter.Allow, nil
|
|
case ActionUpdate:
|
|
if inWorkgroup(user, dsf.Workgroup) {
|
|
return voter.Allow, nil
|
|
}
|
|
|
|
return voter.Deny, nil
|
|
case ActionDelete:
|
|
return voter.Deny, nil
|
|
}
|
|
|
|
return voter.Abstain, nil
|
|
}
|
|
|
|
func NewDecisionSupportFileVoter() *DecisionSupportFileVoter {
|
|
return &DecisionSupportFileVoter{}
|
|
}
|