Documentation
¶
Index ¶
- type Service
- func (s *Service) EnforceRole(c context.Context, r twisk.AccessRole) bool
- func (s *Service) EnforceTenant(c context.Context, ID int32) bool
- func (s *Service) EnforceTenantAdmin(c context.Context, ID int32) bool
- func (s *Service) EnforceTenantAndRole(c context.Context, roleID twisk.AccessRole, tenantID int32) bool
- func (s *Service) EnforceUser(c context.Context, ID int64) bool
- func (s *Service) IsLowerRole(c context.Context, r twisk.AccessRole) bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Service ¶
type Service struct{}
Service is RBAC application service
func (*Service) EnforceRole ¶
EnforceRole authorizes request by AccessRole
func (*Service) EnforceTenant ¶
EnforceTenant checks whether the request to apply change to tenant data is done by the user belonging to the that tenant and that the user has role tenantAdmin. If user has admin role, the check for tenant doesn't need to pass.
func (*Service) EnforceTenantAdmin ¶
EnforceTenantAdmin checks tenant admin
func (*Service) EnforceTenantAndRole ¶
func (s *Service) EnforceTenantAndRole(c context.Context, roleID twisk.AccessRole, tenantID int32) bool
EnforceTenantAndRole performs auth check for same tenant and lower role. Used for user creation, deletion etc.
func (*Service) EnforceUser ¶
EnforceUser checks whether the request to change user data is done by the same user
Source Files
Click to show internal directories.
Click to hide internal directories.