31
31
Access string `bson:"access"`
34
func stringToAccess(a string) description.Access {
35
return description.Access(a)
34
func stringToAccess(a string) permission.Access {
35
return permission.Access(a)
38
func accessToString(a description.Access) string {
38
func accessToString(a permission.Access) string {
42
42
// userPermission returns a Permission for the given Subject and User.
43
func (st *State) userPermission(objectGlobalKey, subjectGlobalKey string) (*permission, error) {
44
userPermission := &permission{}
43
func (st *State) userPermission(objectGlobalKey, subjectGlobalKey string) (*userPermission, error) {
44
result := &userPermission{}
45
45
permissions, closer := st.getCollection(permissionsC)
48
48
id := permissionID(objectGlobalKey, subjectGlobalKey)
49
err := permissions.FindId(id).One(&userPermission.doc)
49
err := permissions.FindId(id).One(&result.doc)
50
50
if err == mgo.ErrNotFound {
51
51
return nil, errors.NotFoundf("user permissions for user %q", id)
53
return userPermission, nil
56
56
// controllerUserPermission returns a Permission for the given Subject and User.
57
func (st *State) controllerUserPermission(objectGlobalKey, subjectGlobalKey string) (*permission, error) {
58
userPermission := &permission{}
57
func (st *State) controllerUserPermission(objectGlobalKey, subjectGlobalKey string) (*userPermission, error) {
58
result := &userPermission{}
60
60
permissions, closer := st.getCollection(permissionsC)
63
63
id := permissionID(objectGlobalKey, subjectGlobalKey)
64
err := permissions.FindId(id).One(&userPermission.doc)
64
err := permissions.FindId(id).One(&result.doc)
65
65
if err == mgo.ErrNotFound {
66
66
return nil, errors.NotFoundf("user permissions for user %q", id)
68
return userPermission, nil
71
71
// isReadOnly returns whether or not the user has write access or only
72
72
// read access to the model.
73
func (p *permission) isReadOnly() bool {
74
return stringToAccess(p.doc.Access) == description.UndefinedAccess || stringToAccess(p.doc.Access) == description.ReadAccess
73
func (p *userPermission) isReadOnly() bool {
74
return stringToAccess(p.doc.Access) == permission.UndefinedAccess || stringToAccess(p.doc.Access) == permission.ReadAccess
77
77
// isAdmin is a convenience method that
78
// returns whether or not the user has description.AdminAccess.
79
func (p *permission) isAdmin() bool {
80
return stringToAccess(p.doc.Access) == description.AdminAccess
78
// returns whether or not the user has permission.AdminAccess.
79
func (p *userPermission) isAdmin() bool {
80
return stringToAccess(p.doc.Access) == permission.AdminAccess
83
83
// isReadWrite is a convenience method that
84
// returns whether or not the user has description.WriteAccess.
85
func (p *permission) isReadWrite() bool {
86
return stringToAccess(p.doc.Access) == description.WriteAccess
84
// returns whether or not the user has permission.WriteAccess.
85
func (p *userPermission) isReadWrite() bool {
86
return stringToAccess(p.doc.Access) == permission.WriteAccess
89
func (p *permission) access() description.Access {
89
func (p *userPermission) access() permission.Access {
90
90
return stringToAccess(p.doc.Access)