-
Notifications
You must be signed in to change notification settings - Fork 1
/
auth_grant_role.go
41 lines (36 loc) · 1.16 KB
/
auth_grant_role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
package gcloudcx
import "github.com/google/uuid"
type AuthorizationGrantRole struct {
ID uuid.UUID `json:"id"`
SelfUri string `json:"selfUri"`
Name string `json:"name"`
Description string `json:"description"`
IsDefault bool `json:"default"`
Policies []AuthorizationGrantPolicy `json:"policies"`
}
// GetID gets the identifier
//
// implements core.Identifiable
func (role AuthorizationGrantRole) GetID() uuid.UUID {
return role.ID
}
// CheckScope checks if the grant role allows or denies the given scope
//
// If allowed, the policy that allows the scope is returned
func (role AuthorizationGrantRole) CheckScope(scope AuthorizationScope) (AuthorizationGrantPolicy, bool) {
for _, policy := range role.Policies {
if policy.CheckScope(scope) {
return policy, true
}
}
return AuthorizationGrantPolicy{}, false
}
// String returns a string representation of the AuthorizationDivision
//
// implements fmt.Stringer
func (role AuthorizationGrantRole) String() string {
if len(role.Name) > 0 {
return role.Name
}
return role.ID.String()
}