File tree Expand file tree Collapse file tree 2 files changed +17
-8
lines changed Expand file tree Collapse file tree 2 files changed +17
-8
lines changed Original file line number Diff line number Diff line change @@ -37,8 +37,20 @@ type Object struct {
3737 ACLGroupList map [string ][]policy.Action ` json:"acl_group_list"`
3838}
3939
40+ // AvailableActions returns all available actions for a given object.
41+ // Wildcard is omitted.
4042func (z Object ) AvailableActions () []policy.Action {
41- policy .Action ()
43+ perms , ok := policy .RBACPermissions [z .Type ]
44+ if ! ok {
45+ return []policy.Action {}
46+ }
47+
48+ actions := make ([]policy.Action , 0 , len (perms .Actions ))
49+ for action := range perms .Actions {
50+ actions = append (actions , action )
51+ }
52+
53+ return actions
4254}
4355
4456func (z Object ) Equal (b Object ) bool {
Original file line number Diff line number Diff line change @@ -82,14 +82,11 @@ func (a ActionDefinition) Requires() string {
8282
8383// RBACPermissions is indexed by the type
8484var RBACPermissions = map [string ]PermissionDefinition {
85+ // Wildcard is every object, and the action "*" provides all actions.
86+ // So can grant all actions on all types.
8587 WildcardSymbol : {
86- Name : "Wildcard" ,
87- Actions : map [Action ]ActionDefinition {
88- WildcardSymbol : {
89- Description : "Wildcard gives admin level access to all resources and all actions." ,
90- Fields : 0 ,
91- },
92- },
88+ Name : "Wildcard" ,
89+ Actions : map [Action ]ActionDefinition {},
9390 },
9491 "user" : {
9592 Actions : map [Action ]ActionDefinition {
You can’t perform that action at this time.
0 commit comments