ChangeRoleSet is a helper function that finds the difference of 2 sets of roles. When setting a user's new roles, it is equivalent to adding and removing roles. This set determines the changes, so that the appropriate RBAC checks can be applied using "ActionCreate" and "ActionDelete" for "added" and
(from []RoleIdentifier, to []RoleIdentifier)
| 918 | // RBAC checks can be applied using "ActionCreate" and "ActionDelete" for |
| 919 | // "added" and "removed" roles respectively. |
| 920 | func ChangeRoleSet(from []RoleIdentifier, to []RoleIdentifier) (added []RoleIdentifier, removed []RoleIdentifier) { |
| 921 | return slice.SymmetricDifferenceFunc(from, to, func(a, b RoleIdentifier) bool { |
| 922 | return a.Name == b.Name && a.OrganizationID == b.OrganizationID |
| 923 | }) |
| 924 | } |
| 925 | |
| 926 | // Permissions is just a helper function to make building roles that list out resources |
| 927 | // and actions a bit easier. |