MCPcopy Index your code
hub / github.com/coder/coder / allPermsExcept

Function allPermsExcept

coderd/rbac/roles.go:206–231  ·  view source on GitHub ↗
(excepts ...Objecter)

Source from the content-addressed store, hash-verified

204}
205
206func allPermsExcept(excepts ...Objecter) []Permission {
207 resources := AllResources()
208 var perms []Permission
209 skip := make(map[string]bool)
210 for _, e := range excepts {
211 skip[e.RBACObject().Type] = true
212 }
213
214 for _, r := range resources {
215 // Exceptions
216 if skip[r.RBACObject().Type] {
217 continue
218 }
219 // This should always be skipped.
220 if r.RBACObject().Type == ResourceWildcard.Type {
221 continue
222 }
223 // Owners can do everything else
224 perms = append(perms, Permission{
225 Negate: false,
226 ResourceType: r.RBACObject().Type,
227 Action: policy.WildcardSymbol,
228 })
229 }
230 return perms
231}
232
233// builtInRoles are just a hard coded set for now. Ideally we store these in
234// the database. Right now they are functions because the org id should scope

Callers 5

scopes.goFile · 0.85
ReloadBuiltinRolesFunction · 0.85
OrgMemberPermissionsFunction · 0.85
TestScopeAllowListFunction · 0.85

Calls 2

AllResourcesFunction · 0.85
RBACObjectMethod · 0.65

Tested by 1

TestScopeAllowListFunction · 0.68