permissionGranted checks whether a permission list contains a matching entry for the target, accounting for wildcard actions. It does not evaluate negations that may override a positive grant.
(perms []rbac.Permission, target rbac.Permission)
| 55 | // matching entry for the target, accounting for wildcard actions. |
| 56 | // It does not evaluate negations that may override a positive grant. |
| 57 | func permissionGranted(perms []rbac.Permission, target rbac.Permission) bool { |
| 58 | return slices.ContainsFunc(perms, func(p rbac.Permission) bool { |
| 59 | return p.Negate == target.Negate && |
| 60 | p.ResourceType == target.ResourceType && |
| 61 | (p.Action == target.Action || p.Action == policy.WildcardSymbol) |
| 62 | }) |
| 63 | } |
| 64 | |
| 65 | func TestOrgSharingPermissions(t *testing.T) { |
| 66 | t.Parallel() |
no outgoing calls
no test coverage detected