MCPcopy Index your code
hub / github.com/coder/coder / ExpandScope

Function ExpandScope

coderd/rbac/scopes.go:242–263  ·  view source on GitHub ↗
(scope ScopeName)

Source from the content-addressed store, hash-verified

240}
241
242func ExpandScope(scope ScopeName) (Scope, error) {
243 if role, ok := builtinScopes[scope]; ok {
244 return role, nil
245 }
246 if site, ok := CompositeSitePermissions(scope); ok {
247 return Scope{
248 Role: Role{
249 Identifier: RoleIdentifier{Name: fmt.Sprintf("Scope_%s", scope)},
250 DisplayName: string(scope),
251 Site: site,
252 User: []Permission{},
253 ByOrgID: map[string]OrgPermissions{},
254 },
255 // Composites are site-level; allow-list empty by default
256 AllowIDList: []AllowListElement{{Type: policy.WildcardSymbol, ID: policy.WildcardSymbol}},
257 }, nil
258 }
259 if res, act, ok := parseLowLevelScope(scope); ok {
260 return expandLowLevel(res, act), nil
261 }
262 return Scope{}, xerrors.Errorf("no scope named %q", scope)
263}
264
265// ParseResourceAction parses a scope string formatted as "<resource>:<action>"
266// and returns the resource and action components. This is the common parsing

Callers 4

ExpandMethod · 0.85
TestAuthorizeDomainFunction · 0.85
TestAuthorizeLevelsFunction · 0.85
TestAuthorizeScopeFunction · 0.85

Calls 4

CompositeSitePermissionsFunction · 0.85
parseLowLevelScopeFunction · 0.85
expandLowLevelFunction · 0.85
ErrorfMethod · 0.45

Tested by 3

TestAuthorizeDomainFunction · 0.68
TestAuthorizeLevelsFunction · 0.68
TestAuthorizeScopeFunction · 0.68