MCPcopy Index your code
hub / github.com/coder/coder / expandLowLevel

Function expandLowLevel

coderd/rbac/scopes.go:303–315  ·  view source on GitHub ↗

expandLowLevel constructs a site-only Scope with a single permission for the given resource and action. This mirrors how builtin scopes are represented but is restricted to site-level only.

(resource string, action policy.Action)

Source from the content-addressed store, hash-verified

301// given resource and action. This mirrors how builtin scopes are represented
302// but is restricted to site-level only.
303func expandLowLevel(resource string, action policy.Action) Scope {
304 return Scope{
305 Role: Role{
306 Identifier: RoleIdentifier{Name: fmt.Sprintf("Scope_%s:%s", resource, action)},
307 DisplayName: fmt.Sprintf("%s:%s", resource, action),
308 Site: []Permission{{ResourceType: resource, Action: action}},
309 User: []Permission{},
310 ByOrgID: map[string]OrgPermissions{},
311 },
312 // Low-level scopes intentionally return a wildcard allow list.
313 AllowIDList: []AllowListElement{{Type: policy.WildcardSymbol, ID: policy.WildcardSymbol}},
314 }
315}

Callers 1

ExpandScopeFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected