MCPcopy Index your code
hub / github.com/coder/coder / parseLowLevelScope

Function parseLowLevelScope

coderd/rbac/scopes.go:279–298  ·  view source on GitHub ↗

parseLowLevelScope parses a low-level scope name formatted as " : " and validates it against RBACPermissions. Returns the resource and action if valid.

(name ScopeName)

Source from the content-addressed store, hash-verified

277// "<resource>:<action>" and validates it against RBACPermissions.
278// Returns the resource and action if valid.
279func parseLowLevelScope(name ScopeName) (resource string, action policy.Action, ok bool) {
280 res, act, ok := ParseResourceAction(string(name))
281 if !ok {
282 return "", "", false
283 }
284
285 def, exists := policy.RBACPermissions[res]
286 if !exists {
287 return "", "", false
288 }
289
290 if act == policy.WildcardSymbol {
291 return res, policy.WildcardSymbol, true
292 }
293
294 if _, exists := def.Actions[policy.Action(act)]; !exists {
295 return "", "", false
296 }
297 return res, policy.Action(act), true
298}
299
300// expandLowLevel constructs a site-only Scope with a single permission for the
301// given resource and action. This mirrors how builtin scopes are represented

Callers 3

ExternalScopeNamesFunction · 0.85
TestExternalScopeNamesFunction · 0.85
ExpandScopeFunction · 0.85

Calls 2

ActionTypeAlias · 0.92
ParseResourceActionFunction · 0.85

Tested by 1

TestExternalScopeNamesFunction · 0.68