MCPcopy Index your code
hub / github.com/coder/coder / AuthorizeSQLFilterContext

Method AuthorizeSQLFilterContext

coderd/authorize.go:144–155  ·  view source on GitHub ↗

AuthorizeSQLFilterContext is like AuthorizeSQLFilter but reads the RBAC subject from the context directly rather than from an *http.Request. The subject must have been set via dbauthz.As.

(ctx context.Context, action policy.Action, objectType string)

Source from the content-addressed store, hash-verified

142// RBAC subject from the context directly rather than from an
143// *http.Request. The subject must have been set via dbauthz.As.
144func (h *HTTPAuthorizer) AuthorizeSQLFilterContext(ctx context.Context, action policy.Action, objectType string) (rbac.PreparedAuthorized, error) {
145 roles, ok := dbauthz.ActorFromContext(ctx)
146 if !ok {
147 return nil, xerrors.New("no authorization actor in context")
148 }
149 prepared, err := h.Authorizer.Prepare(ctx, roles, action, objectType)
150 if err != nil {
151 return nil, xerrors.Errorf("prepare filter: %w", err)
152 }
153
154 return prepared, nil
155}
156
157// checkAuthorization returns if the current API key can use the given
158// permissions, factoring in the current user's roles and the API key scopes.

Callers

nothing calls this directly

Calls 4

ActorFromContextFunction · 0.92
NewMethod · 0.65
PrepareMethod · 0.65
ErrorfMethod · 0.45

Tested by

no test coverage detected