authorizeAIBridgeInterceptionAction validates that the context's actor matches the initiator of the AIBridgeInterception. This is used by all of the sub-resources which fall under the [ResourceAibridgeInterception] umbrella.
(ctx context.Context, action policy.Action, interceptionID uuid.UUID)
| 190 | // authorizeAIBridgeInterceptionAction validates that the context's actor matches the initiator of the AIBridgeInterception. |
| 191 | // This is used by all of the sub-resources which fall under the [ResourceAibridgeInterception] umbrella. |
| 192 | func (q *querier) authorizeAIBridgeInterceptionAction(ctx context.Context, action policy.Action, interceptionID uuid.UUID) error { |
| 193 | inter, err := q.db.GetAIBridgeInterceptionByID(ctx, interceptionID) |
| 194 | if err != nil { |
| 195 | return xerrors.Errorf("fetch aibridge interception %q: %w", interceptionID, err) |
| 196 | } |
| 197 | |
| 198 | err = q.authorizeContext(ctx, action, inter.RBACObject()) |
| 199 | if err != nil { |
| 200 | return err |
| 201 | } |
| 202 | |
| 203 | return nil |
| 204 | } |
| 205 | |
| 206 | type authContextKey struct{} |
| 207 |
no test coverage detected