Object is used to create objects for authz checks when you have none in hand to run the check on. An example is if you want to list all workspaces, you can create a Object that represents the set of workspaces you are trying to get access too. Do not export this type, as it can be created from a res
| 23 | // that represents the set of workspaces you are trying to get access too. |
| 24 | // Do not export this type, as it can be created from a resource type constant. |
| 25 | type Object struct { |
| 26 | // ID is the resource's uuid |
| 27 | ID string `json:"id"` |
| 28 | Owner string `json:"owner"` |
| 29 | // OrgID specifies which org the object is a part of. |
| 30 | OrgID string `json:"org_owner"` |
| 31 | // AnyOrgOwner will disregard the org_owner when checking for permissions |
| 32 | // Use this to ask, "Can the actor do this action on any org?" when |
| 33 | // the exact organization is not important or known. |
| 34 | // E.g: The UI should show a "create template" button if the user |
| 35 | // can create a template in any org. |
| 36 | AnyOrgOwner bool `json:"any_org"` |
| 37 | |
| 38 | // Type is "workspace", "project", "app", etc |
| 39 | Type string `json:"type"` |
| 40 | |
| 41 | ACLUserList map[string][]policy.Action ` json:"acl_user_list"` |
| 42 | ACLGroupList map[string][]policy.Action ` json:"acl_group_list"` |
| 43 | } |
| 44 | |
| 45 | // String is not perfect, but decent enough for human display |
| 46 | func (z Object) String() string { |
nothing calls this directly
no outgoing calls
no test coverage detected