-
Notifications
You must be signed in to change notification settings - Fork 19
/
permissions.go
87 lines (71 loc) · 1.89 KB
/
permissions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package wallet
var PublicKeysPermissionLabel = "public_keys"
// Permissions describes the permissions set on a given hostname.
type Permissions struct {
PublicKeys PublicKeysPermission `json:"publicKeys"`
}
func (p Permissions) Summary() PermissionsSummary {
summary := map[string]string{}
summary[PublicKeysPermissionLabel] = AccessModeToString(p.PublicKeys.Access)
return summary
}
func (p Permissions) CanListKeys() bool {
return p.PublicKeys.Access == ReadAccess
}
func (p Permissions) CanUseKey(pubKey string) bool {
if !p.CanListKeys() {
return false
}
// No allowed keys specified. All keys can be listed.
if len(p.PublicKeys.AllowedKeys) == 0 {
return true
}
for _, k := range p.PublicKeys.AllowedKeys {
if k == pubKey {
return true
}
}
return false
}
func DefaultPermissions() Permissions {
return Permissions{
PublicKeys: NoPublicKeysPermission(),
}
}
type PermissionsSummary map[string]string
type AccessMode string
var (
NoAccess AccessMode = "none"
ReadAccess AccessMode = "read"
)
func AccessModeToString(m AccessMode) string {
switch m {
case ReadAccess, NoAccess:
return string(m)
default:
return string(NoAccess)
}
}
// PublicKeysPermission defines what the third-party application can do with
// the public keys of the wallet.
//
// Methods requiring read access:
// - list_keys
type PublicKeysPermission struct {
Access AccessMode `json:"access"`
// AllowedKeys lists all the keys a third-party application has access to.
// All keys are valid and usable (no tainted key).
AllowedKeys []string `json:"allowedKeys"`
}
func (p PublicKeysPermission) Enabled() bool {
return p.Access != NoAccess
}
func (p PublicKeysPermission) HasAllowedKeys() bool {
return len(p.AllowedKeys) != 0
}
// NoPublicKeysPermission returns a revoked access for public keys.
func NoPublicKeysPermission() PublicKeysPermission {
return PublicKeysPermission{
Access: NoAccess,
}
}