buildUserRoleMap builds a map of users to their assigned roles from grouping policy.
(groupingPolicy [][]string)
| 180 | |
| 181 | // buildUserRoleMap builds a map of users to their assigned roles from grouping policy. |
| 182 | func buildUserRoleMap(groupingPolicy [][]string) map[string]map[string]bool { |
| 183 | userRoles := make(map[string]map[string]bool) |
| 184 | |
| 185 | for _, rule := range groupingPolicy { |
| 186 | if len(rule) < 2 { |
| 187 | continue |
| 188 | } |
| 189 | user := rule[0] |
| 190 | role := rule[1] |
| 191 | |
| 192 | if userRoles[user] == nil { |
| 193 | userRoles[user] = make(map[string]bool) |
| 194 | } |
| 195 | userRoles[user][role] = true |
| 196 | } |
| 197 | |
| 198 | return userRoles |
| 199 | } |
| 200 | |
| 201 | // validateSOD validates a Separation of Duties constraint. |
| 202 | func (model Model) validateSOD(constraint *Constraint, groupingPolicy [][]string) error { |
no outgoing calls
no test coverage detected
searching dependent graphs…