GetImplicitUsersForRole gets implicit users for a role.
(name string, domain ...string)
| 273 | |
| 274 | // GetImplicitUsersForRole gets implicit users for a role. |
| 275 | func (e *Enforcer) GetImplicitUsersForRole(name string, domain ...string) ([]string, error) { |
| 276 | res := []string{} |
| 277 | var rms []rbac.RoleManager |
| 278 | |
| 279 | for _, rm := range e.rmMap { |
| 280 | rms = append(rms, rm) |
| 281 | } |
| 282 | for _, crm := range e.condRmMap { |
| 283 | rms = append(rms, crm) |
| 284 | } |
| 285 | |
| 286 | for _, rm := range rms { |
| 287 | // Use the role manager's GetImplicitUsers method which respects maxHierarchyLevel |
| 288 | users, err := rm.GetImplicitUsers(name, domain...) |
| 289 | if err != nil && err.Error() != "error: name does not exist" { |
| 290 | return nil, err |
| 291 | } |
| 292 | res = append(res, users...) |
| 293 | } |
| 294 | |
| 295 | return res, nil |
| 296 | } |
| 297 | |
| 298 | // GetImplicitPermissionsForUser gets implicit permissions for a user or role. |
| 299 | // Compared to GetPermissionsForUser(), this function retrieves permissions for inherited roles. |