MCPcopy
hub / github.com/dgraph-io/dgraph / isAclPredMutation

Function isAclPredMutation

edgraph/access.go:759–782  ·  view source on GitHub ↗
(nquads []*api.NQuad)

Source from the content-addressed store, hash-verified

757}
758
759func isAclPredMutation(nquads []*api.NQuad) bool {
760 for _, nquad := range nquads {
761 if nquad.Predicate == "dgraph.group.acl" && nquad.ObjectValue != nil {
762 // this mutation is trying to change the permission of some predicate
763 // check if the predicate list contains an ACL predicate
764 if _, ok := nquad.ObjectValue.Val.(*api.Value_BytesVal); ok {
765 aclBytes := nquad.ObjectValue.Val.(*api.Value_BytesVal)
766 var aclsToChange []acl.Acl
767 err := json.Unmarshal(aclBytes.BytesVal, &aclsToChange)
768 if err != nil {
769 glog.Errorf(fmt.Sprintf("Unable to unmarshal bytes under the dgraph.group.acl "+
770 "predicate: %v", err))
771 continue
772 }
773 for _, aclToChange := range aclsToChange {
774 if x.IsAclPredicate(aclToChange.Predicate) {
775 return true
776 }
777 }
778 }
779 }
780 }
781 return false
782}
783
784// authorizeMutation authorizes the mutation using the worker.AclCachePtr. It will return permission
785// denied error if any one of the predicates in mutation(set or delete) is unauthorized.

Callers 1

authorizeMutationFunction · 0.85

Calls 2

IsAclPredicateFunction · 0.92
ErrorfMethod · 0.45

Tested by

no test coverage detected