MCPcopy
hub / github.com/google/seesaw / newVserverUserAccess

Function newVserverUserAccess

engine/access.go:47–66  ·  view source on GitHub ↗

newVserverUserAccess builds a vserver user access map based on access grants.

(cluster *config.Cluster)

Source from the content-addressed store, hash-verified

45
46// newVserverUserAccess builds a vserver user access map based on access grants.
47func newVserverUserAccess(cluster *config.Cluster) (vserverUserAccess, error) {
48 vua := make(vserverUserAccess)
49 for _, vs := range cluster.Vservers {
50 for _, ag := range vs.AccessGrants {
51 if !ag.IsGroup {
52 vua.grantAccess(vs.Name, ag.Grantee, ag.Key())
53 continue
54 }
55 group, ok := cluster.AccessGroups[ag.Grantee]
56 if !ok {
57 log.Warningf("vserver %v references non-existent access group %q, ignoring", vs.Name, ag.Grantee)
58 continue
59 }
60 for _, username := range group.Members {
61 vua.grantAccess(vs.Name, username, ag.Key())
62 }
63 }
64 }
65 return vua, nil
66}
67
68// vserverAccess handles access control evaluation for vservers.
69type vserverAccess struct {

Callers 2

TestVserverAccessFunction · 0.85
managerMethod · 0.85

Calls 2

grantAccessMethod · 0.80
KeyMethod · 0.45

Tested by 1

TestVserverAccessFunction · 0.68