accessCheck performs an access check based on the given context and vserver.
(ctx *ipc.Context, vserver string)
| 50 | |
| 51 | // accessCheck performs an access check based on the given context and vserver. |
| 52 | func (s *SeesawEngine) accessCheck(ctx *ipc.Context, vserver string) (string, error) { |
| 53 | switch { |
| 54 | case ctx.IsTrusted(): |
| 55 | return "trusted", nil |
| 56 | case ctx.User.IsAdmin(): |
| 57 | return "administrator", nil |
| 58 | case ctx.User.IsOperator(): |
| 59 | hasAccess, reason := s.engine.vserverAccess.hasAccess(vserver, ctx.User.Username) |
| 60 | if !hasAccess { |
| 61 | return "", fmt.Errorf("%v: user %q is not authorized to control %q", errAccess, ctx.User.Username, vserver) |
| 62 | } |
| 63 | return reason, nil |
| 64 | default: |
| 65 | return "", errAccess |
| 66 | } |
| 67 | } |
| 68 | |
| 69 | func (s *SeesawEngine) trace(call string, ctx *ipc.Context) { |
| 70 | log.V(2).Infof("SeesawEngine.%s called by %v", call, ctx) |
no test coverage detected