MCPcopy Index your code
hub / github.com/rilldata/rill / OrganizationPermissionsForUser

Method OrganizationPermissionsForUser

admin/permissions.go:12–37  ·  view source on GitHub ↗

OrganizationPermissionsForUser resolves organization permissions for a user.

(ctx context.Context, orgID, userID string)

Source from the content-addressed store, hash-verified

10
11// OrganizationPermissionsForUser resolves organization permissions for a user.
12func (s *Service) OrganizationPermissionsForUser(ctx context.Context, orgID, userID string) (*adminv1.OrganizationPermissions, error) {
13 roles, err := s.DB.ResolveOrganizationRolesForUser(ctx, userID, orgID)
14 if err != nil {
15 return nil, err
16 }
17
18 composite := &adminv1.OrganizationPermissions{}
19 for _, role := range roles {
20 composite = UnionOrgRoles(composite, role)
21 }
22
23 // If the org has a public project, all users get read access to it.
24 if !composite.ReadOrg {
25 ok, err := s.DB.CheckOrganizationHasPublicProjects(ctx, orgID)
26 if err != nil {
27 return nil, err
28 }
29 if ok {
30 composite.Guest = true
31 composite.ReadOrg = true
32 composite.ReadProjects = true
33 }
34 }
35
36 return composite, nil
37}
38
39// OrganizationPermissionsForService resolves organization permissions for a service.
40// If the service has roles, it uses those roles to determine permissions. If no role is found, it falls back to the legacy behavior of giving full permissions to services in their org.

Callers 3

createMagicTokensMethod · 0.80
getAttributesForUserMethod · 0.80

Tested by

no test coverage detected