MCPcopy Index your code
hub / github.com/rilldata/rill / ProjectPermissionsForDeployment

Method ProjectPermissionsForDeployment

admin/permissions.go:201–236  ·  view source on GitHub ↗

ProjectPermissionsForDeployment resolves project permissions for a deployment. A deployment currently gets full read and no write permissions on the project it belongs to.

(ctx context.Context, projectID, deploymentID string, orgPerms *adminv1.OrganizationPermissions)

Source from the content-addressed store, hash-verified

199// ProjectPermissionsForDeployment resolves project permissions for a deployment.
200// A deployment currently gets full read and no write permissions on the project it belongs to.
201func (s *Service) ProjectPermissionsForDeployment(ctx context.Context, projectID, deploymentID string, orgPerms *adminv1.OrganizationPermissions) (*adminv1.ProjectPermissions, error) {
202 depl, err := s.DB.FindDeployment(ctx, deploymentID)
203 if err != nil {
204 return nil, err
205 }
206
207 // Deployments get full read and no write permissions on the project they belong to
208 if projectID == depl.ProjectID {
209 return &adminv1.ProjectPermissions{
210 Admin: false,
211 ReadProject: true,
212 ManageProject: false,
213 ReadProd: true,
214 ReadProdStatus: true,
215 ManageProd: depl.Editable && depl.Environment == "prod", // Since editable deployments can push variables
216 ReadDev: true,
217 ReadDevStatus: true,
218 ManageDev: depl.Editable, // Since editable deployments can push variables
219 ReadProvisionerResources: true,
220 ManageProvisionerResources: true,
221 ReadProjectMembers: true,
222 ManageProjectMembers: false,
223 ManageProjectAdmins: false,
224 CreateMagicAuthTokens: false,
225 ManageMagicAuthTokens: false,
226 CreateReports: false,
227 ManageReports: false,
228 CreateAlerts: false,
229 ManageAlerts: false,
230 CreateBookmarks: false,
231 ManageBookmarks: false,
232 }, nil
233 }
234
235 return &adminv1.ProjectPermissions{}, nil
236}
237
238// ProjectPermissionsForMagicAuthToken resolves project permissions for a magic auth token.
239func (s *Service) ProjectPermissionsForMagicAuthToken(ctx context.Context, projectID string, tkn *database.MagicAuthToken) (*adminv1.ProjectPermissions, error) {

Callers 1

ProjectPermissionsMethod · 0.80

Calls 1

FindDeploymentMethod · 0.65

Tested by

no test coverage detected