(ctx context.Context, req *adminv1.SudoIssueRuntimeManagerTokenRequest)
| 12 | ) |
| 13 | |
| 14 | func (s *Server) SudoIssueRuntimeManagerToken(ctx context.Context, req *adminv1.SudoIssueRuntimeManagerTokenRequest) (*adminv1.SudoIssueRuntimeManagerTokenResponse, error) { |
| 15 | observability.AddRequestAttributes(ctx, attribute.String("args.host", req.Host)) |
| 16 | |
| 17 | claims := auth.GetClaims(ctx) |
| 18 | if !claims.Superuser(ctx) { |
| 19 | return nil, status.Error(codes.PermissionDenied, "only superusers can request a manager token") |
| 20 | } |
| 21 | |
| 22 | jwt, err := s.admin.IssueRuntimeManagementToken(req.Host) |
| 23 | if err != nil { |
| 24 | return nil, err |
| 25 | } |
| 26 | |
| 27 | return &adminv1.SudoIssueRuntimeManagerTokenResponse{ |
| 28 | Token: jwt, |
| 29 | }, nil |
| 30 | } |
nothing calls this directly
no test coverage detected