MCPcopy
hub / github.com/weaviate/weaviate / denyContainingAuthorizer

Struct denyContainingAuthorizer

usecases/objects/references_namespace_test.go:1129–1131  ·  view source on GitHub ↗

denyContainingAuthorizer is a test-only authorizer that denies any Authorize call whose resources include a path containing the configured substring, and allows everything else. Used to model "user has UPDATE on source but not READ on target" without pulling in the full RBAC stack.

Source from the content-addressed store, hash-verified

1127// and allows everything else. Used to model "user has UPDATE on source but
1128// not READ on target" without pulling in the full RBAC stack.
1129type denyContainingAuthorizer struct {
1130 deny string
1131}
1132
1133func (a *denyContainingAuthorizer) Authorize(ctx context.Context, principal *models.Principal, verb string, resources ...string) error {
1134 for _, r := range resources {

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected