CSEC_PUBLIC/catalyst
1
0
Fork 0
mirror of https://github.com/SecurityBrewery/catalyst.git synced 2025-12-06 15:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b6bb875af451cb48773a0b24f9c07ade0bfd5a06
catalyst/role/role.go
Jonas Plum 2bad1f5f28 Migrate to Go 1.18 (#45) 
* Migrate to Go 1.18 and add linters
2022-03-20 03:17:18 +01:00

172 lines
4.0 KiB
Go
Raw Blame History

package role
import (
"errors"
"sort"
"strings"
"golang.org/x/exp/slices"
"github.com/SecurityBrewery/catalyst/generated/model"
)
type Role string
const (
Analyst string = "analyst"
Engineer string = "engineer"
Admin string = "admin"
AutomationRead Role = "analyst:automation:read"
CurrentuserRead Role = "analyst:currentuser:read"
CurrentuserdataRead Role = "analyst:currentuserdata:read"
CurrentuserdataWrite Role = "analyst:currentsettings:write"
DashboardRead Role = "analyst:dashboard:read"
FileReadWrite Role = "analyst:file"
GroupRead Role = "analyst:group:read"
PlaybookRead Role = "analyst:playbook:read"
RuleRead Role = "analyst:rule:read"
SettingsRead Role = "analyst:settings:read"
TemplateRead Role = "analyst:template:read"
TicketRead Role = "analyst:ticket:read"
TicketWrite Role = "analyst:ticket:write"
TickettypeRead Role = "analyst:tickettype:read"
UserRead Role = "analyst:user:read"
AutomationWrite Role = "engineer:automation:write"
PlaybookWrite Role = "engineer:playbook:write"
RuleWrite Role = "engineer:rule:write"
TemplateWrite Role = "engineer:template:write"
TickettypeWrite Role = "engineer:tickettype:write"
BackupRead Role = "admin:backup:read"
BackupRestore Role = "admin:backup:restore"
DashboardWrite Role = "admin:dashboard:write"
GroupWrite Role = "admin:group:write"
JobRead Role = "admin:job:read"
JobWrite Role = "admin:job:write"
LogRead Role = "admin:log:read"
SettingsWrite Role = "admin:settings:write"
TicketDelete Role = "admin:ticket:delete"
UserWrite Role = "admin:user:write"
UserdataRead Role = "admin:userdata:read"
UserdataWrite Role = "admin:userdata:write"
)
func (p Role) String() string {
return string(p)
}
func UserHasRoles(user *model.UserResponse, roles []Role) bool {
hasRoles := true
for _, role := range roles {
if !UserHasRole(user, role) {
hasRoles = false
break
}
}
return hasRoles
}
func UserHasRole(user *model.UserResponse, role Role) bool {
return slices.Contains(FromStrings(user.Roles), role)
}
func Explodes(s []string) []Role {
var roles []Role
for _, e := range s {
roles = append(roles, Explode(e)...)
}
sort.Slice(roles, func(i, j int) bool {
return roles[i].String() < roles[j].String()
})
roles = slices.Compact(roles)
return roles
}
func Explode(s string) []Role {
var roles []Role
switch s {
case Admin:
roles = append(roles, listPrefix(Admin)...)
fallthrough
case Engineer:
roles = append(roles, listPrefix(Engineer)...)
fallthrough
case Analyst:
roles = append(roles, listPrefix(Analyst)...)
return roles
}
for _, role := range List() {
if role.String() == s {
roles = append(roles, role)
}
}
return roles
}
func listPrefix(s string) []Role {
var roles []Role
for _, role := range List() {
if strings.HasPrefix(role.String(), s+":") {
roles = append(roles, role)
}
}
return roles
}
func List() []Role {
return []Role{
AutomationRead, CurrentuserdataRead, CurrentuserdataWrite,
CurrentuserRead, FileReadWrite, GroupRead, PlaybookRead, RuleRead,
UserdataRead, SettingsRead, TemplateRead, TicketRead, TickettypeRead,
TicketWrite, UserRead, AutomationWrite, PlaybookWrite, RuleWrite,
TemplateWrite, TickettypeWrite, BackupRead, BackupRestore, GroupWrite,
LogRead, UserdataWrite, TicketDelete, UserWrite, JobRead, JobWrite,
SettingsWrite, DashboardRead, DashboardWrite,
}
}
func fromString(s string) (Role, error) {
for _, role := range List() {
if role.String() == s {
return role, nil
}
}
return "", errors.New("unknown role")
}
func Strings(roles []Role) []string {
var s []string
for _, role := range roles {
s = append(s, role.String())
}
return s
}
func FromStrings(s []string) []Role {
var roles []Role
for _, e := range s {
role, err := fromString(e)
if err != nil {
continue
}
roles = append(roles, role)
}
return roles
}
Reference in New Issue View Git Blame Copy Permalink