mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-06 19:29:15 +08:00
27d4646db4
* MF-1443 - add policies Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * fix users create Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add Policies for sharing a Thing (#1463) * MF-1454 - Add policies for sharing a Thing Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add a test case for sharing thing and update mock of AddPolicy Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update ShareThing parameter naming Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Policy Removal (#1466) * Add DeletePolicy gRPC endpoint in auth package Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update default admin creation Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add policy addition endpoint (#1479) * NOISSUE - Add policy addition endpoint Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update name of the method Signed-off-by: Burak Sekili <buraksekili@gmail.com> remove build tag Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * NOISSUE - Add tests for AddPolicies (#1480) * NOISSUE - Add tests for adding policy and update authz check Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Add more tests and update request body validation Signed-off-by: Burak Sekili <buraksekili@gmail.com> * Update test case structure and utilize mock prefix for test ids Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * MF-1454 - Add initial policies for Group access control (#1467) Signed-off-by: Burak Sekili <buraksekili@gmail.com> Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> * Resolve PR comments Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com> Co-authored-by: Author: Burak Sekili <buraksekili@gmail.com>
60 lines
1.0 KiB
Go
60 lines
1.0 KiB
Go
package policies
|
|
|
|
import (
|
|
"github.com/mainflux/mainflux/auth"
|
|
"github.com/mainflux/mainflux/things"
|
|
)
|
|
|
|
// Action represents an enum for the policies used in the Mainflux.
|
|
type Action int
|
|
|
|
const (
|
|
Create Action = iota
|
|
Read
|
|
Write
|
|
Delete
|
|
Access
|
|
Member
|
|
Unknown
|
|
)
|
|
|
|
var actions = map[string]Action{
|
|
"create": Create,
|
|
"read": Read,
|
|
"write": Write,
|
|
"delete": Delete,
|
|
"access": Access,
|
|
"member": Member,
|
|
}
|
|
|
|
type createPolicyReq struct {
|
|
token string
|
|
SubjectIDs []string `json:"subjects"`
|
|
Policies []string `json:"policies"`
|
|
Object string `json:"object"`
|
|
}
|
|
|
|
func (req createPolicyReq) validate() error {
|
|
if req.token == "" {
|
|
return auth.ErrUnauthorizedAccess
|
|
}
|
|
|
|
if len(req.SubjectIDs) == 0 || len(req.Policies) == 0 || req.Object == "" {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
|
|
for _, policy := range req.Policies {
|
|
if _, ok := actions[policy]; !ok {
|
|
return auth.ErrMalformedEntity
|
|
}
|
|
}
|
|
|
|
for _, subject := range req.SubjectIDs {
|
|
if subject == "" {
|
|
return things.ErrMalformedEntity
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|