Commit 436c029c authored by SlevinWasAlreadyTaken's avatar SlevinWasAlreadyTaken Committed by SlevinWasAlreadyTaken
Browse files

feat(role): add some admin/dpo helpers

parent 6dfe0e77
......@@ -41,11 +41,36 @@ func (c *AccessClaims) IsNotAdminOn(appID string) bool {
return !c.hasRole(appID, adminRoleLabel)
}
func (c *AccessClaims) IsAnyAdmin() bool {
return !c.IsNotAdmin()
}
func (c *AccessClaims) IsNotAdmin() bool {
if c.IsNotAnyUser() {
return true
}
scopes := strings.Split(c.Scope, " ")
for _, scope := range scopes {
role := GetRole(scope)
if role.RoleLabel == adminRoleLabel {
return false
}
}
return true
}
func (c *AccessClaims) IsNotDPOOn(appID string) bool {
return !c.hasRole(appID, dpoRoleLabel)
}
func (c *AccessClaims) IsAnyDPO() bool {
return !c.IsNotDPO()
}
func (c *AccessClaims) IsNotDPO() bool {
if c.IsNotAnyUser() {
return true
}
scopes := strings.Split(c.Scope, " ")
for _, scope := range scopes {
role := GetRole(scope)
......
......@@ -16,6 +16,9 @@ func TestHasRole(t *testing.T) {
assert.Equal(t, false, claim.IsNotAdminOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPOOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPO())
assert.Equal(t, false, claim.IsNotAdmin())
assert.Equal(t, false, claim.IsAnyDPO())
assert.Equal(t, true, claim.IsAnyAdmin())
assert.Equal(t, false, claim.IsAnyService())
})
......@@ -28,6 +31,9 @@ func TestHasRole(t *testing.T) {
assert.Equal(t, true, claim.IsNotAdminOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, false, claim.IsNotDPOOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, false, claim.IsNotDPO())
assert.Equal(t, true, claim.IsNotAdmin())
assert.Equal(t, true, claim.IsAnyDPO())
assert.Equal(t, false, claim.IsAnyAdmin())
assert.Equal(t, false, claim.IsAnyService())
})
......@@ -40,6 +46,9 @@ func TestHasRole(t *testing.T) {
assert.Equal(t, true, claim.IsNotAdminOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPOOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPO())
assert.Equal(t, true, claim.IsNotAdmin())
assert.Equal(t, false, claim.IsAnyDPO())
assert.Equal(t, false, claim.IsAnyAdmin())
assert.Equal(t, true, claim.IsAnyUser())
assert.Equal(t, false, claim.IsNotAnyUser())
assert.Equal(t, false, claim.IsAnyService())
......@@ -54,6 +63,9 @@ func TestHasRole(t *testing.T) {
assert.Equal(t, true, claim.IsNotAdminOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPOOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPO())
assert.Equal(t, true, claim.IsNotAdmin())
assert.Equal(t, false, claim.IsAnyDPO())
assert.Equal(t, false, claim.IsAnyAdmin())
assert.Equal(t, false, claim.IsAnyUser())
assert.Equal(t, true, claim.IsNotAnyUser())
assert.Equal(t, true, claim.IsAnyApp())
......@@ -68,6 +80,8 @@ func TestHasRole(t *testing.T) {
assert.Equal(t, false, claim.hasRole("2e9394f2-fd9f-4a07-beb5-748c35062cad", dpoRoleLabel))
assert.Equal(t, true, claim.IsNotAdminOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotDPOOn("2e9394f2-fd9f-4a07-beb5-748c35062cad"))
assert.Equal(t, true, claim.IsNotAdmin())
assert.Equal(t, true, claim.IsNotDPO())
})
t.Run("test IsRoleScope", func(t *testing.T) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment