Auth: Refactor ACL Roles and Resources #98
Renamed ResourcePeople to ResourceUsers. Work in progress. Added a few "default" roles as a reminder for later.
This commit is contained in:
parent
28a4ed88c4
commit
67bf46dd9a
|
@ -19,7 +19,7 @@ var Permissions = ACL{
|
||||||
RoleAdmin: Actions{ActionDefault: true},
|
RoleAdmin: Actions{ActionDefault: true},
|
||||||
RoleGuest: Actions{ActionSearch: true, ActionRead: true, ActionDownload: true},
|
RoleGuest: Actions{ActionSearch: true, ActionRead: true, ActionDownload: true},
|
||||||
},
|
},
|
||||||
ResourcePeople: Roles{
|
ResourceUsers: Roles{
|
||||||
RoleDefault: Actions{ActionUpdateSelf: true},
|
RoleDefault: Actions{ActionUpdateSelf: true},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,7 +20,7 @@ const (
|
||||||
ResourceLinks Resource = "links"
|
ResourceLinks Resource = "links"
|
||||||
ResourceGeo Resource = "geo"
|
ResourceGeo Resource = "geo"
|
||||||
ResourcePasswords Resource = "passwords"
|
ResourcePasswords Resource = "passwords"
|
||||||
ResourcePeople Resource = "people"
|
ResourceUsers Resource = "users"
|
||||||
ResourcePhotos Resource = "photos"
|
ResourcePhotos Resource = "photos"
|
||||||
ResourcePlaces Resource = "places"
|
ResourcePlaces Resource = "places"
|
||||||
ResourceFeedback Resource = "feedback"
|
ResourceFeedback Resource = "feedback"
|
||||||
|
|
|
@ -4,10 +4,17 @@ type Role string
|
||||||
type Roles map[Role]Actions
|
type Roles map[Role]Actions
|
||||||
|
|
||||||
const (
|
const (
|
||||||
RoleDefault Role = "*"
|
RoleDefault Role = "*"
|
||||||
RoleAdmin Role = "admin"
|
RoleAdmin Role = "admin"
|
||||||
RoleChild Role = "child"
|
RolePartner Role = "partner"
|
||||||
RoleFamily Role = "family"
|
RoleFamily Role = "family"
|
||||||
RoleFriend Role = "friend"
|
RoleSibling Role = "sibling"
|
||||||
RoleGuest Role = "guest"
|
RoleParent Role = "parent"
|
||||||
|
RoleGrandparent Role = "grandparent"
|
||||||
|
RoleChild Role = "child"
|
||||||
|
RoleFriend Role = "friend"
|
||||||
|
RoleBestFriend Role = "best-friend"
|
||||||
|
RoleClassmate Role = "classmate"
|
||||||
|
RoleWorkmate Role = "workmate"
|
||||||
|
RoleGuest Role = "guest"
|
||||||
)
|
)
|
||||||
|
|
|
@ -21,7 +21,7 @@ func ChangePassword(router *gin.RouterGroup) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
s := Auth(SessionID(c), acl.ResourcePeople, acl.ActionUpdateSelf)
|
s := Auth(SessionID(c), acl.ResourceUsers, acl.ActionUpdateSelf)
|
||||||
|
|
||||||
if s.Invalid() {
|
if s.Invalid() {
|
||||||
AbortUnauthorized(c)
|
AbortUnauthorized(c)
|
Loading…
Reference in a new issue