grim/hgkeeper

access.yml is no longer used for out authentication, also not sure how this ended up here...

2019-09-11, Gary Kramlich
2664db87766e
access.yml is no longer used for out authentication, also not sure how this ended up here...
package access
import (
"path/filepath"
"sync"
"github.com/casbin/casbin"
log "github.com/sirupsen/logrus"
)
var (
enforcer *casbin.Enforcer
enforcerLock sync.Mutex
)
func accessMatch(key1, key2 string) bool {
switch key2 {
case "init":
return key1 == "init" || key1 == "write" || key1 == "read"
case "write":
return key1 == "write" || key1 == "read"
case "read":
return key1 == "read"
}
return false
}
func accessMatchFunc(args ...interface{}) (interface{}, error) {
key1 := args[0].(string)
key2 := args[1].(string)
return (bool)(accessMatch(key1, key2)), nil
}
func refreshEnforcer(adminRepoPath string) error {
enforcerLock.Lock()
defer enforcerLock.Unlock()
modelFile := filepath.Join(adminRepoPath, modelFilename)
policyFile := filepath.Join(adminRepoPath, policyFilename)
log.Debugf("reading model from %q", modelFile)
log.Debugf("reading policy from %q", policyFile)
e := casbin.NewEnforcer(modelFile, policyFile)
e.AddFunction("access", accessMatchFunc)
enforcer = e
return nil
}