github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/ui/app/abilities/client.js

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/ui/app/abilities/client.js (about)

     1  import AbstractAbility from './abstract';
     2  import { computed, get } from '@ember/object';
     3  import { or } from '@ember/object/computed';
     4  import classic from 'ember-classic-decorator';
     5  
     6  @classic
     7  export default class Client extends AbstractAbility {
     8    // Map abilities to policy options (which are coarse for nodes)
     9    // instead of specific behaviors.
    10    @or('bypassAuthorization', 'selfTokenIsManagement', 'policiesIncludeNodeRead')
    11    canRead;
    12  
    13    @or(
    14      'bypassAuthorization',
    15      'selfTokenIsManagement',
    16      'policiesIncludeNodeWrite'
    17    )
    18    canWrite;
    19  
    20    @computed('token.selfTokenPolicies.[]')
    21    get policiesIncludeNodeRead() {
    22      return policiesIncludePermissions(this.get('token.selfTokenPolicies'), [
    23        'read',
    24        'write',
    25      ]);
    26    }
    27  
    28    @computed('token.selfTokenPolicies.[]')
    29    get policiesIncludeNodeWrite() {
    30      return policiesIncludePermissions(this.get('token.selfTokenPolicies'), [
    31        'write',
    32      ]);
    33    }
    34  }
    35  
    36  function policiesIncludePermissions(policies = [], permissions = []) {
    37    // For each policy record, extract the Node policy
    38    const nodePolicies = policies
    39      .toArray()
    40      .map((policy) => get(policy, 'rulesJSON.Node.Policy'))
    41      .compact();
    42  
    43    // Check for requested permissions
    44    return nodePolicies.some((policy) => permissions.includes(policy));
    45  }