github.com/cs3org/reva/v2@v2.27.7/pkg/auth/scope/user.go (about) 1 // Copyright 2018-2021 CERN 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 // In applying this license, CERN does not waive the privileges and immunities 16 // granted to it by virtue of its status as an Intergovernmental Organization 17 // or submit itself to any jurisdiction. 18 19 package scope 20 21 import ( 22 "context" 23 24 authpb "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1" 25 provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" 26 types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" 27 "github.com/cs3org/reva/v2/pkg/utils" 28 "github.com/rs/zerolog" 29 ) 30 31 func userScope(_ context.Context, scope *authpb.Scope, resource interface{}, _ *zerolog.Logger) (bool, error) { 32 // Always return true. Registered users can access all paths. 33 // TODO(ishank011): Add checks for read/write permissions. 34 return true, nil 35 } 36 37 // AddOwnerScope adds the default owner scope with access to all resources. 38 func AddOwnerScope(scopes map[string]*authpb.Scope) (map[string]*authpb.Scope, error) { 39 ref := &provider.Reference{Path: "/"} 40 val, err := utils.MarshalProtoV1ToJSON(ref) 41 if err != nil { 42 return nil, err 43 } 44 if scopes == nil { 45 scopes = make(map[string]*authpb.Scope) 46 } 47 scopes["user"] = &authpb.Scope{ 48 Resource: &types.OpaqueEntry{ 49 Decoder: "json", 50 Value: val, 51 }, 52 Role: authpb.Role_ROLE_OWNER, 53 } 54 return scopes, nil 55 }