github.com/hernad/nomad@v1.6.112/ui/app/abilities/client.js

github.com/hernad/nomad@v1.6.112/ui/app/abilities/client.js (about)

     1  /**
     2   * Copyright (c) HashiCorp, Inc.
     3   * SPDX-License-Identifier: MPL-2.0
     4   */
     5  
     6  import AbstractAbility from './abstract';
     7  import { computed, get } from '@ember/object';
     8  import { or } from '@ember/object/computed';
     9  import classic from 'ember-classic-decorator';
    10  
    11  @classic
    12  export default class Client extends AbstractAbility {
    13    // Map abilities to policy options (which are coarse for nodes)
    14    // instead of specific behaviors.
    15    @or('bypassAuthorization', 'selfTokenIsManagement', 'policiesIncludeNodeRead')
    16    canRead;
    17  
    18    @or(
    19      'bypassAuthorization',
    20      'selfTokenIsManagement',
    21      'policiesIncludeNodeWrite'
    22    )
    23    canWrite;
    24  
    25    @computed('token.selfTokenPolicies.[]')
    26    get policiesIncludeNodeRead() {
    27      return policiesIncludePermissions(this.get('token.selfTokenPolicies'), [
    28        'read',
    29        'write',
    30      ]);
    31    }
    32  
    33    @computed('token.selfTokenPolicies.[]')
    34    get policiesIncludeNodeWrite() {
    35      return policiesIncludePermissions(this.get('token.selfTokenPolicies'), [
    36        'write',
    37      ]);
    38    }
    39  }
    40  
    41  function policiesIncludePermissions(policies = [], permissions = []) {
    42    // For each policy record, extract the Node policy
    43    const nodePolicies = policies
    44      .toArray()
    45      .map((policy) => get(policy, 'rulesJSON.Node.Policy'))
    46      .compact();
    47  
    48    // Check for requested permissions
    49    return nodePolicies.some((policy) => permissions.includes(policy));
    50  }