github.com/metaworking/channeld@v0.7.3/pkg/channeld/channel_acl.go (about)

     1  package channeld
     2  
     3  import (
     4  	"errors"
     5  )
     6  
     7  type ChannelAccessType uint8
     8  
     9  const (
    10  	ChannelAccessType_Sub    ChannelAccessType = 0
    11  	ChannelAccessType_Unsub  ChannelAccessType = 1
    12  	ChannelAccessType_Remove ChannelAccessType = 2
    13  )
    14  
    15  type ChannelAccessLevel uint8
    16  
    17  const (
    18  	ChannelAccessLevel_None                ChannelAccessLevel = 0
    19  	ChannelAccessLevel_OwnerOnly           ChannelAccessLevel = 1
    20  	ChannelAccessLevel_OwnerAndGlobalOwner ChannelAccessLevel = 2
    21  	ChannelAccessLevel_Any                 ChannelAccessLevel = 3
    22  )
    23  
    24  var (
    25  	ErrNoneAccess                = errors.New("none can access")
    26  	ErrOwnerOnlyAccess           = errors.New("only the channel owenr can access")
    27  	ErrOwnerAndGlobalOwnerAccess = errors.New("only the channel owenr or global channel owner can access")
    28  	ErrIllegalAccessLevel        = errors.New("illegal channel access level")
    29  )
    30  
    31  func (ch *Channel) CheckACL(c ConnectionInChannel, accessType ChannelAccessType) (bool, error) {
    32  	// default level is none
    33  	level := ChannelAccessLevel_None
    34  
    35  	// get acl from global setting
    36  	channelSettings, exists := GlobalSettings.ChannelSettings[ch.channelType]
    37  	if exists {
    38  		aclSettings := channelSettings.ACLSettings
    39  		switch accessType {
    40  		case ChannelAccessType_Sub:
    41  			level = aclSettings.Sub
    42  		case ChannelAccessType_Unsub:
    43  			level = aclSettings.Unsub
    44  		case ChannelAccessType_Remove:
    45  			level = aclSettings.Remove
    46  		}
    47  	}
    48  
    49  	switch level {
    50  	case ChannelAccessLevel_None:
    51  		return false, ErrNoneAccess
    52  
    53  	case ChannelAccessLevel_OwnerOnly:
    54  		if ch.GetOwner() == c {
    55  			return true, nil
    56  		} else {
    57  			return false, ErrOwnerOnlyAccess
    58  		}
    59  	case ChannelAccessLevel_OwnerAndGlobalOwner:
    60  		if ch.GetOwner() == c || globalChannel.GetOwner() == c {
    61  			return true, nil
    62  		} else {
    63  			return false, ErrOwnerAndGlobalOwnerAccess
    64  		}
    65  	case ChannelAccessLevel_Any:
    66  		return true, nil
    67  	default:
    68  		return false, ErrIllegalAccessLevel
    69  	}
    70  
    71  }