github.com/weaviate/weaviate@v1.24.6/usecases/auth/authorization/adminlist/config.go (about) 1 // _ _ 2 // __ _____ __ ___ ___ __ _| |_ ___ 3 // \ \ /\ / / _ \/ _` \ \ / / |/ _` | __/ _ \ 4 // \ V V / __/ (_| |\ V /| | (_| | || __/ 5 // \_/\_/ \___|\__,_| \_/ |_|\__,_|\__\___| 6 // 7 // Copyright © 2016 - 2024 Weaviate B.V. All rights reserved. 8 // 9 // CONTACT: hello@weaviate.io 10 // 11 12 package adminlist 13 14 import "fmt" 15 16 // Config makes every subject on the list an admin, whereas everyone else 17 // has no rights whatsoever 18 type Config struct { 19 Enabled bool `json:"enabled" yaml:"enabled"` 20 Users []string `json:"users" yaml:"users"` 21 ReadOnlyUsers []string `json:"read_only_users" yaml:"read_only_users"` 22 Groups []string `json:"groups" yaml:"groups"` 23 ReadOnlyGroups []string `json:"read_only_groups" yaml:"read_only_groups"` 24 } 25 26 // Validate admin list config for viability, can be called from the central 27 // config package 28 func (c Config) Validate() error { 29 return c.validateOverlap() 30 } 31 32 // we are expecting both lists to always contain few subjects and know that 33 // this comparison is only done once (at startup). We are therefore fine with 34 // the O(n^2) complexity of this very primitive overlap search in favor of very 35 // simple code. 36 func (c Config) validateOverlap() error { 37 for _, a := range c.Users { 38 for _, b := range c.ReadOnlyUsers { 39 if a == b { 40 return fmt.Errorf("admin list: subject '%s' is present on both admin and read-only list", a) 41 } 42 } 43 } 44 for _, a := range c.Groups { 45 for _, b := range c.ReadOnlyGroups { 46 if a == b { 47 return fmt.Errorf("admin list: subject '%s' is present on both admin and read-only list", a) 48 } 49 } 50 } 51 52 return nil 53 }