82b108de69
A new field is introduced to grant.Permission in storj.io/common. Having a direct cast here leads to compilation problems when bumping storj.io/uplink to the latest storj.io/common. Avoiding the direct cast resolves the issue. Context: https://github.com/storj/storj/issues/6249 Change-Id: I3b9bc14ebcce8e192e218c621b996300753b8de4
46 lines
1.1 KiB
Go
46 lines
1.1 KiB
Go
// Copyright (C) 2020 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package consolewasm
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"storj.io/common/grant"
|
|
)
|
|
|
|
// RestrictGrant restricts an access grant with the permissions and paths and returns a new access grant.
|
|
func RestrictGrant(accessGrant string, paths []string, permission Permission) (string, error) {
|
|
access, err := grant.ParseAccess(accessGrant)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
prefixes := make([]grant.SharePrefix, 0, len(paths))
|
|
for _, path := range paths {
|
|
parts := strings.SplitN(path, "/", 2)
|
|
prefix := grant.SharePrefix{Bucket: parts[0]}
|
|
if len(parts) > 1 {
|
|
prefix.Prefix = parts[1]
|
|
}
|
|
prefixes = append(prefixes, prefix)
|
|
}
|
|
|
|
restricted, err := access.Restrict(
|
|
grant.Permission{
|
|
AllowDownload: permission.AllowDownload,
|
|
AllowUpload: permission.AllowUpload,
|
|
AllowList: permission.AllowList,
|
|
AllowDelete: permission.AllowDelete,
|
|
NotBefore: permission.NotBefore,
|
|
NotAfter: permission.NotAfter,
|
|
},
|
|
prefixes...,
|
|
)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
return restricted.Serialize()
|
|
}
|