Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(14)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: logdog/appengine/coordinator/auth.go

Issue 2575383002: Add server/cache support to gaeconfig. (Closed)
Patch Set: Un-collapse. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « dm/appengine/distributor/registry.go ('k') | logdog/appengine/coordinator/config/config.go » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The LUCI Authors. All rights reserved. 1 // Copyright 2015 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 package coordinator 5 package coordinator
6 6
7 import ( 7 import (
8 "fmt" 8 "fmt"
9 "strings" 9 "strings"
10 10
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
64 if u := auth.CurrentUser(c); u.Superuser { 64 if u := auth.CurrentUser(c); u.Superuser {
65 log.Fields{ 65 log.Fields{
66 "identity": u.Identity, 66 "identity": u.Identity,
67 "groups": groups, 67 "groups": groups,
68 }.Infof(c, "Granting superuser implicit group membership on development server.") 68 }.Infof(c, "Granting superuser implicit group membership on development server.")
69 return nil 69 return nil
70 } 70 }
71 } 71 }
72 72
73 id := auth.CurrentIdentity(c) 73 id := auth.CurrentIdentity(c)
74 » for _, group := range groups { 74 » is, err := auth.IsMember(c, groups...)
75 » » is, err := auth.IsMember(c, group) 75 » if err != nil {
76 » » if err != nil { 76 » » return err
77 » » » return err 77 » }
78 » » } 78 » if is {
79 » » if is { 79 » » log.Fields{
80 » » » log.Fields{ 80 » » » "identity": id,
81 » » » » "identity": id, 81 » » » "group": groups,
82 » » » » "group": group, 82 » » }.Debugf(c, "User access granted.")
83 » » » }.Debugf(c, "User access granted.") 83 » » return nil
84 » » » return nil
85 » » }
86 } 84 }
87 85
88 return &MembershipError{ 86 return &MembershipError{
89 Identity: id, 87 Identity: id,
90 Groups: groups, 88 Groups: groups,
91 } 89 }
92 } 90 }
93 91
94 // MembershipError is an error returned by group membership checking functions 92 // MembershipError is an error returned by group membership checking functions
95 // if the current identity is not a member of the requested group. 93 // if the current identity is not a member of the requested group.
96 type MembershipError struct { 94 type MembershipError struct {
97 Identity identity.Identity 95 Identity identity.Identity
98 Groups []string 96 Groups []string
99 } 97 }
100 98
101 func (e *MembershipError) Error() string { 99 func (e *MembershipError) Error() string {
102 return fmt.Sprintf("user %q is not a member of [%s]", e.Identity, string s.Join(e.Groups, ", ")) 100 return fmt.Sprintf("user %q is not a member of [%s]", e.Identity, string s.Join(e.Groups, ", "))
103 } 101 }
104 102
105 // IsMembershipError returns whether a given error is a membership error. 103 // IsMembershipError returns whether a given error is a membership error.
106 func IsMembershipError(e error) bool { 104 func IsMembershipError(e error) bool {
107 _, ok := e.(*MembershipError) 105 _, ok := e.(*MembershipError)
108 return ok 106 return ok
109 } 107 }
OLDNEW
« no previous file with comments | « dm/appengine/distributor/registry.go ('k') | logdog/appengine/coordinator/config/config.go » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698