milo/appengine/common/acl.go - Issue 2760873003: Milo: Use luci-config for storing buildbot acls

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: milo/appengine/common/acl.go

Issue 2760873003: Milo: Use luci-config for storing buildbot acls (Closed)

Patch Set: Fix tests Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The LUCI Authors. All rights reserved.	1 // Copyright 2016 The LUCI Authors. All rights reserved.

2 // Use of this source code is governed under the Apache License, Version 2.0	2 // Use of this source code is governed under the Apache License, Version 2.0

3 // that can be found in the LICENSE file.	3 // that can be found in the LICENSE file.

4	4

5 package common	5 package common

6	6

7 import (	7 import (

	8 "golang.org/x/net/context"

	9

8 "github.com/luci/luci-go/luci_config/common/cfgtypes"	10 "github.com/luci/luci-go/luci_config/common/cfgtypes"

9 "github.com/luci/luci-go/luci_config/server/cfgclient/access"	11 "github.com/luci/luci-go/luci_config/server/cfgclient/access"

10 "github.com/luci/luci-go/luci_config/server/cfgclient/backend"	12 "github.com/luci/luci-go/luci_config/server/cfgclient/backend"

11 » "golang.org/x/net/context"	13 » "github.com/luci/luci-go/server/auth"

12 )	14 )

13	15

14 // Helper functions for ACL checking.	16 // Helper functions for ACL checking.

15	17

16 // IsAllowed checks to see if the user in the context is allowed to access	18 // IsAllowed checks to see if the user in the context is allowed to access

17 // the given project.	19 // the given project.

18 func IsAllowed(c context.Context, project string) (bool, error) {	20 func IsAllowed(c context.Context, project string) (bool, error) {

19 // Get the project, because that's where the ACLs lie.	21 // Get the project, because that's where the ACLs lie.

20 err := access.Check(	22 err := access.Check(

21 c, backend.AsUser,	23 c, backend.AsUser,

22 cfgtypes.ProjectConfigSet(cfgtypes.ProjectName(project)))	24 cfgtypes.ProjectConfigSet(cfgtypes.ProjectName(project)))

23 switch err {	25 switch err {

24 case nil:	26 case nil:

25 return true, nil	27 return true, nil

26 case access.ErrNoAccess:	28 case access.ErrNoAccess:

27 return false, nil	29 return false, nil

28 default:	30 default:

29 return false, err	31 return false, err

30 }	32 }

31 }	33 }

32	34

33 // IsAllowedInternal is a shorthand for checking to see if the user is a reader	35 // IsAllowedInternal is a shorthand for checking to see if the user is a reader

34 // of a magic project named "chrome".	36 // of a magic project named "chrome".

35 func IsAllowedInternal(c context.Context) (bool, error) {	37 func IsAllowedInternal(c context.Context) (bool, error) {

36 » // TODO(hinoka): Move this to luci-cfg.	38 » settings, err := GetSettings(c)

37 » return IsAllowed(c, "chrome")	39 » if err != nil {

	40 » » return false, err

	41 » }

	42 » return auth.IsMember(c, settings.Buildbot.InternalReader)

38 }	43 }

OLD	NEW

« no previous file with comments | « milo/appengine/buildbot/pubsub_test.go ('k') | milo/appengine/common/acl_test.go » ('j') | no next file with comments »