Skip to content

Commit 0a17d7e

Browse files
author
kishan789dev
committed
issue has been on code level
1 parent be3aa05 commit 0a17d7e

24 files changed

+175
-174
lines changed

api/externalLink/ExternalLinkRestHandler.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,7 @@ func (impl ExternalLinkRestHandlerImpl) roleCheckHelper(w http.ResponseWriter, r
8383
common.WriteJsonResp(w, errors.New("Invalid request"), nil, http.StatusBadRequest)
8484
return userId, "", fmt.Errorf("invalid request query param appId = %s", appId)
8585
}
86-
object := impl.enforcerUtil.GetAppRBACNameByAppId(id)
86+
object, _ := impl.enforcerUtil.GetAppRBACNameByAppId(id)
8787
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, action, object); !ok {
8888
common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
8989
return userId, "", fmt.Errorf("unauthorized error")

api/restHandler/ConfigMapRestHandler.go

Lines changed: 33 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -112,8 +112,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalAddUpdate(w http.ResponseWriter,
112112

113113
//RBAC START
114114
token := r.Header.Get("token")
115-
object := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
116-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate)
115+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
116+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate, appType)
117117
if !ok {
118118
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
119119
return
@@ -148,8 +148,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentAddUpdate(w http.ResponseWr
148148

149149
//RBAC START
150150
token := r.Header.Get("token")
151-
object := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
152-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate)
151+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
152+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate, appType)
153153
if !ok {
154154
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
155155
return
@@ -189,8 +189,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalFetch(w http.ResponseWriter, r *
189189

190190
//RBAC START
191191
token := r.Header.Get("token")
192-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
193-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
192+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
193+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
194194
if !ok {
195195
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
196196
return
@@ -226,8 +226,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalFetchForEdit(w http.ResponseWrit
226226
return
227227
}
228228
token := r.Header.Get("token")
229-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
230-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
229+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
230+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
231231
if !ok {
232232
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
233233
return
@@ -269,8 +269,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetchForEdit(w http.Respons
269269
return
270270
}
271271
token := r.Header.Get("token")
272-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
273-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
272+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
273+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
274274
if !ok {
275275
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
276276
return
@@ -316,8 +316,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetch(w http.ResponseWriter
316316

317317
//RBAC START
318318
token := r.Header.Get("token")
319-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
320-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
319+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
320+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
321321
if !ok {
322322
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
323323
return
@@ -353,8 +353,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalAddUpdate(w http.ResponseWriter,
353353

354354
//RBAC START
355355
token := r.Header.Get("token")
356-
object := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
357-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate)
356+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
357+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate, appType)
358358
if !ok {
359359
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
360360
return
@@ -390,8 +390,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentAddUpdate(w http.ResponseWr
390390

391391
//RBAC START
392392
token := r.Header.Get("token")
393-
object := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
394-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate)
393+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(configMapRequest.AppId)
394+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionCreate, appType)
395395
if !ok {
396396
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
397397
return
@@ -431,8 +431,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalFetch(w http.ResponseWriter, r *
431431

432432
//RBAC START
433433
token := r.Header.Get("token")
434-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
435-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
434+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
435+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
436436
if !ok {
437437
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
438438
return
@@ -470,8 +470,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentFetch(w http.ResponseWriter
470470

471471
//RBAC START
472472
token := r.Header.Get("token")
473-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
474-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet)
473+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
474+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionGet, appType)
475475
if !ok {
476476
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
477477
return
@@ -511,8 +511,8 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalDelete(w http.ResponseWriter, r
511511

512512
//RBAC START
513513
token := r.Header.Get("token")
514-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
515-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete)
514+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
515+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete, appType)
516516
if !ok {
517517
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
518518
return
@@ -558,8 +558,8 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentDelete(w http.ResponseWrite
558558

559559
//RBAC START
560560
token := r.Header.Get("token")
561-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
562-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete)
561+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
562+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete, appType)
563563
if !ok {
564564
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
565565
return
@@ -607,8 +607,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalDelete(w http.ResponseWriter, r
607607

608608
//RBAC START
609609
token := r.Header.Get("token")
610-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
611-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete)
610+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
611+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete, appType)
612612
if !ok {
613613
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
614614
return
@@ -654,8 +654,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentDelete(w http.ResponseWrite
654654

655655
//RBAC START
656656
token := r.Header.Get("token")
657-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
658-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete)
657+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
658+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionDelete, appType)
659659
if !ok {
660660
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
661661
return
@@ -703,8 +703,8 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalFetchForEdit(w http.ResponseWrit
703703

704704
//RBAC START
705705
token := r.Header.Get("token")
706-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
707-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionUpdate)
706+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
707+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionUpdate, appType)
708708
if !ok {
709709
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
710710
return
@@ -750,8 +750,8 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentFetchForEdit(w http.Respons
750750

751751
//RBAC START
752752
token := r.Header.Get("token")
753-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
754-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionUpdate)
753+
object, appType := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
754+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, object, casbin.ActionUpdate, appType)
755755
if !ok {
756756
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), nil, http.StatusForbidden)
757757
return
@@ -905,7 +905,7 @@ func (handler ConfigMapRestHandlerImpl) GetEnvironmentsForJob(w http.ResponseWri
905905
}
906906
//AUTH - check from casbin db
907907
token := r.Header.Get("token")
908-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
908+
object, _ := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
909909
if ok := handler.enforcer.Enforce(token, casbin.ResourceJobs, casbin.ActionGet, object); !ok {
910910
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
911911
return

api/restHandler/CoreAppRestHandler.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -154,7 +154,7 @@ func (handler CoreAppRestHandlerImpl) GetAppAllDetail(w http.ResponseWriter, r *
154154

155155
//rbac implementation for app (user should be admin)
156156
token := r.Header.Get("token")
157-
object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
157+
object, _ := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
158158
if ok := handler.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionUpdate, object); !ok {
159159
handler.logger.Errorw("Unauthorized User for app update action", "err", err, "appId", appId)
160160
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)

api/restHandler/DeploymentGroupRestHandler.go

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ func (impl *DeploymentGroupRestHandlerImpl) CreateDeploymentGroup(w http.Respons
9090
// RBAC enforcer applying
9191
token := r.Header.Get("token")
9292
for _, item := range bean.AppIds {
93-
resourceName := impl.enforcerUtil.GetAppRBACNameByAppId(item)
93+
resourceName, _ := impl.enforcerUtil.GetAppRBACNameByAppId(item)
9494
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionCreate, resourceName); !ok {
9595
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
9696
return
@@ -133,7 +133,7 @@ func (impl *DeploymentGroupRestHandlerImpl) FetchParentCiForDG(w http.ResponseWr
133133
// RBAC filter CI List
134134
finalResp := make([]*deploymentGroup.CiPipelineResponseForDG, 0)
135135
for _, item := range resp {
136-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(item.CiPipelineId)
136+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(item.CiPipelineId)
137137
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); ok {
138138
finalResp = append(finalResp, item)
139139
}
@@ -160,7 +160,7 @@ func (impl *DeploymentGroupRestHandlerImpl) FetchEnvApplicationsForDG(w http.Res
160160

161161
// RBAC enforcer applying
162162
token := r.Header.Get("token")
163-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(ciPipelineId)
163+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(ciPipelineId)
164164
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); !ok {
165165
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
166166
return
@@ -178,7 +178,7 @@ func (impl *DeploymentGroupRestHandlerImpl) FetchEnvApplicationsForDG(w http.Res
178178
if ok := impl.enforcer.Enforce(token, casbin.ResourceGlobalEnvironment, casbin.ActionGet, item.EnvironmentIdentifier); ok {
179179
passCount := 0
180180
for _, app := range item.Apps {
181-
resourceName := impl.enforcerUtil.GetAppRBACNameByAppId(app.Id)
181+
resourceName, _ := impl.enforcerUtil.GetAppRBACNameByAppId(app.Id)
182182
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); ok {
183183
passCount = passCount + 1
184184
}
@@ -211,7 +211,7 @@ func (impl *DeploymentGroupRestHandlerImpl) FetchAllDeploymentGroups(w http.Resp
211211
finalResp := make([]deploymentGroup.DeploymentGroupDTO, 0)
212212
for _, item := range resp {
213213
pass := 0
214-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(item.CiPipelineId)
214+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(item.CiPipelineId)
215215
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); ok {
216216
pass = 1
217217
}
@@ -252,7 +252,7 @@ func (impl *DeploymentGroupRestHandlerImpl) DeleteDeploymentGroup(w http.Respons
252252
}
253253

254254
// RBAC enforcer applying
255-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
255+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
256256
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionDelete, resourceName); !ok {
257257
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
258258
return
@@ -294,7 +294,7 @@ func (impl *DeploymentGroupRestHandlerImpl) TriggerReleaseForDeploymentGroup(w h
294294

295295
token := r.Header.Get("token")
296296
// RBAC enforcer applying
297-
object := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
297+
object, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
298298
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionTrigger, object); !ok {
299299
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
300300
return
@@ -340,7 +340,7 @@ func (impl *DeploymentGroupRestHandlerImpl) UpdateDeploymentGroup(w http.Respons
340340

341341
// RBAC enforcer applying
342342
token := r.Header.Get("token")
343-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(bean.CiPipelineId)
343+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(bean.CiPipelineId)
344344
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionUpdate, resourceName); !ok {
345345
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
346346
return
@@ -373,7 +373,7 @@ func (impl *DeploymentGroupRestHandlerImpl) GetArtifactsByCiPipeline(w http.Resp
373373
}
374374
// RBAC enforcer applying
375375
token := r.Header.Get("token")
376-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
376+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
377377
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); !ok {
378378
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
379379
return
@@ -406,7 +406,7 @@ func (impl *DeploymentGroupRestHandlerImpl) GetDeploymentGroupById(w http.Respon
406406
}
407407
// RBAC enforcer applying
408408
token := r.Header.Get("token")
409-
resourceName := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
409+
resourceName, _ := impl.enforcerUtil.GetTeamRBACByCiPipelineId(dg.CiPipelineId)
410410
if ok := impl.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, resourceName); !ok {
411411
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusForbidden)
412412
return

api/restHandler/GlobalPluginRestHandler.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -150,7 +150,7 @@ func (handler *GlobalPluginRestHandlerImpl) GetAllGlobalVariables(w http.Respons
150150
//on atleast one app & we can't check this without iterating through every app
151151
//TODO: update plugin as a resource in casbin and make rbac independent of appId
152152
resourceName := handler.enforcerUtil.GetAppRBACName(app.AppName)
153-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate)
153+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate, app.AppType)
154154
if !ok {
155155
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
156156
return
@@ -183,7 +183,7 @@ func (handler *GlobalPluginRestHandlerImpl) ListAllPlugins(w http.ResponseWriter
183183
//on atleast one app & we can't check this without iterating through every app
184184
//TODO: update plugin as a resource in casbin and make rbac independent of appId
185185
resourceName := handler.enforcerUtil.GetAppRBACName(app.AppName)
186-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate)
186+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate, app.AppType)
187187
if !ok {
188188
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
189189
return
@@ -217,7 +217,7 @@ func (handler *GlobalPluginRestHandlerImpl) GetPluginDetailById(w http.ResponseW
217217
//on atleast one app & we can't check this without iterating through every app
218218
//TODO: update plugin as a resource in casbin and make rbac independent of appId
219219
resourceName := handler.enforcerUtil.GetAppRBACName(app.AppName)
220-
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate)
220+
ok := handler.enforcerUtil.CheckAppRbacForAppOrJob(token, resourceName, casbin.ActionCreate, app.AppType)
221221
if !ok {
222222
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
223223
return

0 commit comments

Comments
 (0)