27 lines
685 B
Go
27 lines
685 B
Go
package http
|
|
|
|
import (
|
|
"gitea.dcglab.co.uk/steve/restic-manager/internal/store"
|
|
)
|
|
|
|
// rank maps each role to a numeric tier so 'A is at least B' becomes
|
|
// 'rank[A] >= rank[B] && both are known'. Unknown roles return 0 →
|
|
// fail-closed against either argument.
|
|
var roleRank = map[store.Role]int{
|
|
store.RoleViewer: 1,
|
|
store.RoleOperator: 2,
|
|
store.RoleAdmin: 3,
|
|
}
|
|
|
|
// roleAtLeast reports whether `have` meets or exceeds `min` in the
|
|
// admin > operator > viewer hierarchy. Either side being an unknown
|
|
// role returns false.
|
|
func roleAtLeast(have, min store.Role) bool {
|
|
h, hok := roleRank[have]
|
|
m, mok := roleRank[min]
|
|
if !hok || !mok {
|
|
return false
|
|
}
|
|
return h >= m
|
|
}
|