Inline methods inherited from BaseAccess

This should allow us to be more explicit about what access methods models actually have, so that we don't need to convert methods to use Perm if they aren't actually used anywhere. [#158126525] Signed-off-by: Isobel Redelmeier <iredelmeier@pivotal.io>
cloudfoundry · Jun 5, 2018 · 1d6b036 · 1d6b036
1 parent 326382a
commit 1d6b036
Show file tree

Hide file tree

Showing 29 changed files with 1,727 additions and 8 deletions.
diff --git a/app/access/app_event_access.rb b/app/access/app_event_access.rb
@@ -1,4 +1,72 @@
 module VCAP::CloudController
   class AppEventAccess < BaseAccess
+    def create?(object, params=nil)
+      admin_user?
+    end
+
+    def read?(object)
+      return @ok_read if instance_variable_defined?(:@ok_read)
+      @ok_read = (admin_user? || admin_read_only_user? || global_auditor? || object_is_visible_to_user?(object, context.user))
+    end
+
+    def read_for_update?(object, params=nil)
+      admin_user?
+    end
+
+    def can_remove_related_object?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def read_related_object_for_update?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def update?(object, params=nil)
+      admin_user?
+    end
+
+    def delete?(object)
+      admin_user?
+    end
+
+    def index?(object_class, params=nil)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
+    # These methods should be called first to determine if the user's token has the appropriate scope for the operation
+
+    def read_with_token?(_)
+      admin_user? || admin_read_only_user? || has_read_scope? || global_auditor?
+    end
+
+    def create_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def read_for_update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def can_remove_related_object_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def read_related_object_for_update_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def delete_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def index_with_token?(_)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
   end
 end
diff --git a/app/access/app_usage_event_access.rb b/app/access/app_usage_event_access.rb
@@ -1,5 +1,69 @@
 module VCAP::CloudController
   class AppUsageEventAccess < BaseAccess
+    def create?(object, params=nil)
+      admin_user?
+    end
+
+    def read?(object)
+      return @ok_read if instance_variable_defined?(:@ok_read)
+      @ok_read = (admin_user? || admin_read_only_user? || global_auditor? || object_is_visible_to_user?(object, context.user))
+    end
+
+    def read_for_update?(object, params=nil)
+      admin_user?
+    end
+
+    def can_remove_related_object?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def read_related_object_for_update?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def update?(object, params=nil)
+      admin_user?
+    end
+
+    def delete?(object)
+      admin_user?
+    end
+
+    # These methods should be called first to determine if the user's token has the appropriate scope for the operation
+
+    def read_with_token?(_)
+      admin_user? || admin_read_only_user? || has_read_scope? || global_auditor?
+    end
+
+    def create_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def read_for_update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def can_remove_related_object_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def read_related_object_for_update_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def delete_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def index_with_token?(_)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
     def index?(object_class, params=nil)
       admin_user? || admin_read_only_user?
     end

diff --git a/app/access/buildpack_access.rb b/app/access/buildpack_access.rb
@@ -1,5 +1,74 @@
 module VCAP::CloudController
   class BuildpackAccess < BaseAccess
+    def create?(object, params=nil)
+      admin_user?
+    end
+
+    def read?(object)
+      return @ok_read if instance_variable_defined?(:@ok_read)
+      @ok_read = (admin_user? || admin_read_only_user? || global_auditor? || object_is_visible_to_user?(object, context.user))
+    end
+
+    def read_for_update?(object, params=nil)
+      admin_user?
+    end
+
+    def can_remove_related_object?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def read_related_object_for_update?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def update?(object, params=nil)
+      admin_user?
+    end
+
+    def delete?(object)
+      admin_user?
+    end
+
+    def index?(object_class, params=nil)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
+    # These methods should be called first to determine if the user's token has the appropriate scope for the operation
+
+    def read_with_token?(_)
+      admin_user? || admin_read_only_user? || has_read_scope? || global_auditor?
+    end
+
+    def create_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def read_for_update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def can_remove_related_object_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def read_related_object_for_update_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def delete_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def index_with_token?(_)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
     def upload?(*_)
       admin_user?
     end

diff --git a/app/access/domain_access.rb b/app/access/domain_access.rb
@@ -1,5 +1,53 @@
 module VCAP::CloudController
   class DomainAccess < BaseAccess
+    def can_remove_related_object?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def read_related_object_for_update?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def index?(object_class, params=nil)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
+    # These methods should be called first to determine if the user's token has the appropriate scope for the operation
+
+    def read_with_token?(_)
+      admin_user? || admin_read_only_user? || has_read_scope? || global_auditor?
+    end
+
+    def create_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def read_for_update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def can_remove_related_object_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def read_related_object_for_update_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def delete_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def index_with_token?(_)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
     def create?(domain, params=nil)
       return true if admin_user?
       actual_access(domain).create?(domain, params)

diff --git a/app/access/environment_variable_group_access.rb b/app/access/environment_variable_group_access.rb
@@ -3,5 +3,69 @@ class EnvironmentVariableGroupAccess < BaseAccess
     def read?(_)
       admin_user? || admin_read_only_user? || has_read_scope?
     end
+
+    def create?(object, params=nil)
+      admin_user?
+    end
+
+    def read_for_update?(object, params=nil)
+      admin_user?
+    end
+
+    def can_remove_related_object?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def read_related_object_for_update?(object, params=nil)
+      read_for_update?(object, params)
+    end
+
+    def update?(object, params=nil)
+      admin_user?
+    end
+
+    def delete?(object)
+      admin_user?
+    end
+
+    def index?(object_class, params=nil)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
+
+    # These methods should be called first to determine if the user's token has the appropriate scope for the operation
+
+    def read_with_token?(_)
+      admin_user? || admin_read_only_user? || has_read_scope? || global_auditor?
+    end
+
+    def create_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def read_for_update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def can_remove_related_object_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def read_related_object_for_update_with_token?(*args)
+      read_for_update_with_token?(*args)
+    end
+
+    def update_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def delete_with_token?(_)
+      admin_user? || has_write_scope?
+    end
+
+    def index_with_token?(_)
+      # This can return true because the index endpoints filter objects based on user visibilities
+      true
+    end
   end
 end