From 274edd6efada8bea395f8119d16f10bf828b126b Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Mon, 3 Mar 2025 09:57:38 +0100 Subject: [PATCH 1/3] Generate helpers in ServicePermissions --- generate/Makefile | 2 +- generate/generate.go | 14 +- generate/go_servicepermissions.tpl | 66 ++++++++++ go/permissions/permissions.go | 3 + go/permissions/servicepermissions.go | 120 ++++++++++++++++++ .../v1/adminv1connect/ClusterServiceClient.go | 2 +- .../adminv1connect/ClusterServiceHandler.go | 2 +- .../v1/adminv1connect/PaymentServiceClient.go | 2 +- .../adminv1connect/PaymentServiceHandler.go | 2 +- .../v1/adminv1connect/ProjectServiceClient.go | 2 +- .../adminv1connect/ProjectServiceHandler.go | 2 +- .../v1/adminv1connect/StorageServiceClient.go | 2 +- .../adminv1connect/StorageServiceHandler.go | 2 +- .../v1/adminv1connect/TenantServiceClient.go | 2 +- .../v1/adminv1connect/TenantServiceHandler.go | 2 +- .../v1/adminv1connect/TokenServiceClient.go | 2 +- .../v1/adminv1connect/TokenServiceHandler.go | 2 +- .../api/v1/apiv1connect/AssetServiceClient.go | 2 +- .../v1/apiv1connect/AssetServiceHandler.go | 2 +- .../v1/apiv1connect/ClusterServiceClient.go | 2 +- .../v1/apiv1connect/ClusterServiceHandler.go | 2 +- .../v1/apiv1connect/HealthServiceClient.go | 2 +- .../v1/apiv1connect/HealthServiceHandler.go | 2 +- .../api/v1/apiv1connect/IPServiceClient.go | 2 +- .../api/v1/apiv1connect/IPServiceHandler.go | 2 +- .../v1/apiv1connect/MethodServiceClient.go | 2 +- .../v1/apiv1connect/MethodServiceHandler.go | 2 +- .../v1/apiv1connect/PaymentServiceClient.go | 2 +- .../v1/apiv1connect/PaymentServiceHandler.go | 2 +- .../v1/apiv1connect/ProjectServiceClient.go | 2 +- .../v1/apiv1connect/ProjectServiceHandler.go | 2 +- .../v1/apiv1connect/SnapshotServiceClient.go | 2 +- .../v1/apiv1connect/SnapshotServiceHandler.go | 2 +- .../v1/apiv1connect/TenantServiceClient.go | 2 +- .../v1/apiv1connect/TenantServiceHandler.go | 2 +- .../api/v1/apiv1connect/TokenServiceClient.go | 2 +- .../v1/apiv1connect/TokenServiceHandler.go | 2 +- .../api/v1/apiv1connect/UserServiceClient.go | 2 +- .../api/v1/apiv1connect/UserServiceHandler.go | 2 +- .../v1/apiv1connect/VersionServiceClient.go | 2 +- .../v1/apiv1connect/VersionServiceHandler.go | 2 +- .../v1/apiv1connect/VolumeServiceClient.go | 2 +- .../v1/apiv1connect/VolumeServiceHandler.go | 2 +- go/tests/mocks/client/Adminv1.go | 2 +- go/tests/mocks/client/Apiv1.go | 2 +- go/tests/mocks/client/Client.go | 2 +- go/tests/mocks/client/Statusv1.go | 2 +- .../statusv1connect/MessageServiceClient.go | 2 +- .../statusv1connect/MessageServiceHandler.go | 2 +- .../v1/statusv1connect/StatusServiceClient.go | 2 +- .../statusv1connect/StatusServiceHandler.go | 2 +- js/permissions/servicepermissions.json | 69 ++++++++++ 52 files changed, 318 insertions(+), 48 deletions(-) diff --git a/generate/Makefile b/generate/Makefile index 9da8dc18..f53bf05e 100644 --- a/generate/Makefile +++ b/generate/Makefile @@ -17,4 +17,4 @@ go-mocks: --user $$(id -u):$$(id -g) \ -w /work \ -v $(PWD):/work \ - vektra/mockery:v2.52.3 --keeptree --inpackage --dir go --output go/tests/mocks --all --log-level debug + vektra/mockery:v2.53.0 --keeptree --inpackage --dir go --output go/tests/mocks --all --log-level debug diff --git a/generate/generate.go b/generate/generate.go index 0b26964c..c2905780 100644 --- a/generate/generate.go +++ b/generate/generate.go @@ -112,7 +112,10 @@ func servicePermissions(root string) (*permissions.ServicePermissions, error) { serverReflectionInfov1alpha1: true, serverReflectionInfo: true, }, - Self: map[string]bool{}, + Self: map[string]bool{}, + Admin: map[string]bool{}, + Tenant: map[string]bool{}, + Project: map[string]bool{}, } chargeable = permissions.Chargeable{} auditable = permissions.Auditable{} @@ -149,28 +152,37 @@ func servicePermissions(root string) (*permissions.ServicePermissions, error) { switch *methodOpt.IdentifierValue { case v1.TenantRole_TENANT_ROLE_OWNER.String(): roles.Tenant[v1.TenantRole_TENANT_ROLE_OWNER.String()] = append(roles.Tenant[v1.TenantRole_TENANT_ROLE_OWNER.String()], methodName) + visibility.Tenant[methodName] = true case v1.TenantRole_TENANT_ROLE_EDITOR.String(): roles.Tenant[v1.TenantRole_TENANT_ROLE_EDITOR.String()] = append(roles.Tenant[v1.TenantRole_TENANT_ROLE_EDITOR.String()], methodName) + visibility.Tenant[methodName] = true case v1.TenantRole_TENANT_ROLE_VIEWER.String(): roles.Tenant[v1.TenantRole_TENANT_ROLE_VIEWER.String()] = append(roles.Tenant[v1.TenantRole_TENANT_ROLE_VIEWER.String()], methodName) + visibility.Tenant[methodName] = true case v1.TenantRole_TENANT_ROLE_GUEST.String(): roles.Tenant[v1.TenantRole_TENANT_ROLE_GUEST.String()] = append(roles.Tenant[v1.TenantRole_TENANT_ROLE_GUEST.String()], methodName) + visibility.Tenant[methodName] = true case v1.TenantRole_TENANT_ROLE_UNSPECIFIED.String(): // noop // Project case v1.ProjectRole_PROJECT_ROLE_OWNER.String(): roles.Project[v1.ProjectRole_PROJECT_ROLE_OWNER.String()] = append(roles.Project[v1.ProjectRole_PROJECT_ROLE_OWNER.String()], methodName) + visibility.Project[methodName] = true case v1.ProjectRole_PROJECT_ROLE_EDITOR.String(): roles.Project[v1.ProjectRole_PROJECT_ROLE_EDITOR.String()] = append(roles.Project[v1.ProjectRole_PROJECT_ROLE_EDITOR.String()], methodName) + visibility.Project[methodName] = true case v1.ProjectRole_PROJECT_ROLE_VIEWER.String(): roles.Project[v1.ProjectRole_PROJECT_ROLE_VIEWER.String()] = append(roles.Project[v1.ProjectRole_PROJECT_ROLE_VIEWER.String()], methodName) + visibility.Project[methodName] = true case v1.ProjectRole_PROJECT_ROLE_UNSPECIFIED.String(): // noop // Admin case v1.AdminRole_ADMIN_ROLE_EDITOR.String(): roles.Admin[v1.AdminRole_ADMIN_ROLE_EDITOR.String()] = append(roles.Admin[v1.AdminRole_ADMIN_ROLE_EDITOR.String()], methodName) + visibility.Admin[methodName] = true case v1.AdminRole_ADMIN_ROLE_VIEWER.String(): roles.Admin[v1.AdminRole_ADMIN_ROLE_VIEWER.String()] = append(roles.Admin[v1.AdminRole_ADMIN_ROLE_VIEWER.String()], methodName) + visibility.Admin[methodName] = true case v1.AdminRole_ADMIN_ROLE_UNSPECIFIED.String(): // noop // Visibility diff --git a/generate/go_servicepermissions.tpl b/generate/go_servicepermissions.tpl index a4cd3e5e..1ca5da2b 100644 --- a/generate/go_servicepermissions.tpl +++ b/generate/go_servicepermissions.tpl @@ -1,6 +1,10 @@ // Code generated discover.go. DO NOT EDIT. package permissions +import ( + "connectrpc.com/connect" +) + func GetServices() []string { return []string{ {{- range $s := .Services }} @@ -54,6 +58,21 @@ func GetServicePermissions() *ServicePermissions { Self: map[string]bool{ {{- range $key, $value := .Visibility.Self }} "{{ $key }}": {{ $value }} , +{{- end }} + }, + Admin: map[string]bool{ +{{- range $key, $value := .Visibility.Admin }} + "{{ $key }}": {{ $value }} , +{{- end }} + }, + Tenant: map[string]bool{ +{{- range $key, $value := .Visibility.Tenant }} + "{{ $key }}": {{ $value }} , +{{- end }} + }, + Project: map[string]bool{ +{{- range $key, $value := .Visibility.Project }} + "{{ $key }}": {{ $value }} , {{- end }} }, }, @@ -69,3 +88,50 @@ func GetServicePermissions() *ServicePermissions { }, } } + +func IsPublicScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Public[req.Spec().Procedure] + return ok +} + +func IsSelfScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Self[req.Spec().Procedure] + return ok +} + +func IsAdminScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Admin[req.Spec().Procedure] + return ok +} + +func IsTenantScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Tenant[req.Spec().Procedure] + return ok +} + +func IsProjectScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Project[req.Spec().Procedure] + return ok +} + +func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { + if !IsTenantScope(req) { + return "", false + } + switch rq := req.Any().(type) { + case interface{ GetLogin() string }: + return rq.GetLogin(), true + } + return "", false +} + +func GetProjectFromRequest(req connect.AnyRequest) (string, bool) { + if !IsProjectScope(req) { + return "", false + } + switch rq := req.Any().(type) { + case interface{ GetProject() string }: + return rq.GetProject(), true + } + return "", false +} \ No newline at end of file diff --git a/go/permissions/permissions.go b/go/permissions/permissions.go index 8e030e8c..38c12101 100644 --- a/go/permissions/permissions.go +++ b/go/permissions/permissions.go @@ -33,4 +33,7 @@ type Roles struct { type Visibility struct { Public map[string]bool `json:"public,omitempty"` Self map[string]bool `json:"self,omitempty"` + Admin map[string]bool `json:"admin,omitempty"` + Tenant map[string]bool `json:"tenant,omitempty"` + Project map[string]bool `json:"project,omitempty"` } diff --git a/go/permissions/servicepermissions.go b/go/permissions/servicepermissions.go index 415eea86..932cc274 100755 --- a/go/permissions/servicepermissions.go +++ b/go/permissions/servicepermissions.go @@ -1,6 +1,10 @@ // Code generated discover.go. DO NOT EDIT. package permissions +import ( + "connectrpc.com/connect" +) + func GetServices() []string { return []string{ "admin.v1.ClusterService", @@ -288,6 +292,75 @@ func GetServicePermissions() *ServicePermissions { "/api.v1.TokenService/Update": true, "/api.v1.UserService/Get": true, }, + Admin: map[string]bool{ + "/admin.v1.ClusterService/Credentials": true, + "/admin.v1.ClusterService/Get": true, + "/admin.v1.ClusterService/List": true, + "/admin.v1.PaymentService/AddBalanceToCustomer": true, + "/admin.v1.PaymentService/ListCoupons": true, + "/admin.v1.ProjectService/List": true, + "/admin.v1.StorageService/ClusterInfo": true, + "/admin.v1.StorageService/ListSnapshots": true, + "/admin.v1.StorageService/ListVolumes": true, + "/admin.v1.TenantService/AddMember": true, + "/admin.v1.TenantService/Admit": true, + "/admin.v1.TenantService/List": true, + "/admin.v1.TenantService/Revoke": true, + "/admin.v1.TokenService/List": true, + "/admin.v1.TokenService/Revoke": true, + }, + Tenant: map[string]bool{ + "/api.v1.PaymentService/CheckAdmitted": true, + "/api.v1.PaymentService/CheckIfCustomerExists": true, + "/api.v1.PaymentService/CreateOrUpdateCustomer": true, + "/api.v1.PaymentService/DeletePaymentMethod": true, + "/api.v1.PaymentService/GetCustomer": true, + "/api.v1.PaymentService/GetInvoices": true, + "/api.v1.PaymentService/GetOnboarded": true, + "/api.v1.PaymentService/GetSubscriptionUsage": true, + "/api.v1.PaymentService/HasChargeableResources": true, + "/api.v1.PaymentService/HasPaymentMethod": true, + "/api.v1.PaymentService/RequestAdmission": true, + "/api.v1.PaymentService/SetOnboarded": true, + "/api.v1.ProjectService/Create": true, + "/api.v1.TenantService/Delete": true, + "/api.v1.TenantService/Get": true, + "/api.v1.TenantService/Invite": true, + "/api.v1.TenantService/InviteDelete": true, + "/api.v1.TenantService/InvitesList": true, + "/api.v1.TenantService/RemoveMember": true, + "/api.v1.TenantService/Update": true, + "/api.v1.TenantService/UpdateMember": true, + }, + Project: map[string]bool{ + "/api.v1.ClusterService/Create": true, + "/api.v1.ClusterService/Delete": true, + "/api.v1.ClusterService/Get": true, + "/api.v1.ClusterService/GetCredentials": true, + "/api.v1.ClusterService/List": true, + "/api.v1.ClusterService/Operate": true, + "/api.v1.ClusterService/Update": true, + "/api.v1.ClusterService/WatchStatus": true, + "/api.v1.IPService/Allocate": true, + "/api.v1.IPService/Delete": true, + "/api.v1.IPService/Get": true, + "/api.v1.IPService/List": true, + "/api.v1.IPService/Update": true, + "/api.v1.ProjectService/Delete": true, + "/api.v1.ProjectService/Get": true, + "/api.v1.ProjectService/Invite": true, + "/api.v1.ProjectService/InviteDelete": true, + "/api.v1.ProjectService/InvitesList": true, + "/api.v1.ProjectService/RemoveMember": true, + "/api.v1.ProjectService/Update": true, + "/api.v1.ProjectService/UpdateMember": true, + "/api.v1.SnapshotService/Delete": true, + "/api.v1.SnapshotService/Get": true, + "/api.v1.SnapshotService/List": true, + "/api.v1.VolumeService/Delete": true, + "/api.v1.VolumeService/Get": true, + "/api.v1.VolumeService/List": true, + }, }, Chargeable: map[string]bool{ "/api.v1.ClusterService/Create": true, @@ -383,3 +456,50 @@ func GetServicePermissions() *ServicePermissions { }, } } + +func IsPublicScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Public[req.Spec().Procedure] + return ok +} + +func IsSelfScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Self[req.Spec().Procedure] + return ok +} + +func IsAdminScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Admin[req.Spec().Procedure] + return ok +} + +func IsTenantScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Tenant[req.Spec().Procedure] + return ok +} + +func IsProjectScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Visibility.Project[req.Spec().Procedure] + return ok +} + +func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { + if !IsTenantScope(req) { + return "", false + } + switch rq := req.Any().(type) { + case interface{ GetLogin() string }: + return rq.GetLogin(), true + } + return "", false +} + +func GetProjectFromRequest(req connect.AnyRequest) (string, bool) { + if !IsProjectScope(req) { + return "", false + } + switch rq := req.Any().(type) { + case interface{ GetProject() string }: + return rq.GetProject(), true + } + return "", false +} diff --git a/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceClient.go index 29b50110..6c13dd01 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceHandler.go index d98e2f37..feae7a34 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/ClusterServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceClient.go index 7b8a35ea..860ea27f 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceHandler.go index caabbd40..5ab3628f 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/PaymentServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceClient.go index 2b84d10a..208df168 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceHandler.go index 9f19074a..870aaddc 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/ProjectServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/StorageServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/StorageServiceClient.go index 792189bf..e9d8aa12 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/StorageServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/StorageServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/StorageServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/StorageServiceHandler.go index a787c684..05bf4e07 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/StorageServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/StorageServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/TenantServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/TenantServiceClient.go index e52ab343..6c0e34ab 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/TenantServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/TenantServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/TenantServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/TenantServiceHandler.go index cf819053..bf8b1c0a 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/TenantServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/TenantServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/TokenServiceClient.go b/go/tests/mocks/admin/v1/adminv1connect/TokenServiceClient.go index 6a29e36b..183e0248 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/TokenServiceClient.go +++ b/go/tests/mocks/admin/v1/adminv1connect/TokenServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/admin/v1/adminv1connect/TokenServiceHandler.go b/go/tests/mocks/admin/v1/adminv1connect/TokenServiceHandler.go index fc3bbd5d..71ee9cf9 100644 --- a/go/tests/mocks/admin/v1/adminv1connect/TokenServiceHandler.go +++ b/go/tests/mocks/admin/v1/adminv1connect/TokenServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package adminv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/AssetServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/AssetServiceClient.go index 109482b5..32023d3f 100644 --- a/go/tests/mocks/api/v1/apiv1connect/AssetServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/AssetServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/AssetServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/AssetServiceHandler.go index beddcedf..1e2e05b9 100644 --- a/go/tests/mocks/api/v1/apiv1connect/AssetServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/AssetServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/ClusterServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/ClusterServiceClient.go index 34dfe175..1d360117 100644 --- a/go/tests/mocks/api/v1/apiv1connect/ClusterServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/ClusterServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/ClusterServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/ClusterServiceHandler.go index 0e7b4f39..386f6b1c 100644 --- a/go/tests/mocks/api/v1/apiv1connect/ClusterServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/ClusterServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/HealthServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/HealthServiceClient.go index ca96648a..03bdc391 100644 --- a/go/tests/mocks/api/v1/apiv1connect/HealthServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/HealthServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/HealthServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/HealthServiceHandler.go index be62e3b0..cb6d5fbd 100644 --- a/go/tests/mocks/api/v1/apiv1connect/HealthServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/HealthServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/IPServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/IPServiceClient.go index 13b20830..6f0c6cc8 100644 --- a/go/tests/mocks/api/v1/apiv1connect/IPServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/IPServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/IPServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/IPServiceHandler.go index acd680be..7f23d91e 100644 --- a/go/tests/mocks/api/v1/apiv1connect/IPServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/IPServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/MethodServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/MethodServiceClient.go index 18e14528..ff28dd4e 100644 --- a/go/tests/mocks/api/v1/apiv1connect/MethodServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/MethodServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/MethodServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/MethodServiceHandler.go index 4a991d75..4e43b188 100644 --- a/go/tests/mocks/api/v1/apiv1connect/MethodServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/MethodServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/PaymentServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/PaymentServiceClient.go index d29bb209..5db50207 100644 --- a/go/tests/mocks/api/v1/apiv1connect/PaymentServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/PaymentServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/PaymentServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/PaymentServiceHandler.go index cbf9acaa..41d31abe 100644 --- a/go/tests/mocks/api/v1/apiv1connect/PaymentServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/PaymentServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/ProjectServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/ProjectServiceClient.go index 2c4ecc96..7ec20f79 100644 --- a/go/tests/mocks/api/v1/apiv1connect/ProjectServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/ProjectServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/ProjectServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/ProjectServiceHandler.go index 45dd9de6..259f8131 100644 --- a/go/tests/mocks/api/v1/apiv1connect/ProjectServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/ProjectServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceClient.go index 1e0bdbd6..66795060 100644 --- a/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceHandler.go index d47ea61e..e0941d1d 100644 --- a/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/SnapshotServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/TenantServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/TenantServiceClient.go index d434e65c..1e496d26 100644 --- a/go/tests/mocks/api/v1/apiv1connect/TenantServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/TenantServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/TenantServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/TenantServiceHandler.go index f1914ddc..5b7845ce 100644 --- a/go/tests/mocks/api/v1/apiv1connect/TenantServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/TenantServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/TokenServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/TokenServiceClient.go index 6294b739..6a69f55e 100644 --- a/go/tests/mocks/api/v1/apiv1connect/TokenServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/TokenServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/TokenServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/TokenServiceHandler.go index b2e22b91..a841bb62 100644 --- a/go/tests/mocks/api/v1/apiv1connect/TokenServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/TokenServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/UserServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/UserServiceClient.go index c9150f28..e4f9530d 100644 --- a/go/tests/mocks/api/v1/apiv1connect/UserServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/UserServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/UserServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/UserServiceHandler.go index 77211bf5..0b530346 100644 --- a/go/tests/mocks/api/v1/apiv1connect/UserServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/UserServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/VersionServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/VersionServiceClient.go index be1005dc..5bd4cbea 100644 --- a/go/tests/mocks/api/v1/apiv1connect/VersionServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/VersionServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/VersionServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/VersionServiceHandler.go index 1febcb6c..35b230a1 100644 --- a/go/tests/mocks/api/v1/apiv1connect/VersionServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/VersionServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/VolumeServiceClient.go b/go/tests/mocks/api/v1/apiv1connect/VolumeServiceClient.go index 2c52f61a..e58b724c 100644 --- a/go/tests/mocks/api/v1/apiv1connect/VolumeServiceClient.go +++ b/go/tests/mocks/api/v1/apiv1connect/VolumeServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/api/v1/apiv1connect/VolumeServiceHandler.go b/go/tests/mocks/api/v1/apiv1connect/VolumeServiceHandler.go index 3e17866b..a4aa974f 100644 --- a/go/tests/mocks/api/v1/apiv1connect/VolumeServiceHandler.go +++ b/go/tests/mocks/api/v1/apiv1connect/VolumeServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package apiv1connect diff --git a/go/tests/mocks/client/Adminv1.go b/go/tests/mocks/client/Adminv1.go index 35e12a11..66f88056 100644 --- a/go/tests/mocks/client/Adminv1.go +++ b/go/tests/mocks/client/Adminv1.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package client diff --git a/go/tests/mocks/client/Apiv1.go b/go/tests/mocks/client/Apiv1.go index 94316645..4c579fee 100644 --- a/go/tests/mocks/client/Apiv1.go +++ b/go/tests/mocks/client/Apiv1.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package client diff --git a/go/tests/mocks/client/Client.go b/go/tests/mocks/client/Client.go index 46997a93..0b471e7d 100644 --- a/go/tests/mocks/client/Client.go +++ b/go/tests/mocks/client/Client.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package client diff --git a/go/tests/mocks/client/Statusv1.go b/go/tests/mocks/client/Statusv1.go index 19837075..56b24278 100644 --- a/go/tests/mocks/client/Statusv1.go +++ b/go/tests/mocks/client/Statusv1.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package client diff --git a/go/tests/mocks/status/v1/statusv1connect/MessageServiceClient.go b/go/tests/mocks/status/v1/statusv1connect/MessageServiceClient.go index e9cf0f9a..227b8f82 100644 --- a/go/tests/mocks/status/v1/statusv1connect/MessageServiceClient.go +++ b/go/tests/mocks/status/v1/statusv1connect/MessageServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package statusv1connect diff --git a/go/tests/mocks/status/v1/statusv1connect/MessageServiceHandler.go b/go/tests/mocks/status/v1/statusv1connect/MessageServiceHandler.go index b1c1ff0e..47c5a7c7 100644 --- a/go/tests/mocks/status/v1/statusv1connect/MessageServiceHandler.go +++ b/go/tests/mocks/status/v1/statusv1connect/MessageServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package statusv1connect diff --git a/go/tests/mocks/status/v1/statusv1connect/StatusServiceClient.go b/go/tests/mocks/status/v1/statusv1connect/StatusServiceClient.go index 4eed6fae..a4693277 100644 --- a/go/tests/mocks/status/v1/statusv1connect/StatusServiceClient.go +++ b/go/tests/mocks/status/v1/statusv1connect/StatusServiceClient.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package statusv1connect diff --git a/go/tests/mocks/status/v1/statusv1connect/StatusServiceHandler.go b/go/tests/mocks/status/v1/statusv1connect/StatusServiceHandler.go index 40685686..868c9ee2 100644 --- a/go/tests/mocks/status/v1/statusv1connect/StatusServiceHandler.go +++ b/go/tests/mocks/status/v1/statusv1connect/StatusServiceHandler.go @@ -1,4 +1,4 @@ -// Code generated by mockery v2.52.3. DO NOT EDIT. +// Code generated by mockery v2.53.0. DO NOT EDIT. package statusv1connect diff --git a/js/permissions/servicepermissions.json b/js/permissions/servicepermissions.json index 6d096ea5..afe3ae1f 100755 --- a/js/permissions/servicepermissions.json +++ b/js/permissions/servicepermissions.json @@ -257,6 +257,75 @@ "/api.v1.TokenService/Revoke": true, "/api.v1.TokenService/Update": true, "/api.v1.UserService/Get": true + }, + "admin": { + "/admin.v1.ClusterService/Credentials": true, + "/admin.v1.ClusterService/Get": true, + "/admin.v1.ClusterService/List": true, + "/admin.v1.PaymentService/AddBalanceToCustomer": true, + "/admin.v1.PaymentService/ListCoupons": true, + "/admin.v1.ProjectService/List": true, + "/admin.v1.StorageService/ClusterInfo": true, + "/admin.v1.StorageService/ListSnapshots": true, + "/admin.v1.StorageService/ListVolumes": true, + "/admin.v1.TenantService/AddMember": true, + "/admin.v1.TenantService/Admit": true, + "/admin.v1.TenantService/List": true, + "/admin.v1.TenantService/Revoke": true, + "/admin.v1.TokenService/List": true, + "/admin.v1.TokenService/Revoke": true + }, + "tenant": { + "/api.v1.PaymentService/CheckAdmitted": true, + "/api.v1.PaymentService/CheckIfCustomerExists": true, + "/api.v1.PaymentService/CreateOrUpdateCustomer": true, + "/api.v1.PaymentService/DeletePaymentMethod": true, + "/api.v1.PaymentService/GetCustomer": true, + "/api.v1.PaymentService/GetInvoices": true, + "/api.v1.PaymentService/GetOnboarded": true, + "/api.v1.PaymentService/GetSubscriptionUsage": true, + "/api.v1.PaymentService/HasChargeableResources": true, + "/api.v1.PaymentService/HasPaymentMethod": true, + "/api.v1.PaymentService/RequestAdmission": true, + "/api.v1.PaymentService/SetOnboarded": true, + "/api.v1.ProjectService/Create": true, + "/api.v1.TenantService/Delete": true, + "/api.v1.TenantService/Get": true, + "/api.v1.TenantService/Invite": true, + "/api.v1.TenantService/InviteDelete": true, + "/api.v1.TenantService/InvitesList": true, + "/api.v1.TenantService/RemoveMember": true, + "/api.v1.TenantService/Update": true, + "/api.v1.TenantService/UpdateMember": true + }, + "project": { + "/api.v1.ClusterService/Create": true, + "/api.v1.ClusterService/Delete": true, + "/api.v1.ClusterService/Get": true, + "/api.v1.ClusterService/GetCredentials": true, + "/api.v1.ClusterService/List": true, + "/api.v1.ClusterService/Operate": true, + "/api.v1.ClusterService/Update": true, + "/api.v1.ClusterService/WatchStatus": true, + "/api.v1.IPService/Allocate": true, + "/api.v1.IPService/Delete": true, + "/api.v1.IPService/Get": true, + "/api.v1.IPService/List": true, + "/api.v1.IPService/Update": true, + "/api.v1.ProjectService/Delete": true, + "/api.v1.ProjectService/Get": true, + "/api.v1.ProjectService/Invite": true, + "/api.v1.ProjectService/InviteDelete": true, + "/api.v1.ProjectService/InvitesList": true, + "/api.v1.ProjectService/RemoveMember": true, + "/api.v1.ProjectService/Update": true, + "/api.v1.ProjectService/UpdateMember": true, + "/api.v1.SnapshotService/Delete": true, + "/api.v1.SnapshotService/Get": true, + "/api.v1.SnapshotService/List": true, + "/api.v1.VolumeService/Delete": true, + "/api.v1.VolumeService/Get": true, + "/api.v1.VolumeService/List": true } }, "chargeable": { From e79e4336948f5d837a47ffa70595faf760bbea88 Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Mon, 3 Mar 2025 10:22:02 +0100 Subject: [PATCH 2/3] Add IsChargeable --- generate/go_servicepermissions.tpl | 5 +++++ go/permissions/servicepermissions.go | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/generate/go_servicepermissions.tpl b/generate/go_servicepermissions.tpl index 1ca5da2b..1a0af631 100644 --- a/generate/go_servicepermissions.tpl +++ b/generate/go_servicepermissions.tpl @@ -114,6 +114,11 @@ func IsProjectScope(req connect.AnyRequest) bool { return ok } +func IsChargeableScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Chargeable[req.Spec().Procedure] + return ok +} + func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { if !IsTenantScope(req) { return "", false diff --git a/go/permissions/servicepermissions.go b/go/permissions/servicepermissions.go index 932cc274..9d651ee2 100755 --- a/go/permissions/servicepermissions.go +++ b/go/permissions/servicepermissions.go @@ -482,6 +482,11 @@ func IsProjectScope(req connect.AnyRequest) bool { return ok } +func IsChargeableScope(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Chargeable[req.Spec().Procedure] + return ok +} + func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { if !IsTenantScope(req) { return "", false From 2c22cb368c5514c5eff2b60208d80eff703ccc3e Mon Sep 17 00:00:00 2001 From: Stefan Majer Date: Mon, 3 Mar 2025 10:54:43 +0100 Subject: [PATCH 3/3] Add IsAuditable --- generate/go_servicepermissions.tpl | 7 ++++++- go/permissions/servicepermissions.go | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/generate/go_servicepermissions.tpl b/generate/go_servicepermissions.tpl index 1a0af631..c1647675 100644 --- a/generate/go_servicepermissions.tpl +++ b/generate/go_servicepermissions.tpl @@ -114,11 +114,16 @@ func IsProjectScope(req connect.AnyRequest) bool { return ok } -func IsChargeableScope(req connect.AnyRequest) bool { +func IsChargeable(req connect.AnyRequest) bool { _, ok := GetServicePermissions().Chargeable[req.Spec().Procedure] return ok } +func IsAuditable(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Auditable[req.Spec().Procedure] + return ok +} + func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { if !IsTenantScope(req) { return "", false diff --git a/go/permissions/servicepermissions.go b/go/permissions/servicepermissions.go index 9d651ee2..4ae8c633 100755 --- a/go/permissions/servicepermissions.go +++ b/go/permissions/servicepermissions.go @@ -482,11 +482,16 @@ func IsProjectScope(req connect.AnyRequest) bool { return ok } -func IsChargeableScope(req connect.AnyRequest) bool { +func IsChargeable(req connect.AnyRequest) bool { _, ok := GetServicePermissions().Chargeable[req.Spec().Procedure] return ok } +func IsAuditable(req connect.AnyRequest) bool { + _, ok := GetServicePermissions().Auditable[req.Spec().Procedure] + return ok +} + func GetTenantFromRequest(req connect.AnyRequest) (string, bool) { if !IsTenantScope(req) { return "", false