6
7
8
9
10
11
12
13
14
15
16
17
18
|
# File 'lib/textus/manifest/policy/predicates/lane_writable_by.rb', line 6
def self.call(manifest:, actor:, action:, key:, schemas: nil, envelope: nil, extra: {})
return { pass: true } if key.nil?
mentry = manifest.resolver.resolve(key).entry
lane_verb = manifest.policy.verb_for_lane(mentry.lane.to_s)
caps = Set.new(manifest.data.role_caps.fetch(actor.to_s, []))
return { pass: true } if caps.include?(lane_verb.to_s)
holders = manifest.policy.roles_with_capability(lane_verb.to_s)
{ pass: false, error: Textus::WriteForbidden.new(mentry.key, mentry.lane, verb: lane_verb, holders:) }
rescue Textus::UnknownKey
{ pass: true }
end
|