*: support deleteRange perm checking

2016-06-13 17:19:59 -07:00
parent a26ebfb675
commit c75fa6fdc9
2 changed files with 12 additions and 1 deletions
--- a/auth/store.go
+++ b/auth/store.go
@ -113,6 +113,9 @@ type AuthStore interface {
 	// IsRangePermitted checks range permission of the user
 	IsRangePermitted(header *pb.RequestHeader, key, rangeEnd []byte) bool

+	// IsDeleteRangePermitted checks delete-range permission of the user
+	IsDeleteRangePermitted(username string, key, rangeEnd []byte) bool
+
 	// IsAdminPermitted checks admin permission of the user
 	IsAdminPermitted(username string) bool

@ -575,6 +578,10 @@ func (as *authStore) IsRangePermitted(header *pb.RequestHeader, key, rangeEnd []
 	return as.isOpPermitted(header.Username, key, rangeEnd, authpb.READ)
 }

+func (as *authStore) IsDeleteRangePermitted(username string, key, rangeEnd []byte) bool {
+	return as.isOpPermitted(username, key, rangeEnd, authpb.WRITE)
+}
+
 func (as *authStore) IsAdminPermitted(username string) bool {
 	if !as.isAuthEnabled() {
 		return true