linstrom/auth/checks.go

package auth

import "git.mstar.dev/mstar/linstrom/storage"

// Can actorId access the account with targetId?
func (a *Authentication) CanAccessAccount(actorId *string, targetId string) bool { return true }

// Can actorId edit the account with targetId?
func (a *Authentication) CanEditAccount(actorId *string, targetIt *string) bool { return true }

// Can actorId delete the account with targetId?
func (a *Authentication) CanDeleteAccount(actorId *string, targetIt *string) bool { return true }

// Can actorId create a new post at all?
// Specific restrictions regarding the content are not checked
func (a *Authentication) CanCreatePost(actorId string) bool { return true }

// Ensures that a given post conforms with all roles attached to the author account.
// Returns the conforming note (or nil of it can't be changed to conform)
// and whether the note was changed
func (a *Authentication) EnsureNoteConformsWithRoles(note *storage.Note) (*storage.Note, bool) {
	return note, false
}

// Does the given note conform with the roles attached to the author account?
func (a *Authentication) DoesNoteConform(note *storage.Note) bool { return true }
WIP New auth management system Wait, what's this? A new commit to Linstrom? And I thought I was done for good with this project now that I've left Fedi. Well, I got bored at work and inspired by a random bit I've seen in Elixir Phoenix's docs. So here is the start of a new subsystem: Authentication Intended to bundle all authentication related checks and updates in one place. Http handlers should not be the ones to perform the logic, too much duplication. Technically, they probably shouldn't even contain any business logic at all, only calling it and transforming it into visible output Also may be considering switching to Vue or at least changing how the ember frontend interacts with the backend 2025-02-21 14:52:21 +00:00			`package auth`

			`import "git.mstar.dev/mstar/linstrom/storage"`

			`// Can actorId access the account with targetId?`
			`func (a Authentication) CanAccessAccount(actorId string, targetId string) bool { return true }`

			`// Can actorId edit the account with targetId?`
			`func (a Authentication) CanEditAccount(actorId string, targetIt *string) bool { return true }`

			`// Can actorId delete the account with targetId?`
			`func (a Authentication) CanDeleteAccount(actorId string, targetIt *string) bool { return true }`

			`// Can actorId create a new post at all?`
			`// Specific restrictions regarding the content are not checked`
			`func (a *Authentication) CanCreatePost(actorId string) bool { return true }`

			`// Ensures that a given post conforms with all roles attached to the author account.`
			`// Returns the conforming note (or nil of it can't be changed to conform)`
			`// and whether the note was changed`
			`func (a Authentication) EnsureNoteConformsWithRoles(note storage.Note) (*storage.Note, bool) {`
			`return note, false`
			`}`

			`// Does the given note conform with the roles attached to the author account?`
			`func (a Authentication) DoesNoteConform(note storage.Note) bool { return true }`