Add credential checks
This change adds authentication/credential checks to sensitive API
methods, depending on the access level granted to the authenticated
user. It also adds the logic to save the authenticated user to the audit
log entries.
Note: the protobuf definitions were updated in a backwards-incompatible
way (KillSwitchAuthorizedUser.AccessLevel enum). This can be done since
this product hasn't yet launched.
Fixed: twpowertools:46
Change-Id: I9bf888d6108f463369143610d4bd5b256035b68f
diff --git a/api_proto/kill_switch_objects.pb.go b/api_proto/kill_switch_objects.pb.go
index f449ce6..078833e 100644
--- a/api_proto/kill_switch_objects.pb.go
+++ b/api_proto/kill_switch_objects.pb.go
@@ -1,7 +1,7 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.26.0
-// protoc v3.17.1
+// protoc v3.17.3
// source: api_proto/kill_switch_objects.proto
package api_proto
@@ -77,21 +77,21 @@
const (
KillSwitchAuthorizedUser_ACCESS_LEVEL_NONE KillSwitchAuthorizedUser_AccessLevel = 0
- KillSwitchAuthorizedUser_ACCESS_LEVEL_ACTIVATOR KillSwitchAuthorizedUser_AccessLevel = 1 // The user may enable/disable kill switches.
- KillSwitchAuthorizedUser_ACCESS_LEVEL_ADMIN KillSwitchAuthorizedUser_AccessLevel = 2 // The user may perform any action.
+ KillSwitchAuthorizedUser_ACCESS_LEVEL_ACTIVATOR KillSwitchAuthorizedUser_AccessLevel = 5 // The user may enable/disable kill switches.
+ KillSwitchAuthorizedUser_ACCESS_LEVEL_ADMIN KillSwitchAuthorizedUser_AccessLevel = 10 // The user may perform any action.
)
// Enum value maps for KillSwitchAuthorizedUser_AccessLevel.
var (
KillSwitchAuthorizedUser_AccessLevel_name = map[int32]string{
- 0: "ACCESS_LEVEL_NONE",
- 1: "ACCESS_LEVEL_ACTIVATOR",
- 2: "ACCESS_LEVEL_ADMIN",
+ 0: "ACCESS_LEVEL_NONE",
+ 5: "ACCESS_LEVEL_ACTIVATOR",
+ 10: "ACCESS_LEVEL_ADMIN",
}
KillSwitchAuthorizedUser_AccessLevel_value = map[string]int32{
"ACCESS_LEVEL_NONE": 0,
- "ACCESS_LEVEL_ACTIVATOR": 1,
- "ACCESS_LEVEL_ADMIN": 2,
+ "ACCESS_LEVEL_ACTIVATOR": 5,
+ "ACCESS_LEVEL_ADMIN": 10,
}
)
@@ -878,9 +878,9 @@
0x65, 0x73, 0x73, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x15, 0x0a, 0x11, 0x41, 0x43, 0x43, 0x45,
0x53, 0x53, 0x5f, 0x4c, 0x45, 0x56, 0x45, 0x4c, 0x5f, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12,
0x1a, 0x0a, 0x16, 0x41, 0x43, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x45, 0x56, 0x45, 0x4c, 0x5f,
- 0x41, 0x43, 0x54, 0x49, 0x56, 0x41, 0x54, 0x4f, 0x52, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x41,
+ 0x41, 0x43, 0x54, 0x49, 0x56, 0x41, 0x54, 0x4f, 0x52, 0x10, 0x05, 0x12, 0x16, 0x0a, 0x12, 0x41,
0x43, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x45, 0x56, 0x45, 0x4c, 0x5f, 0x41, 0x44, 0x4d, 0x49,
- 0x4e, 0x10, 0x02, 0x22, 0x58, 0x0a, 0x18, 0x4b, 0x69, 0x6c, 0x6c, 0x53, 0x77, 0x69, 0x74, 0x63,
+ 0x4e, 0x10, 0x0a, 0x22, 0x58, 0x0a, 0x18, 0x4b, 0x69, 0x6c, 0x6c, 0x53, 0x77, 0x69, 0x74, 0x63,
0x68, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12,
0x1d, 0x0a, 0x03, 0x6f, 0x6c, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0b, 0x2e, 0x4b,
0x69, 0x6c, 0x6c, 0x53, 0x77, 0x69, 0x74, 0x63, 0x68, 0x52, 0x03, 0x6f, 0x6c, 0x64, 0x12, 0x1d,