Payment Flow + Access Flow Change
This commit is contained in:
@@ -39,6 +39,16 @@ type AbstractResource struct {
|
||||
Env []models.Param `json:"env,omitempty" bson:"env,omitempty"`
|
||||
Inputs []models.Param `json:"inputs,omitempty" bson:"inputs,omitempty"`
|
||||
Outputs []models.Param `json:"outputs,omitempty" bson:"outputs,omitempty"`
|
||||
|
||||
// License is the usage licence of the resource (SPDX identifier or free-text).
|
||||
// Displayed prominently in the catalog detail view.
|
||||
License string `json:"license,omitempty" bson:"license,omitempty"`
|
||||
|
||||
// ExploitationAuthorizations (AEs) are coupling and peer-usage constraints
|
||||
// issued by the resource owner. Stored embedded in the resource document,
|
||||
// NOT in a separate collection.
|
||||
// Visibility-filtered per requesting peer before any response is sent.
|
||||
ExploitationAuthorizations []ExploitationAuthorization `json:"exploitation_authorizations,omitempty" bson:"exploitation_authorizations,omitempty"`
|
||||
}
|
||||
|
||||
func (ri *AbstractResource) Extend(typ ...string) map[string][]tools.DataType {
|
||||
@@ -83,6 +93,28 @@ func (abs *AbstractResource) FilterPeer(peerID string) *dbs.Filters {
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetExploitationAuthorizations returns all AEs attached to this resource.
|
||||
// Used by oc-schedulerd's CheckWorkflowAE via structural interface assertion.
|
||||
func (r *AbstractResource) GetExploitationAuthorizations() []ExploitationAuthorization {
|
||||
return r.ExploitationAuthorizations
|
||||
}
|
||||
|
||||
// FilterExploitationAuthorizations removes AEs that are not visible to peerID.
|
||||
// Must be called before serializing the resource for a consumer peer.
|
||||
// The resource owner (CreatorID) always sees all AEs unfiltered.
|
||||
func (r *AbstractResource) FilterExploitationAuthorizations(peerID string, isAdmin bool) {
|
||||
if isAdmin {
|
||||
return // admin or owner: no filtering
|
||||
}
|
||||
filtered := r.ExploitationAuthorizations[:0]
|
||||
for _, ae := range r.ExploitationAuthorizations {
|
||||
if ae.IsVisibleTo(peerID, r.CreatorID) {
|
||||
filtered = append(filtered, ae)
|
||||
}
|
||||
}
|
||||
r.ExploitationAuthorizations = filtered
|
||||
}
|
||||
|
||||
func (ri *AbstractResource) ClearEnv() utils.DBObject {
|
||||
ri.Env = []models.Param{}
|
||||
ri.Inputs = []models.Param{}
|
||||
@@ -201,12 +233,15 @@ func (r *AbstractInstanciatedResource[T]) GetSelectedInstance(selected *int) Res
|
||||
func (abs *AbstractInstanciatedResource[T]) SetAllowedInstances(request *tools.APIRequest, instanceID ...string) []ResourceInstanceITF {
|
||||
if !((request != nil && request.PeerID == abs.CreatorID && request.PeerID != "") || request.Admin) {
|
||||
abs.Instances = VerifyAuthAction(abs.Instances, request, instanceID...)
|
||||
// Filter AEs: only return AEs visible to the requesting peer.
|
||||
if request != nil {
|
||||
abs.FilterExploitationAuthorizations(request.PeerID, request.Admin)
|
||||
}
|
||||
}
|
||||
inst := []ResourceInstanceITF{}
|
||||
for _, i := range abs.Instances {
|
||||
inst = append(inst, i)
|
||||
}
|
||||
|
||||
return inst
|
||||
}
|
||||
|
||||
@@ -528,3 +563,18 @@ func ToResource(
|
||||
}
|
||||
return nil, errors.New("can't found any data resources matching")
|
||||
}
|
||||
|
||||
type ResourceAccess struct {
|
||||
Source *models.PathSource `json:"source,omitempty" bson:"source,omitempty"`
|
||||
Container *models.Container `json:"container,omitempty" bson:"container,omitempty"` // Container is the container
|
||||
}
|
||||
|
||||
// HasSource returns true when the access is source-based (no embedded container).
|
||||
func (a *ResourceAccess) HasSource() bool {
|
||||
return a != nil && a.Container == nil && a.Source != nil
|
||||
}
|
||||
|
||||
// HasContainer returns true when an explicit container image is provided.
|
||||
func (a *ResourceAccess) HasContainer() bool {
|
||||
return a != nil && a.Container != nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user