in src/services/rbac_service.py [0:0]
def does_permission_match(target_permission: str, permission: str) -> bool:
"""
Our permissions adhere to such a format "domain:action".
:param target_permission: permission a user want to access.
It's not supposed to contain '*'. Must be a solid perm.
to access one endpoint
:param permission: permission a user has
:return:
"""
if ':' not in target_permission:
return False
if ':' not in permission:
return False
tp_domain, tp_action = map(
str.strip, target_permission.split(':', maxsplit=2))
p_domain, p_action = map(
str.strip, permission.split(':', maxsplit=2))
_domain_match = tp_domain == p_domain or p_domain == '*'
_action_match = tp_action == p_action or p_action == '*'
return _domain_match and _action_match