LCOV - differential code coverage report
Current view: top level - safekeeper/src - auth.rs (source / functions) Coverage Total Hit UBC CBC
Current: f6946e90941b557c917ac98cd5a7e9506d180f3e.info Lines: 90.0 % 10 9 1 9
Current Date: 2023-10-19 02:04:12 Functions: 100.0 % 1 1 1
Baseline: c8637f37369098875162f194f92736355783b050.info
Baseline Date: 2023-10-18 20:25:20 

           TLA  Line data    Source code
       1                 : use anyhow::{bail, Result};
       2                 : use utils::auth::{Claims, Scope};
       3                 : use utils::id::TenantId;
       4                 : 
       5                 : pub fn check_permission(claims: &Claims, tenant_id: Option<TenantId>) -> Result<()> {
       6 CBC         187 :     match (&claims.scope, tenant_id) {
       7                 :         (Scope::Tenant, None) => {
       8 UBC           0 :             bail!("Attempt to access management api with tenant scope. Permission denied")
       9                 :         }
      10 CBC         134 :         (Scope::Tenant, Some(tenant_id)) => {
      11             134 :             if claims.tenant_id.unwrap() != tenant_id {
      12               5 :                 bail!("Tenant id mismatch. Permission denied")
      13             129 :             }
      14             129 :             Ok(())
      15                 :         }
      16               1 :         (Scope::PageServerApi, _) => bail!("PageServerApi scope makes no sense for Safekeeper"),
      17              52 :         (Scope::SafekeeperData, _) => Ok(()),
      18                 :     }
      19             187 : }

Generated by: LCOV version 2.1-beta