pkg/apps/pgs/access.go@main

pico / pkg / apps / pgs

feat(pgs): project names prefixed with `private-` will have new acl type "private"

a83183c

Eric Bower · 2026-03-02

access.go

 1package pgs
 2
 3import (
 4	"slices"
 5
 6	"github.com/picosh/pico/pkg/db"
 7	"golang.org/x/crypto/ssh"
 8)
 9
10func HasProjectAccess(project *db.Project, owner *db.User, requester *db.User, pubkey ssh.PublicKey) bool {
11	aclType := project.Acl.Type
12	data := project.Acl.Data
13
14	if aclType == "public" {
15		return true
16	}
17
18	if requester != nil {
19		if owner.ID == requester.ID {
20			return true
21		}
22	}
23
24	if aclType == "private" {
25		return false
26	}
27
28	if aclType == "pico" {
29		if requester == nil {
30			return false
31		}
32
33		if len(data) == 0 {
34			return true
35		}
36		return slices.Contains(data, requester.Name)
37	}
38
39	if aclType == "pubkeys" {
40		key := ssh.FingerprintSHA256(pubkey)
41		if len(data) == 0 {
42			return true
43		}
44		return slices.Contains(data, key)
45	}
46
47	return true
48}