isSubsetOrEqualTo method Null safety

bool isSubsetOrEqualTo(

AuthScope incomingScope

)

Whether or not this instance is a subset or equal to incomingScope.

The scope users:posts is a subset of users.

This check is used to determine if an Authorizer can allow a Request to pass if the Request's Request.authorization has a scope that has the same or more scope than the required scope of an Authorizer.

Implementation

bool isSubsetOrEqualTo(AuthScope incomingScope) {
  if (incomingScope._lastModifier != null) {
    // If the modifier of the incoming scope is restrictive,
    // and this scope requires no restrictions, then it's not allowed.
    if (_lastModifier == null) {
      return false;
    }

    // If the incoming scope's modifier doesn't match this one,
    // then we also don't have access.
    if (_lastModifier != incomingScope._lastModifier) {
      return false;
    }
  }

  final thisIterator = _segments.iterator;
  for (final incomingSegment in incomingScope._segments) {
    // If the incoming scope is more restrictive than this scope,
    // then it's not allowed.
    if (!thisIterator.moveNext()) {
      return false;
    }
    final current = thisIterator.current;

    // If we have a mismatch here, then we're going
    // down the wrong path.
    if (incomingSegment.name != current.name) {
      return false;
    }
  }

  return true;
}

isSubsetOrEqualTo method Null safety

Implementation

AuthScope class