I've written a function for role checking:
...
role = "roles/cloudkms.publicKeyViewer"
func checkRole(key, serviceAccount, role string) bool {
...
return policy.HasRole(serviceAccount, role)
}
Then I'm getting the error "cannot use role (type string) as type "cloud.google.com/go/iam".RoleName in argument to policy.HasRole.
What's the right way to convert the role value to custom type?
// A RoleName is a name representing a collection of permissions.
type RoleName string
// Common role names.
const (
Owner RoleName = "roles/owner"
Editor RoleName = "roles/editor"
Viewer RoleName = "roles/viewer"
)
const (
// AllUsers is a special member that denotes all users, even unauthenticated ones.
AllUsers = "allUsers"
// AllAuthenticatedUsers is a special member that denotes all authenticated users.
AllAuthenticatedUsers = "allAuthenticatedUsers"
)
// HasRole reports whether member has role r.
func (p *Policy) HasRole(member string, r RoleName) bool {
return memberIndex(member, p.binding(r)) >= 0
}
You can use type conversion as the following:
return policy.HasRole(serviceAccount, iam.RoleName(role))
Or simpler by declaring role as iam.RoleName
func checkRole(key, serviceAccount, role iam.RoleName) bool {
...
return policy.HasRole(serviceAccount, role)
}