From 993e9c1010ade623288a8915dbcfcdc5b4902204 Mon Sep 17 00:00:00 2001
From: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Date: Mon, 10 Jan 2022 14:22:39 -0800
Subject: [PATCH] update msg (#1457)

---
 checks/permissions.go | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/checks/permissions.go b/checks/permissions.go
index 740ffbdb..3e3d0379 100644
--- a/checks/permissions.go
+++ b/checks/permissions.go
@@ -28,7 +28,7 @@ import (
 // CheckTokenPermissions is the exported name for Token-Permissions check.
 const (
 	CheckTokenPermissions = "Token-Permissions"
-	runLevelPermission    = "run level"
+	jobLevelPermission    = "job level"
 	topLevelPermission    = "top level"
 )
 
@@ -61,7 +61,7 @@ func init() {
 // will hold true if declared non-write, false otherwise.
 type permissions struct {
 	topLevelWritePermissions map[permission]bool
-	runLevelWritePermissions map[permission]bool
+	jobLevelWritePermissions map[permission]bool
 }
 
 type permissionCbData struct {
@@ -141,11 +141,11 @@ func getWritePermissionsMap(p *permissionCbData, path, permLevel string) map[per
 	if _, exists := p.workflows[path]; !exists {
 		p.workflows[path] = permissions{
 			topLevelWritePermissions: make(map[permission]bool),
-			runLevelWritePermissions: make(map[permission]bool),
+			jobLevelWritePermissions: make(map[permission]bool),
 		}
 	}
-	if permLevel == runLevelPermission {
-		return p.workflows[path].runLevelWritePermissions
+	if permLevel == jobLevelPermission {
+		return p.workflows[path].jobLevelWritePermissions
 	}
 	return p.workflows[path].topLevelWritePermissions
 }
@@ -217,7 +217,7 @@ func validateTopLevelPermissions(workflow *actionlint.Workflow, path string,
 		pdata, map[permission]bool{})
 }
 
-func validateRunLevelPermissions(workflow *actionlint.Workflow, path string,
+func validatejobLevelPermissions(workflow *actionlint.Workflow, path string,
 	dl checker.DetailLogger, pdata *permissionCbData,
 	ignoredPermissions map[permission]bool) error {
 	for _, job := range workflow.Jobs {
@@ -229,12 +229,12 @@ func validateRunLevelPermissions(workflow *actionlint.Workflow, path string,
 				Path:   path,
 				Type:   checker.FileTypeSource,
 				Offset: fileparser.GetLineNumber(job.Pos),
-				Text:   fmt.Sprintf("no %s permission defined", runLevelPermission),
+				Text:   fmt.Sprintf("no %s permission defined", jobLevelPermission),
 			})
-			recordAllPermissionsWrite(pdata, runLevelPermission, path)
+			recordAllPermissionsWrite(pdata, jobLevelPermission, path)
 			continue
 		}
-		err := validatePermissions(job.Permissions, runLevelPermission,
+		err := validatePermissions(job.Permissions, jobLevelPermission,
 			path, dl, pdata, ignoredPermissions)
 		if err != nil {
 			return err
@@ -264,7 +264,7 @@ func permissionIsPresentInTopLevel(perms permissions, name permission) bool {
 }
 
 func permissionIsPresentInRunLevel(perms permissions, name permission) bool {
-	_, ok := perms.runLevelWritePermissions[name]
+	_, ok := perms.jobLevelWritePermissions[name]
 	return ok
 }
 
@@ -405,7 +405,7 @@ func validateGitHubActionTokenPermissions(path string, content []byte,
 	// 2. Run-level permission definitions,
 	// see https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idpermissions.
 	ignoredPermissions := createIgnoredPermissions(workflow, path, dl)
-	if err := validateRunLevelPermissions(workflow, path, dl, pdata, ignoredPermissions); err != nil {
+	if err := validatejobLevelPermissions(workflow, path, dl, pdata, ignoredPermissions); err != nil {
 		return false, err
 	}