-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathmatch.go
119 lines (95 loc) · 2.57 KB
/
match.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package redtape
import (
"regexp"
"strings"
"github.com/blushft/redtape/strmatch"
)
// Matcher provides methods to facilitate matching policies to different request elements.
type Matcher interface {
MatchPolicy(p Policy, def []string, val string) (bool, error)
MatchRole(r *Role, val string) (bool, error)
}
type simpleMatcher struct{}
// NewMatcher returns the default Matcher implementation.
func NewMatcher() Matcher {
return &simpleMatcher{}
}
// MatchPolicy evaluates true when the provided val wildcard matches at least one element in def.
// If def is nil, a match is assumed against any value.
func (m *simpleMatcher) MatchPolicy(p Policy, def []string, val string) (bool, error) {
if def == nil {
return true, nil
}
for _, h := range def {
if strmatch.MatchWildcard(h, val) {
return true, nil
}
}
return false, nil
}
// MatchRole evaluates true when the provided val wildcard matches at least one role in Role#EffectiveRoles.
func (m *simpleMatcher) MatchRole(r *Role, val string) (bool, error) {
er, err := r.EffectiveRoles()
if err != nil {
return false, err
}
for _, rr := range er {
if strmatch.MatchWildcard(val, rr.ID) {
return true, nil
}
}
return false, nil
}
type regexMatcher struct {
startDelim string
stopDelim string
pat map[string]*regexp.Regexp
}
// NewRegexMatcher returns a Matcher using delimited regex for matching.
func NewRegexMatcher() Matcher {
return ®exMatcher{
startDelim: "<",
stopDelim: ">",
pat: make(map[string]*regexp.Regexp),
}
}
// MatchRole evaluates true when the provided val regex matches at least one role in Role#EffectiveRoles.
func (m *regexMatcher) MatchRole(r *Role, val string) (bool, error) {
ef, err := r.EffectiveRoles()
if err != nil {
return false, err
}
def := make([]string, 0, len(ef))
for _, rr := range ef {
def = append(def, rr.ID)
}
return m.match(def, val)
}
// MatchPolicy evaluates true when the provided val regex matches at least one element in def.
func (m *regexMatcher) MatchPolicy(p Policy, def []string, val string) (bool, error) {
return m.match(def, val)
}
func (m *regexMatcher) match(def []string, val string) (bool, error) {
for _, h := range def {
if strings.Count(h, m.startDelim) == 0 {
if strmatch.MatchWildcard(h, val) {
return true, nil
}
continue
}
var reg *regexp.Regexp
var err error
reg, ok := m.pat[h]
if !ok {
reg, err = strmatch.CompileDelimitedRegex(val, '<', '>')
if err != nil {
return false, err
}
m.pat[h] = reg
}
if reg.MatchString(val) {
return true, nil
}
}
return false, nil
}