89 lines
2.2 KiB
Go
89 lines
2.2 KiB
Go
package services
|
|
|
|
import (
|
|
"fmt"
|
|
"reflect"
|
|
"regexp"
|
|
"strings"
|
|
)
|
|
|
|
func HasPermNode(perms map[string]any, requiredKey string, requiredValue any) bool {
|
|
if heldValue, ok := perms[requiredKey]; ok {
|
|
return ComparePermNode(heldValue, requiredValue)
|
|
}
|
|
return false
|
|
}
|
|
|
|
func HasPermNodeWithDefault(perms map[string]any, requiredKey string, requiredValue any, defaultValue any) bool {
|
|
if heldValue, ok := perms[requiredKey]; ok {
|
|
return ComparePermNode(heldValue, requiredValue)
|
|
}
|
|
return ComparePermNode(defaultValue, requiredValue)
|
|
}
|
|
|
|
func ComparePermNode(held any, required any) bool {
|
|
isNumeric := func(val reflect.Value) bool {
|
|
kind := val.Kind()
|
|
return kind >= reflect.Int && kind <= reflect.Uint64 || kind >= reflect.Float32 && kind <= reflect.Float64
|
|
}
|
|
|
|
toFloat64 := func(val reflect.Value) float64 {
|
|
switch val.Kind() {
|
|
case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
|
|
return float64(val.Int())
|
|
case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
|
|
return float64(val.Uint())
|
|
case reflect.Float32, reflect.Float64:
|
|
return val.Float()
|
|
default:
|
|
panic(fmt.Sprintf("non-numeric value of kind %s", val.Kind()))
|
|
}
|
|
}
|
|
|
|
heldValue := reflect.ValueOf(held)
|
|
requiredValue := reflect.ValueOf(required)
|
|
|
|
switch heldValue.Kind() {
|
|
case reflect.String:
|
|
if heldValue.String() == requiredValue.String() {
|
|
return true
|
|
}
|
|
case reflect.Slice, reflect.Array:
|
|
for i := 0; i < heldValue.Len(); i++ {
|
|
if reflect.DeepEqual(heldValue.Index(i).Interface(), required) {
|
|
return true
|
|
}
|
|
}
|
|
default:
|
|
if isNumeric(heldValue) && isNumeric(requiredValue) {
|
|
return toFloat64(heldValue) >= toFloat64(requiredValue)
|
|
}
|
|
|
|
if reflect.DeepEqual(held, required) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func FilterPermNodes(tree map[string]any, claims []string) map[string]any {
|
|
filteredTree := make(map[string]any)
|
|
|
|
match := func(claim, permission string) bool {
|
|
regex := strings.ReplaceAll(claim, "*", ".*")
|
|
match, _ := regexp.MatchString(fmt.Sprintf("^%s$", regex), permission)
|
|
return match
|
|
}
|
|
|
|
for _, claim := range claims {
|
|
for key, value := range tree {
|
|
if match(claim, key) {
|
|
filteredTree[key] = value
|
|
}
|
|
}
|
|
}
|
|
|
|
return filteredTree
|
|
}
|