1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2025-01-07 04:49:17 +00:00
ctrl/doc/concept/auth/auth_parser.go

119 lines
3.3 KiB
Go
Raw Normal View History

2022-05-06 05:47:12 +00:00
package main
import (
"strings"
)
type authParser struct {
currentHost node
authSchema *authSchema
//ACLsToConvert map[node]map[node]map[command]struct{}
}
// newAuthParser returns a new authParser, with the current host node set.
func newAuthParser(n node, authSchema *authSchema) *authParser {
a := authParser{
currentHost: n,
authSchema: authSchema,
//ACLsToConvert: make(map[node]map[node]map[command]struct{}),
}
return &a
}
type parseFn func() parseFn
// parse will parse one host or one host group.
func (a *authParser) parse() {
fn := a.hostGroupOrSingle()
for {
fn = fn()
if fn == nil {
break
}
}
}
// hostGroupOrSingle checks if host grp or single node.
func (a *authParser) hostGroupOrSingle() parseFn {
switch {
case strings.HasPrefix(string(a.currentHost), "grp_nodes_"):
// Is group
return a.hostIsGroup
default:
// Is single node
return a.hostIsNotGroup
}
}
// hostIsGroup
func (a *authParser) hostIsGroup() parseFn {
2022-05-09 16:59:38 +00:00
// fmt.Printf("%v is a grp type\n", a.currentHost)
2022-05-06 05:47:12 +00:00
2022-05-10 04:40:27 +00:00
hosts := a.authSchema.nodeAsSlice(a.currentHost)
2022-05-06 05:47:12 +00:00
for source, cmdMap := range a.authSchema.schemaMain.ACLMap[a.currentHost] {
for cmd, emptyStruct := range cmdMap {
2022-05-10 04:40:27 +00:00
cmdSlice := a.authSchema.commandAsSlice(cmd)
2022-05-06 05:47:12 +00:00
// Expand eventual groups, so we use real fromNode nodenames in ACL for nodes.
2022-05-10 04:40:27 +00:00
sourceNodes := a.authSchema.nodeAsSlice(source)
2022-05-06 05:47:12 +00:00
for _, sourceNode := range sourceNodes {
for _, host := range hosts {
2022-05-09 05:00:52 +00:00
for _, cm := range cmdSlice {
if a.authSchema.schemaGenerated.ACLsToConvert[host] == nil {
a.authSchema.schemaGenerated.ACLsToConvert[host] = make(map[node]map[command]struct{})
}
if a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode] == nil {
a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode] = make(map[command]struct{})
}
a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode][cm] = emptyStruct
}
2022-05-06 05:47:12 +00:00
}
}
}
}
2022-05-09 16:59:38 +00:00
// fmt.Printf(" * ACLsToConvert=%+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
2022-05-06 05:47:12 +00:00
// Done with host. Return nil will make the main loop take the next host in the main for loop.
return nil
}
// hostIsNotGroup
func (a *authParser) hostIsNotGroup() parseFn {
2022-05-09 16:59:38 +00:00
// fmt.Printf("%v is a single node type\n", a.currentHost)
2022-05-06 05:47:12 +00:00
host := a.currentHost
for source, cmdMap := range a.authSchema.schemaMain.ACLMap[a.currentHost] {
for cmd, emptyStruct := range cmdMap {
2022-05-10 04:40:27 +00:00
cmdSlice := a.authSchema.commandAsSlice(cmd)
2022-05-06 05:47:12 +00:00
// Expand eventual groups, so we use real fromNode nodenames in ACL for nodes.
2022-05-10 04:40:27 +00:00
sourceNodes := a.authSchema.nodeAsSlice(source)
2022-05-06 05:47:12 +00:00
for _, sourceNode := range sourceNodes {
for _, cm := range cmdSlice {
if a.authSchema.schemaGenerated.ACLsToConvert[host] == nil {
a.authSchema.schemaGenerated.ACLsToConvert[host] = make(map[node]map[command]struct{})
}
if a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode] == nil {
a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode] = make(map[command]struct{})
}
2022-05-06 05:47:12 +00:00
a.authSchema.schemaGenerated.ACLsToConvert[host][sourceNode][cm] = emptyStruct
}
2022-05-06 05:47:12 +00:00
}
}
}
2022-05-09 16:59:38 +00:00
// fmt.Printf(" * ACLsToConvert contains: %+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
2022-05-06 05:47:12 +00:00
// Done with host. Return nil will make the main loop take the next host in the main for loop.
return nil
}