mirror of
https://github.com/postmannen/ctrl.git
synced 2025-03-31 01:24:31 +00:00
added hash creation
This commit is contained in:
postmannen
parent
02c5846c2f
commit
10d79b6c40
3 changed files with 49 additions and 13 deletions
doc/concept/auth
|
|
@ -1,7 +1,6 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
|
|
@ -49,7 +48,7 @@ func (a *authParser) hostGroupOrSingle() parseFn {
|
|||
|
||||
// hostIsGroup
|
||||
func (a *authParser) hostIsGroup() parseFn {
|
||||
fmt.Printf("%v is a grp type\n", a.currentHost)
|
||||
// fmt.Printf("%v is a grp type\n", a.currentHost)
|
||||
|
||||
hosts := a.authSchema.convToActualNodeSlice(a.currentHost)
|
||||
|
||||
|
|
@ -78,14 +77,14 @@ func (a *authParser) hostIsGroup() parseFn {
|
|||
}
|
||||
}
|
||||
|
||||
fmt.Printf(" * ACLsToConvert=%+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
||||
// fmt.Printf(" * ACLsToConvert=%+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
||||
// Done with host. Return nil will make the main loop take the next host in the main for loop.
|
||||
return nil
|
||||
}
|
||||
|
||||
// hostIsNotGroup
|
||||
func (a *authParser) hostIsNotGroup() parseFn {
|
||||
fmt.Printf("%v is a single node type\n", a.currentHost)
|
||||
// fmt.Printf("%v is a single node type\n", a.currentHost)
|
||||
|
||||
host := a.currentHost
|
||||
|
||||
|
|
@ -112,7 +111,7 @@ func (a *authParser) hostIsNotGroup() parseFn {
|
|||
}
|
||||
}
|
||||
|
||||
fmt.Printf(" * ACLsToConvert contains: %+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
||||
// fmt.Printf(" * ACLsToConvert contains: %+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
||||
|
||||
// Done with host. Return nil will make the main loop take the next host in the main for loop.
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
|
|
@ -265,10 +266,25 @@ func (a *authSchema) generateJSONForAllNodes() error {
|
|||
os.Exit(1)
|
||||
}
|
||||
|
||||
hash := func() [32]byte {
|
||||
sns := a.nodeMapToSlice(n)
|
||||
|
||||
js, err := json.Marshal(sns)
|
||||
if err != nil {
|
||||
err := fmt.Errorf("error: authSchema, json for hash: %v", err)
|
||||
log.Printf("%v\n", err)
|
||||
return [32]byte{}
|
||||
}
|
||||
|
||||
hash := sha256.Sum256(js)
|
||||
return hash
|
||||
}()
|
||||
|
||||
nd := NodeDataWithHash{
|
||||
Data: b,
|
||||
// TODO: Also add the hash here.
|
||||
// Hash: [32]byte,
|
||||
Hash: hash,
|
||||
}
|
||||
|
||||
a.schemaGenerated.NodeMap[n] = nd
|
||||
|
|
@ -294,26 +310,26 @@ type sourceCommands struct {
|
|||
// defined for each fromNode are sorted.
|
||||
// This function is used when creating the hash of the nodeMap since we can not
|
||||
// guarantee the order of a hash map, but we can with a slice.
|
||||
func (a *authSchema) nodeMapToSlice(n node) sourceNodes {
|
||||
func (a *authSchema) nodeMapToSlice(host node) sourceNodes {
|
||||
srcNodes := sourceNodes{
|
||||
Node: n,
|
||||
Node: host,
|
||||
}
|
||||
|
||||
for sn, commandMap := range a.schemaMain.ACLMap[n] {
|
||||
fnc := sourceCommands{
|
||||
for sn, commandMap := range a.schemaGenerated.ACLsToConvert[host] {
|
||||
srcC := sourceCommands{
|
||||
Source: sn,
|
||||
}
|
||||
|
||||
for cmd := range commandMap {
|
||||
fnc.Commands = append(fnc.Commands, cmd)
|
||||
srcC.Commands = append(srcC.Commands, cmd)
|
||||
}
|
||||
|
||||
// sort.Strings(fnc.Commands)
|
||||
sort.SliceStable(fnc.Commands, func(i, j int) bool {
|
||||
return fnc.Commands[i] < fnc.Commands[j]
|
||||
sort.SliceStable(srcC.Commands, func(i, j int) bool {
|
||||
return srcC.Commands[i] < srcC.Commands[j]
|
||||
})
|
||||
|
||||
srcNodes.SourceCommands = append(srcNodes.SourceCommands, fnc)
|
||||
srcNodes.SourceCommands = append(srcNodes.SourceCommands, srcC)
|
||||
}
|
||||
|
||||
sort.SliceStable(srcNodes.SourceCommands, func(i, j int) bool {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
|
|
@ -227,3 +228,23 @@ func TestSchemaMainACLMap(t *testing.T) {
|
|||
}
|
||||
// --- TESTS ---
|
||||
}
|
||||
|
||||
func TestHash(t *testing.T) {
|
||||
if !*logging {
|
||||
log.SetOutput(io.Discard)
|
||||
}
|
||||
|
||||
c := newCentralAuth()
|
||||
|
||||
c.authorization.authSchema.aclAdd("ship101", "admin", "HORSE")
|
||||
|
||||
c.authorization.authSchema.groupNodesAddNode("grp_nodes_ships", "ship101")
|
||||
c.authorization.authSchema.aclAdd("grp_nodes_ships", "admin", "HEN")
|
||||
|
||||
hash := [32]uint8{0xe6, 0xe9, 0xf3, 0x25, 0x36, 0x48, 0x53, 0x4, 0xb4, 0x9a, 0xfd, 0x7f, 0x53, 0x85, 0x4c, 0x95, 0x62, 0xa9, 0x49, 0x23, 0x25, 0x1c, 0xee, 0xc5, 0x3b, 0xf5, 0xd5, 0x3, 0xf7, 0x9e, 0xb7, 0x3c}
|
||||
value := c.authorization.authSchema.schemaGenerated.NodeMap["ship101"].Hash
|
||||
|
||||
if bytes.Equal(hash[:], value[:]) == false {
|
||||
t.Fatalf(" \U0001F631 [FAILED]: hash mismatch")
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue