mirror of
https://github.com/postmannen/ctrl.git
synced 2025-01-05 20:09:16 +00:00
69995f76ca
updated references removed tui client removed ringbuffer persist store removed ringbuffer enabled audit logging moved audit logging to message readers disabled goreleaser update readme, cbor, zstd removed request type ping and pong update readme testing with cmd.WaitDelay for clicommand fixed readme removed ringbuffer flag default serialization set to cbor, default compression set to zstd, fixed race, removed event type ack and nack, also removed from subject. Fixed file stat error for copy log file removed remaining elements of the event type removed comments renamed toRingbufferCh to samToSendCh renamed directSAMSCh ro samSendLocalCh removed handler interface agpl3 license added license-change.md
118 lines
3.3 KiB
Go
118 lines
3.3 KiB
Go
package ctrl
|
|
|
|
import (
|
|
"strings"
|
|
)
|
|
|
|
type authParser struct {
|
|
currentHost Node
|
|
accessLists *accessLists
|
|
//ACLsToConvert map[node]map[node]map[command]struct{}
|
|
}
|
|
|
|
// newAuthParser returns a new authParser, with the current host node set.
|
|
func newAuthParser(n Node, accessLists *accessLists) *authParser {
|
|
a := authParser{
|
|
currentHost: n,
|
|
accessLists: accessLists,
|
|
//ACLsToConvert: make(map[node]map[node]map[command]struct{}),
|
|
}
|
|
return &a
|
|
}
|
|
|
|
type parseFn func() parseFn
|
|
|
|
// parse will parse one host or one host group.
|
|
func (a *authParser) parse() {
|
|
fn := a.hostGroupOrSingle()
|
|
for {
|
|
fn = fn()
|
|
if fn == nil {
|
|
break
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
// hostGroupOrSingle checks if host grp or single node.
|
|
func (a *authParser) hostGroupOrSingle() parseFn {
|
|
switch {
|
|
case strings.HasPrefix(string(a.currentHost), "grp_nodes_") || a.currentHost == "*":
|
|
// Is group
|
|
return a.hostIsGroup
|
|
default:
|
|
// Is single node
|
|
return a.hostIsNotGroup
|
|
}
|
|
}
|
|
|
|
// hostIsGroup
|
|
func (a *authParser) hostIsGroup() parseFn {
|
|
// fmt.Printf("%v is a grp type\n", a.currentHost)
|
|
|
|
hosts := a.accessLists.nodeAsSlice(a.currentHost)
|
|
|
|
for source, cmdMap := range a.accessLists.schemaMain.ACLMap[a.currentHost] {
|
|
|
|
for cmd, emptyStruct := range cmdMap {
|
|
cmdSlice := a.accessLists.commandAsSlice(cmd)
|
|
|
|
// Expand eventual groups, so we use real fromNode nodenames in ACL for nodes.
|
|
sourceNodes := a.accessLists.nodeAsSlice(source)
|
|
for _, sourceNode := range sourceNodes {
|
|
for _, host := range hosts {
|
|
|
|
for _, cm := range cmdSlice {
|
|
if a.accessLists.schemaGenerated.ACLsToConvert[host] == nil {
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host] = make(map[Node]map[command]struct{})
|
|
}
|
|
if a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode] == nil {
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode] = make(map[command]struct{})
|
|
}
|
|
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode][cm] = emptyStruct
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// fmt.Printf(" * ACLsToConvert=%+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
|
// Done with host. Return nil will make the main loop take the next host in the main for loop.
|
|
return nil
|
|
}
|
|
|
|
// hostIsNotGroup
|
|
func (a *authParser) hostIsNotGroup() parseFn {
|
|
// fmt.Printf("%v is a single node type\n", a.currentHost)
|
|
|
|
host := a.currentHost
|
|
|
|
for source, cmdMap := range a.accessLists.schemaMain.ACLMap[a.currentHost] {
|
|
|
|
for cmd, emptyStruct := range cmdMap {
|
|
cmdSlice := a.accessLists.commandAsSlice(cmd)
|
|
|
|
// Expand eventual groups, so we use real fromNode nodenames in ACL for nodes.
|
|
sourceNodes := a.accessLists.nodeAsSlice(source)
|
|
for _, sourceNode := range sourceNodes {
|
|
|
|
for _, cm := range cmdSlice {
|
|
if a.accessLists.schemaGenerated.ACLsToConvert[host] == nil {
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host] = make(map[Node]map[command]struct{})
|
|
}
|
|
if a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode] == nil {
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode] = make(map[command]struct{})
|
|
}
|
|
|
|
a.accessLists.schemaGenerated.ACLsToConvert[host][sourceNode][cm] = emptyStruct
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// fmt.Printf(" * ACLsToConvert contains: %+v\n", a.authSchema.schemaGenerated.ACLsToConvert)
|
|
|
|
// Done with host. Return nil will make the main loop take the next host in the main for loop.
|
|
return nil
|
|
}
|