[#78] iam: Don't check IP for private

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-27 09:53:33 +03:00 · 2024-05-27 09:53:33 +03:00 · 303a81cdc6
commit 303a81cdc6
parent d7ed188f68
2 changed files with 6 additions and 14 deletions
--- a/iam/converter.go
+++ b/iam/converter.go
@ -306,19 +306,11 @@ func numericConvertFunction(val string) (string, error) {
 }

 func ipConvertFunction(val string) (string, error) {
-	var ipAddr netip.Addr
-
-	if prefix, err := netip.ParsePrefix(val); err != nil {
-		if ipAddr, err = netip.ParseAddr(val); err != nil {
+	if _, err := netip.ParsePrefix(val); err != nil {
+		if _, err = netip.ParseAddr(val); err != nil {
 			return "", err
 		}
 		val += "/32"
-	} else {
-		ipAddr = prefix.Addr()
-	}
-
-	if ipAddr.IsPrivate() {
-		return "", fmt.Errorf("invalid ip value '%s': must be public", val)
 	}

 	return val, nil
--- a/iam/converter_test.go
+++ b/iam/converter_test.go
@ -632,14 +632,14 @@ func TestIPConditions(t *testing.T) {
 			{ip: "203.0.113.1", expected: "203.0.113.1/32"},
 			{ip: "203.0.113.1/", error: true},
 			{ip: "203.0.113.1/33", error: true},
-			{ip: "192.168.0.1/24", error: true},
-			{ip: "10.10.0.1/24", error: true},
-			{ip: "172.16.0.1/24", error: true},
+			{ip: "192.168.0.1/24", expected: "192.168.0.1/24"},
+			{ip: "10.10.0.1/24", expected: "10.10.0.1/24"},
+			{ip: "172.16.0.1/24", expected: "172.16.0.1/24"},
 			{ip: "2001:DB8:1234:5678::/64", expected: "2001:DB8:1234:5678::/64"},
 			{ip: "2001:DB8:1234:5678::", expected: "2001:DB8:1234:5678::/32"},
 			{ip: "2001:DB8:1234:5678::/", error: true},
 			{ip: "2001:DB8:1234:5678::/129", error: true},
-			{ip: "FC00::/64", error: true},
+			{ip: "FC00::/64", expected: "FC00::/64"},
 		} {
 			t.Run("", func(t *testing.T) {
 				actual, err := ipConvertFunction(tc.ip)