From b7767e1e3df30e2e07181e825de2b51f09e18faf Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Tue, 9 Apr 2024 18:10:56 +0300 Subject: [PATCH] [#64] engine: Add user and group targets Signed-off-by: Evgenii Stratonikov --- pkg/engine/interface.go | 42 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/pkg/engine/interface.go b/pkg/engine/interface.go index 71c89e4..ab026b3 100644 --- a/pkg/engine/interface.go +++ b/pkg/engine/interface.go @@ -37,6 +37,8 @@ type TargetType rune const ( Namespace TargetType = 'n' Container TargetType = 'c' + User TargetType = 'u' + Group TargetType = 'g' ) type Target struct { @@ -48,6 +50,8 @@ type Target struct { type RequestTarget struct { Namespace *Target Container *Target + User *Target + Groups []Target } func NewRequestTargetWithNamespace(namespace string) RequestTarget { @@ -73,6 +77,24 @@ func NewRequestTarget(namespace, container string) RequestTarget { } } +func NewRequestTargetExtended(namespace, container, user string, groups []string) RequestTarget { + nt := NamespaceTarget(namespace) + ct := ContainerTarget(container) + u := UserTarget(user) + rt := RequestTarget{ + Namespace: &nt, + Container: &ct, + User: &u, + } + if len(groups) != 0 { + rt.Groups = make([]Target, len(groups)) + for i := range groups { + rt.Groups[i] = GroupTarget(groups[i]) + } + } + return rt +} + func (rt *RequestTarget) Targets() (targets []Target) { if rt.Namespace != nil { targets = append(targets, *rt.Namespace) @@ -80,6 +102,12 @@ func (rt *RequestTarget) Targets() (targets []Target) { if rt.Container != nil { targets = append(targets, *rt.Container) } + if rt.User != nil { + targets = append(targets, *rt.User) + } + if len(rt.Groups) != 0 { + targets = append(targets, rt.Groups...) + } return } @@ -97,6 +125,20 @@ func ContainerTarget(container string) Target { } } +func UserTarget(user string) Target { + return Target{ + Type: User, + Name: user, + } +} + +func GroupTarget(group string) Target { + return Target{ + Type: Group, + Name: group, + } +} + // MorphRuleChainStorageReader is the interface that provides read-only methods to receive // data like chains, target or admin from a chain storage. type MorphRuleChainStorageReader interface {