53 lines
1.3 KiB
Go
53 lines
1.3 KiB
Go
|
package permmatch
|
||
|
|
|
||
|
|
import (
|
||
|
|
"strings"
|
||
|
|
)
|
||
|
|
|
||
|
|
// MethodAllowed reports whether method is covered by a pipe-separated methods string.
|
||
|
|
func MethodAllowed(methods, method string) bool {
|
||
|
|
method = strings.ToUpper(strings.TrimSpace(method))
|
||
|
|
if method == "" {
|
||
|
|
return false
|
||
|
|
}
|
||
|
|
for _, item := range strings.Split(methods, "|") {
|
||
|
|
if strings.ToUpper(strings.TrimSpace(item)) == method {
|
||
|
|
return true
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return false
|
||
|
|
}
|
||
|
|
|
||
|
|
// PathAllowed reports whether requestPath matches pattern (exact or trailing * wildcard).
|
||
|
|
func PathAllowed(pattern, requestPath string) bool {
|
||
|
|
pattern = strings.TrimSpace(pattern)
|
||
|
|
requestPath = strings.TrimSpace(requestPath)
|
||
|
|
if pattern == "" || requestPath == "" {
|
||
|
|
return false
|
||
|
|
}
|
||
|
|
if pattern == requestPath {
|
||
|
|
return true
|
||
|
|
}
|
||
|
|
if strings.HasSuffix(pattern, "*") {
|
||
|
|
prefix := strings.TrimRight(strings.TrimSuffix(pattern, "*"), "/")
|
||
|
|
if requestPath == prefix {
|
||
|
|
return true
|
||
|
|
}
|
||
|
|
return strings.HasPrefix(requestPath, prefix+"/")
|
||
|
|
}
|
||
|
|
return false
|
||
|
|
}
|
||
|
|
|
||
|
|
// RequestAllowed checks member permission map against an HTTP request.
|
||
|
|
func RequestAllowed(permissions map[string]string, method, requestPath string) bool {
|
||
|
|
if len(permissions) == 0 {
|
||
|
|
return false
|
||
|
|
}
|
||
|
|
for pattern, methods := range permissions {
|
||
|
|
if PathAllowed(pattern, requestPath) && MethodAllowed(methods, method) {
|
||
|
|
return true
|
||
|
|
}
|
||
|
|
}
|
||
|
|
return false
|
||
|
|
}
|