Initial import
This commit is contained in:
53
proxy/policy/policy.go
Normal file
53
proxy/policy/policy.go
Normal file
@@ -0,0 +1,53 @@
|
||||
package policy
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"git.maze.io/maze/styx/proxy/match"
|
||||
)
|
||||
|
||||
// Policy contains rules that make up the policy.
|
||||
//
|
||||
// Some policy rules contain nested policies.
|
||||
type Policy struct {
|
||||
Rules []*rawRule `hcl:"on,block" json:"rules"`
|
||||
Permit *bool `hcl:"permit" json:"permit"`
|
||||
Matchers match.Matchers `json:"matchers"` // Matchers for the policy
|
||||
|
||||
}
|
||||
|
||||
func (p *Policy) Configure(matchers match.Matchers) (err error) {
|
||||
for _, r := range p.Rules {
|
||||
if err = r.Configure(matchers); err != nil {
|
||||
return
|
||||
}
|
||||
}
|
||||
p.Matchers = matchers
|
||||
return
|
||||
}
|
||||
|
||||
func (p *Policy) PermitIntercept(r *http.Request) *bool {
|
||||
if p != nil {
|
||||
for _, rule := range p.Rules {
|
||||
if rule, ok := rule.Rule.(InterceptRule); ok {
|
||||
if permit := rule.PermitIntercept(r); permit != nil {
|
||||
return permit
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return p.Permit
|
||||
}
|
||||
|
||||
func (p *Policy) PermitRequest(r *http.Request) *bool {
|
||||
if p != nil {
|
||||
for _, rule := range p.Rules {
|
||||
if rule, ok := rule.Rule.(RequestRule); ok {
|
||||
if permit := rule.PermitRequest(r); permit != nil {
|
||||
return permit
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return p.Permit
|
||||
}
|
||||
Reference in New Issue
Block a user