feat: add support for comma list in label domain check

2025-10-28 04:35:40 +00:00 · 2025-07-09 17:49:13 +03:00
parent 64bdab5e5b
commit 9f02710114
5 changed files with 40 additions and 41 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -11,8 +11,7 @@ docker-compose.test*
 users.txt
 # secret test file
-secret.txt
+secret*
 secret_oauth.txt
 # vscode
 .vscode
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -233,8 +233,8 @@ func (auth *Auth) RecordLoginAttempt(identifier string, success bool) {
 	}
 }
-func (auth *Auth) EmailWhitelisted(emailSrc string) bool {
+func (auth *Auth) EmailWhitelisted(email string) bool {
-	return utils.CheckWhitelist(auth.Config.OauthWhitelist, emailSrc)
+	return utils.CheckFilter(auth.Config.OauthWhitelist, email, true)
 }
 func (auth *Auth) CreateSessionCookie(c *gin.Context, data *types.SessionCookie) error {
@@ -368,13 +368,13 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext, lab
 	// Check if oauth is allowed
 	if context.OAuth {
 		log.Debug().Msg("Checking OAuth whitelist")
-		return utils.CheckWhitelist(labels.OAuth.Whitelist, context.Email)
+		return utils.CheckFilter(labels.OAuth.Whitelist, context.Email, true)
 	}
 	// Check users
 	log.Debug().Msg("Checking users")
-	return utils.CheckWhitelist(labels.Users, context.Username)
+	return utils.CheckFilter(labels.Users, context.Username, true)
 }
 func (auth *Auth) OAuthGroup(c *gin.Context, context types.UserContext, labels types.Labels) bool {
@@ -394,7 +394,7 @@ func (auth *Auth) OAuthGroup(c *gin.Context, context types.UserContext, labels t
 	// For every group check if it is in the required groups
 	for _, group := range oauthGroups {
-		if utils.CheckWhitelist(labels.OAuth.Groups, group) {
+		if utils.CheckFilter(labels.OAuth.Groups, group, true) {
 			log.Debug().Str("group", group).Msg("Group is in required groups")
 			return true
 		}
--- a/internal/docker/docker.go
+++ b/internal/docker/docker.go
@@ -113,7 +113,7 @@ func (docker *Docker) GetLabels(id string, domain string) (types.Labels, error)
 		}
 		// Check if the labels match the id or the domain
-		if strings.TrimPrefix(inspect.Name, "/") == id || labels.Domain == domain {
+		if strings.TrimPrefix(inspect.Name, "/") == id || utils.CheckFilter(labels.Domain, domain, false) { // Disable regex for now
 			log.Debug().Str("id", inspect.ID).Msg("Found matching container")
 			return labels, nil
 		}
--- a/internal/utils/utils.go
+++ b/internal/utils/utils.go
@@ -292,17 +292,17 @@ func ParseSecretFile(contents string) string {
 	return ""
 }
-// Check if a string matches a regex or a whitelist
+// Check if a string matches a regex or if it is included in a comma separated list
-func CheckWhitelist(whitelist string, str string) bool {
+func CheckFilter(filter string, str string, regex bool) bool {
-	// Check if the whitelist is empty
+	// Check if the filter is empty
-	if len(strings.TrimSpace(whitelist)) == 0 {
+	if len(strings.TrimSpace(filter)) == 0 {
 		return true
 	}
-	// Check if the whitelist is a regex
+	// Check if the filter is a regex
-	if strings.HasPrefix(whitelist, "/") && strings.HasSuffix(whitelist, "/") {
+	if strings.HasPrefix(filter, "/") && strings.HasSuffix(filter, "/") && regex {
 		// Create regex
-		re, err := regexp.Compile(whitelist[1 : len(whitelist)-1])
+		re, err := regexp.Compile(filter[1 : len(filter)-1])
 		// Check if there was an error
 		if err != nil {
@@ -316,11 +316,11 @@ func CheckWhitelist(whitelist string, str string) bool {
 		}
 	}
-	// Split the whitelist by comma
+	// Split the filter by comma
-	whitelistSplit := strings.Split(whitelist, ",")
+	filterSplit := strings.Split(filter, ",")
-	// Loop through the whitelist
+	// Loop through the filter items
-	for _, item := range whitelistSplit {
+	for _, item := range filterSplit {
 		// Check if the item matches with the string
 		if strings.TrimSpace(item) == str {
 			return true
--- a/internal/utils/utils_test.go
+++ b/internal/utils/utils_test.go
@@ -377,77 +377,77 @@ func TestParseUser(t *testing.T) {
 	}
 }
-// Test the whitelist function
+// Test the check filter function
-func TestCheckWhitelist(t *testing.T) {
+func TestCheckFilter(t *testing.T) {
-	t.Log("Testing check whitelist with a comma whitelist")
+	t.Log("Testing check filter with a comma separated list")
 	// Create variables
-	whitelist := "user1,user2,user3"
+	filter := "user1,user2,user3"
 	str := "user1"
 	expected := true
-	// Test the check whitelist function
+	// Test the check filter function
-	result := utils.CheckWhitelist(whitelist, str)
+	result := utils.CheckFilter(filter, str, false)
 	// Check if the result is equal to the expected
 	if result != expected {
 		t.Fatalf("Expected %v, got %v", expected, result)
 	}
-	t.Log("Testing check whitelist with a regex whitelist")
+	t.Log("Testing check filter with a regex filter")
 	// Create variables
-	whitelist = "/^user[0-9]+$/"
+	filter = "/^user[0-9]+$/"
 	str = "user1"
 	expected = true
-	// Test the check whitelist function
+	// Test the check filter function
-	result = utils.CheckWhitelist(whitelist, str)
+	result = utils.CheckFilter(filter, str, true)
 	// Check if the result is equal to the expected
 	if result != expected {
 		t.Fatalf("Expected %v, got %v", expected, result)
 	}
-	t.Log("Testing check whitelist with an empty whitelist")
+	t.Log("Testing check filter with an empty filter")
 	// Create variables
-	whitelist = ""
+	filter = ""
 	str = "user1"
 	expected = true
-	// Test the check whitelist function
+	// Test the check filter function
-	result = utils.CheckWhitelist(whitelist, str)
+	result = utils.CheckFilter(filter, str, false)
 	// Check if the result is equal to the expected
 	if result != expected {
 		t.Fatalf("Expected %v, got %v", expected, result)
 	}
-	t.Log("Testing check whitelist with an invalid regex whitelist")
+	t.Log("Testing check filter with an invalid regex filter")
 	// Create variables
-	whitelist = "/^user[0-9+$/"
+	filter = "/^user[0-9+$/"
 	str = "user1"
 	expected = false
-	// Test the check whitelist function
+	// Test the check filter function
-	result = utils.CheckWhitelist(whitelist, str)
+	result = utils.CheckFilter(filter, str, true)
 	// Check if the result is equal to the expected
 	if result != expected {
 		t.Fatalf("Expected %v, got %v", expected, result)
 	}
-	t.Log("Testing check whitelist with a non matching whitelist")
+	t.Log("Testing check filter with a non matching list")
 	// Create variables
-	whitelist = "user1,user2,user3"
+	filter = "user1,user2,user3"
 	str = "user4"
 	expected = false
-	// Test the check whitelist function
+	// Test the check filter function
-	result = utils.CheckWhitelist(whitelist, str)
+	result = utils.CheckFilter(filter, str, false)
 	// Check if the result is equal to the expected
 	if result != expected {