mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-05-17 17:50:14 +00:00
Stavros
67 lines
1.6 KiB
Go
67 lines
1.6 KiB
Go
package service
|
|
|
|
import (
|
|
"strings"
|
|
|
|
"github.com/tinyauthapp/tinyauth/internal/model"
|
|
"github.com/tinyauthapp/tinyauth/internal/utils/logger"
|
|
)
|
|
|
|
type LabelProvider interface {
|
|
GetLabels(appDomain string) (*model.App, error)
|
|
}
|
|
|
|
type AccessControlsService struct {
|
|
log *logger.Logger
|
|
config model.Config
|
|
labelProvider *LabelProvider
|
|
}
|
|
|
|
func NewAccessControlsService(
|
|
log *logger.Logger,
|
|
config model.Config,
|
|
labelProvider *LabelProvider) *AccessControlsService {
|
|
|
|
return &AccessControlsService{
|
|
log: log,
|
|
config: config,
|
|
labelProvider: labelProvider,
|
|
}
|
|
}
|
|
|
|
func (service *AccessControlsService) lookupStaticACLs(domain string) *model.App {
|
|
var appAcls *model.App
|
|
for app, config := range service.config.Apps {
|
|
if config.Config.Domain == domain {
|
|
service.log.App.Debug().Str("name", app).Msg("Found matching container by domain")
|
|
appAcls = &config
|
|
break // If we find a match by domain, we can stop searching
|
|
}
|
|
|
|
if strings.SplitN(domain, ".", 2)[0] == app {
|
|
service.log.App.Debug().Str("name", app).Msg("Found matching container by app name")
|
|
appAcls = &config
|
|
break // If we find a match by app name, we can stop searching
|
|
}
|
|
}
|
|
return appAcls
|
|
}
|
|
|
|
func (service *AccessControlsService) GetAccessControls(domain string) (*model.App, error) {
|
|
// First check in the static config
|
|
app := service.lookupStaticACLs(domain)
|
|
|
|
if app != nil {
|
|
service.log.App.Debug().Msg("Using static ACLs for app")
|
|
return app, nil
|
|
}
|
|
|
|
// If we have a label provider configured, try to get ACLs from it
|
|
if service.labelProvider != nil {
|
|
return (*service.labelProvider).GetLabels(domain)
|
|
}
|
|
|
|
// no labels
|
|
return nil, nil
|
|
}
|