This repository has been archived by the owner on Oct 17, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathins.go
391 lines (327 loc) · 10.1 KB
/
ins.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
package aci
/*
aci.go contains the top-level access control instructor methods and types.
*/
/*
Version defines the official ACI syntax version number implemented and honored by this package.
*/
const Version float32 = 3.0
/*
Instruction conforms to the ACI syntax specification associated with the [Version] constant value of this package.
Instances of this type, when represented in their string form, are intended for submission to an X.500/LDAP DSA for assignment (via the 'aci' LDAP Attribute Type) to the relevant directory entry.
*/
type Instruction struct {
*instruction
}
/*
ACIs initializes, optionally sets and returns a new instance of [Instructions] configured to store valid [Instruction] instances.
Slice values are delimited using the newline rune (ASCII #10).
*/
func ACIs(x ...any) (i Instructions) {
_i := stackList().
NoNesting(true).
SetID(`instructions`).
SetDelimiter(rune(10)).
NoPadding(true).
SetCategory(`instructions`)
// cast _i as a proper Instructions instance
// (i). We do it this way to gain access to
// the method for the *specific instance*
// being created (o), thus allowing things
// like uniqueness checks, etc., to occur
// during push attempts, providing more
// helpful and non-generalized feedback.
i = Instructions(_i)
_i.SetPushPolicy(i.pushPolicy)
// Assuming one (1) or more items were
// submitted during the call, (try to)
// push them into our initialized stack.
// Note that any failed push(es) will
// have no impact on the validity of
// the return instance.
i.Push(x...)
return
}
/*
instruction is the embedded (pointer!) type found within initialized
instances of the Instruction type. The fields are as follows:
• N contains the string name (or "ACL") of a particular Instruction; note
that this field cannot be reset for security reasons
• T contains one (1) TargetRules instance, which is a [stackage.Stack] type
alias containing a sequence of zero (0) or more [TargetRule] instances
• PB contains one (1) PermissionBindRules instance, which is a [stackage.Stack] alias
type containing a sequence of one (1) or more [PermissionBindRule] instances
*/
type instruction struct {
ACL string
TRs TargetRules
PBRs PermissionBindRules
}
/*
canned invalidity tag constants for when ACI-related things go awry ...
*/
const (
// badACI is supplied during Instruction string representation
badACI = `<invalid_aci>`
)
func (r Instructions) pushPolicy(x ...any) (err error) {
if r.contains(x[0]) {
err = pushErrorNotUnique(r, x[0], nil)
return
}
err = pushErrorBadType(Instructions{}, x[0], nil)
switch tv := x[0].(type) {
case Instruction:
err = tv.Valid()
}
return
}
/*
Len wraps the [stackage.Stack.Len] method.
*/
func (r Instructions) Len() int {
return r.cast().Len()
}
/*
Contains returns a Boolean value indicative of whether value x, if a string or [Instruction] instance, already resides within the receiver instance.
Case is not significant in the matching process.
*/
func (r Instructions) Contains(x any) bool {
return r.contains(x)
}
/*
contains is a private method called by Instructions.Contains.
*/
func (r Instructions) contains(x any) bool {
if r.Len() == 0 {
return false
}
var candidate string
switch tv := x.(type) {
case string:
candidate = tv
case Instruction:
candidate = tv.String()
}
candidate = condenseWHSP(candidate)
for i := 0; i < r.Len(); i++ {
// case is not significant here.
if eq(r.Index(i).String(), candidate) {
return true
}
}
return false
}
/*
IsZero wraps the [stackage.Stack.IsZero] method.
*/
func (r Instructions) IsZero() bool {
return r.cast().IsZero()
}
/*
String is a stringer method that returns the string representation of the receiver instance.
This method wraps the [stackage.Stack.String] method.
*/
func (r Instructions) String() string {
return r.cast().String()
}
/*
String is a stringer method that returns the string representation of the receiver instance.
*/
func (r Instruction) String() string {
if err := r.Valid(); err != nil {
return badACI
}
return sprintf("%s(%s; acl \"%s\"; %s)",
r.instruction.TRs,
version(), // sprints Version const.
r.instruction.ACL,
r.instruction.PBRs)
}
/*
Push wraps the [stackage.Stack.Push] method. Only [Instruction] instances are permitted for push.
In the case of a string value, it is automatically cast as an instance of [BindDistinguishedName] using the appropriate [BindKeyword], so long as the raw string is of a non-zero length.
*/
func (r Instructions) Push(x ...any) Instructions {
_r := r.cast()
// iterate variadic input arguments
for i := 0; i < len(x); i++ {
switch tv := x[i].(type) {
case string:
var ins Instruction
if err := ins.Parse(tv); err == nil {
_r.Push(ins)
}
default:
_r.Push(tv)
}
}
return r
}
/*
Pop wraps the [stackage.Stack.Pop] method.
*/
func (r Instructions) Pop() (x Instruction) {
y, _ := r.cast().Pop()
if assert, asserted := y.(Instruction); asserted {
x = assert
}
return
}
/*
F returns the appropriate instance creator function for crafting individual [Instruction] instances for submission to the receiver. This is merely a convenient alternative to maintaining knowledge as to which function applies to the current receiver instance.
As there is only one possibility for instances of this design, the package-level [ACI] function is returned.
*/
func (r Instructions) F() func(...any) Instruction {
return ACI
}
/*
Valid wraps the [stackage.Stack.Valid] method.
*/
func (r Instructions) Valid() (err error) {
err = r.cast().Valid()
return
}
/*
Index wraps the [stackage.Stack.Index] method. Note that the Boolean OK value returned by [stackage] by default will be shadowed and not obtainable by the caller.
*/
func (r Instructions) Index(idx int) (x Instruction) {
y, _ := r.cast().Index(idx)
if assert, ok := y.(Instruction); ok {
x = assert
}
return
}
/*
T returns the [TargetRules] instance found within the underlying receiver instance. Note that a bogus [TargetRules] instance is returned if the receiver is nil, or unset.
*/
func (r Instruction) TRs() (trs TargetRules) {
if !r.IsZero() {
trs = r.instruction.TRs
}
return
}
/*
PBRs returns the [PermissionBindRules] instance found within the underlying receiver instance. Note that a bogus [PermissionBindRules] instance is returned if the receiver is nil, or unset.
*/
func (r Instruction) PBRs() (pbrs PermissionBindRules) {
if !r.IsZero() {
pbrs = r.instruction.PBRs
}
return
}
/*
ACL returns the access control label of the receiver, else a zero string if unset.
*/
func (r Instruction) ACL() (acl string) {
if !r.IsZero() {
acl = r.instruction.ACL
}
return
}
/*
Valid returns an instance of error that reflects any perceived errors or deficiencies within the receiver instance.
*/
func (r Instruction) Valid() (err error) {
if r.IsZero() {
err = nilInstanceErr(r)
}
return
}
/*
IsZero returns a Boolean value indicative of whether the receiver is nil, or unset.
*/
func (r Instruction) IsZero() bool {
return r.instruction.isZero()
}
func (r *instruction) isZero() bool {
return r == nil
}
/*
ACI initializes, (optionally) sets and returns a new instance of the [Instruction] type.
Input values must conform to the following specifications per the intended field within the return instance:
- A non-zero string value shall be used for the effective Name, or "ACL"
- One (1) [PermissionBindRules] instance
- One (1) [TargetRules] instance
Please note the following constraints for the name of the receiver:
- Value cannot be reset (i.e.: renamed)
- Value should not contain the "version <float>" statement, as that is imposed automatically during string representation procedures
*/
func ACI(x ...any) Instruction {
return Instruction{newACI(x...)}
}
/*
newACI is a private function invoked by the package level ACI function for the purpose of allocating memory for a new *instruction instance, to be embedded within an instance of Instruction.
If any arguments are provided, they shall (possibly) be set within the return instance.
*/
func newACI(x ...any) (a *instruction) {
a = new(instruction)
a.TRs = TRs()
a.PBRs = PBRs()
if len(x) > 0 {
a.set(x...)
}
return
}
/*
Set assigns one (1) or more values to the receiver. The input value(s) must conform to the following conditions:
- If the value is a string, it shall become the immutable name (or "ACL") of a given [Instruction] instance; this value cannot be changed once set
- If the value is a [TargetRule] instance, it shall be appended to the receiver's [TargetRules] instance
- If the value is a [TargetRules] instance, it shall have all stack slice members appended to the receiver's [TargetRules] instance
- If the value is a [PermissionBindRule], and if it is valid (i.e.: contains exactly one (1) valid [Permission] statement and exactly one (1) [BindRules] instance), it shall be appended to the receiver's [PermissionBindRules] stack
*/
func (r *Instruction) Set(x ...any) *Instruction {
if r.instruction == nil {
r.instruction = newACI()
}
r.instruction.set(x...)
return r
}
/*
set is a private method invoked by newACI and Instruction.Set to handle the addition of new ACI components through type assertion and validity checks where applicable.
*/
func (r *instruction) set(x ...any) {
for i := 0; i < len(x); i++ {
r.assertInstruction(x[i])
}
}
func (r *instruction) assertInstruction(x any) {
switch tv := x.(type) {
case string:
r.setLabel(tv)
case TargetRules:
r.targetPush(tv)
case TargetRule:
r.TRs.Push(tv)
case PermissionBindRule:
r.PBRs.Push(tv)
case PermissionBindRules:
r.permissionBindRulesPush(tv)
}
}
func (r *instruction) setLabel(x string) {
// Only set if non-zero and if field IS zero
// (i.e.: don't allow renaming).
if len(x) > 0 && len(r.ACL) == 0 {
r.ACL = x
}
}
func (r *instruction) targetPush(x TargetRules) {
for i := 0; i < x.Len(); i++ {
tgt := x.Index(i)
if K := matchTKW(tgt.Keyword().String()); K != TargetKeyword(0x0) {
r.TRs.Push(tgt)
}
}
}
func (r *instruction) permissionBindRulesPush(x PermissionBindRules) {
for i := 0; i < x.Len(); i++ {
r.PBRs.Push(x.Index(i))
}
}
/*
version returns the string version label for the ACI syntax.
*/
func version() string {
return sprintf("version %.1f", Version)
}