refactor: remove code duplication

Yves G 2021-10-03 14:05:10 +02:00
parent 489350fe21
commit 969367dc9f
3 changed files with 58 additions and 83 deletions

View File

@ -1,4 +1,4 @@
local ngx = require("ngx")
local ngx = require("ngx")
local b64 = require("ssso_base64")
local util = require("ssso_util")
local conf = require("ssso_config")

View File

@ -1,7 +1,6 @@
local util = require("ssso_util")
local conf = require("ssso_config")
local nginx = require("ssso_nginx")
local sites = require("ssso_sites")
local root = ""

View File

@ -62,25 +62,36 @@ local function handle_request(req_data, auth)
end
end
local function format_pattern(pattern)
local a_type
local ok = {
r = pattern.lua_regex or {},
a = {},
}
for _, action in ipairs(pattern.actions or {}) do
if action.type == "header" then
a_type = "H"
elseif action.type == "cookie" then
a_type = "C"
else
a_type = nil
end
if a_type then
table.insert(ok.a, {a_type, action.name, action.value})
local function parse_known_sites(user, denied_handler, allowed_handler)
local f, site, go_on
for _, known in ipairs(known_sites) do
f = io.open(known, "r")
if f then
site = json.decode(f:read("*all"))
f:close()
for _, pat in ipairs(site.patterns) do
go_on = true
for _, denied in ipairs(pat.deny or {}) do
if denied == user then
go_on = false
denied_handler(pat)
end
end
if go_on then
if pat.public then
allowed_handler(pat)
else
for _, allowed in ipairs(pat.allow or {}) do
if allowed == "*" or allowed == user then
allowed_handler(pat)
break
end
end
end
end
end
end
end
return ok
end
local class__profile = {}
@ -102,43 +113,35 @@ function class__profile:build_from_lists(user, password, name, email, ok_list, k
end
function class__profile:build_from_conf(user, password, name, email)
local f, site, go_on
local ok_list = {}
local ko_list = {}
local delegate_identity = id.class__identity:build(user, password, name, email)
for _, known in ipairs(known_sites) do
f = io.open(known, "r")
if f then
site = json.decode(f:read("*all"))
f:close()
for _, pat in ipairs(site.patterns) do
go_on = true
for _, denied in ipairs(pat.deny or {}) do
if denied == user then
go_on = false
for _, re in ipairs(pat.lua_regex) do
table.insert(ko_list, re)
end
break
end
parse_known_sites(user,
function (ko_pat)
for _, re in ipairs(ko_pat.lua_regex) do
table.insert(ko_list, re)
end
end,
function (ok_pat)
local a_type
local ok = {
r = ok_pat.lua_regex or {},
a = {},
}
for _, action in ipairs(ok_pat.actions or {}) do
if action.type == "header" then
a_type = "H"
elseif action.type == "cookie" then
a_type = "C"
else
a_type = nil
end
if go_on then
if pat.public then
local ok = format_pattern(pat)
table.insert(ok_list, ok)
else
for _, allowed in ipairs(pat.allow or {}) do
if allowed == "*" or allowed == user then
local ok = format_pattern(pat)
table.insert(ok_list, ok)
break
end
end
end
if a_type then
table.insert(ok.a, {a_type, action.name, action.value})
end
end
end
end
table.insert(ok_list, ok)
end)
return self:build(delegate_identity, ok_list, ko_list)
end
@ -201,40 +204,13 @@ end
function class__profile:authorized_links()
local links = {}
local f, site, go_on
local user = self:user()
for _, name in ipairs(known_sites) do
f = io.open(name, "r")
if f then
site = json.decode(f:read("*all"))
f:close()
for _, pat in ipairs(site.patterns) do
go_on = true
for _, denied in ipairs(pat.deny or {}) do
if denied == user then
go_on = false
break
end
end
if go_on then
if pat.public then
for link, label in pairs(pat.portal or {}) do
table.insert(links, {link = link, label = label})
end
else
for _, allowed in ipairs(pat.allow or {}) do
if allowed == "*" or allowed == user then
for link, label in pairs(pat.portal or {}) do
table.insert(links, {link = link, label = label})
end
break
end
end
end
end
parse_known_sites(self:user(),
function (_) end,
function (ok_pat)
for link, label in pairs(ok_pat.portal or {}) do
table.insert(links, {link = link, label = label})
end
end
end
end)
return links
end