3pp-mirror/snapcast
1
0
Fork 0
mirror of https://github.com/badaix/snapcast.git synced 2025-07-21 10:27:39 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add support for removing single rules

Browse source
This commit is contained in:
badaix 2025-02-12 22:10:00 +01:00 committed by Johannes Pohl
parent f680c1486b
commit a77f6f1b02
3 changed files with 37 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
common/utils/string_utils.cpp
View file

@ -43,13 +43,13 @@ static constexpr auto LOG_TAG = "StringUtils";
bool wildcardMatch(const std::string& pattern, const std::string& text) bool wildcardMatch(const std::string& pattern, const std::string& text)
{ {
LOG(INFO, LOG_TAG) << "wildcardMatch '" << pattern << "', text: '" << text << "'\n"; LOG(DEBUG, LOG_TAG) << "wildcardMatch '" << pattern << "', text: '" << text << "'\n";
std::vector<std::string> parts = utils::string::split(pattern, '*'); std::vector<std::string> parts = utils::string::split(pattern, '*');
size_t pos = 0; size_t pos = 0;
for (size_t n = 0; n < parts.size(); ++n) for (size_t n = 0; n < parts.size(); ++n)
{ {
const std::string& part = parts[n]; const std::string& part = parts[n];
LOG(INFO, LOG_TAG) << "Matching '" << part << "', pos: " << pos << "\n"; LOG(DEBUG, LOG_TAG) << "Matching '" << part << "', pos: " << pos << "\n";
pos = text.find(part, pos); pos = text.find(part, pos);
if (pos == std::string::npos) if (pos == std::string::npos)
return false; return false;

21
server/authinfo.cpp
View file

@ -269,11 +269,28 @@ bool AuthInfo::hasPermission(const std::string& resource) const
return false; return false;
const auto& role = user_iter->role; const auto& role = user_iter->role;
auto perm_iter = std::find_if(role->permissions.begin(), role->permissions.end(), auto perm_iter = std::find_if(role->permissions.begin(), role->permissions.end(), [&](const std::string& permission)
[&](const std::string& permission) { return utils::string::wildcardMatch(permission, resource); }); {
if (!permission.empty() && (permission[0] == '-'))
return false;
return utils::string::wildcardMatch(permission, resource);
});
if (perm_iter != role->permissions.end()) if (perm_iter != role->permissions.end())
{ {
auto not_perm_iter = std::find_if(role->permissions.begin(), role->permissions.end(), [&](const std::string& permission)
{
if (!permission.empty() && (permission[0] != '-'))
return false;
return utils::string::wildcardMatch(permission.substr(1), resource);
});
if (not_perm_iter != role->permissions.end())
{
LOG(DEBUG, LOG_TAG) << "Found non-permission for ressource '" << resource << "': '" << *perm_iter << "'\n";
return false;
}
LOG(DEBUG, LOG_TAG) << "Found permission for ressource '" << resource << "': '" << *perm_iter << "'\n"; LOG(DEBUG, LOG_TAG) << "Found permission for ressource '" << resource << "': '" << *perm_iter << "'\n";
return true; return true;
} }

16
test/test_main.cpp
View file

@ -793,4 +793,20 @@ TEST_CASE("Auth")
REQUIRE(auth.hasPermission("stream")); REQUIRE(auth.hasPermission("stream"));
REQUIRE(!auth.hasPermission("play")); REQUIRE(!auth.hasPermission("play"));
} }
{
auth_settings.init({"admin:Client.*,Group.*,-Group.Set*"}, {"badaix:secret:admin"});
REQUIRE(auth_settings.users.size() == 1);
REQUIRE(auth_settings.roles.size() == 1);
REQUIRE(auth_settings.users.front().role->permissions.size() == 3);
AuthInfo auth(auth_settings);
auto ec = auth.authenticateBasic(base64_encode("badaix:secret"));
REQUIRE(!ec);
REQUIRE(auth.hasPermission("Client.SetVolume"));
REQUIRE(auth.hasPermission("Client.SetName"));
REQUIRE(auth.hasPermission("Group.GetStatus"));
REQUIRE(!auth.hasPermission("Group.SetName"));
REQUIRE(!auth.hasPermission("Server.GetStatus"));
}
} }