mirror of
https://github.com/lightninglabs/loop
synced 2024-11-11 13:11:12 +00:00
118 lines
3.6 KiB
Go
118 lines
3.6 KiB
Go
|
package lsat
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"strings"
|
||
|
)
|
||
|
|
||
|
// Satisfier provides a generic interface to satisfy a caveat based on its
|
||
|
// condition.
|
||
|
type Satisfier struct {
|
||
|
// Condition is the condition of the caveat we'll attempt to satisfy.
|
||
|
Condition string
|
||
|
|
||
|
// SatisfyPrevious ensures a caveat is in accordance with a previous one
|
||
|
// with the same condition. This is needed since caveats of the same
|
||
|
// condition can be used multiple times as long as they enforce more
|
||
|
// permissions than the previous.
|
||
|
//
|
||
|
// For example, we have a caveat that only allows us to use an LSAT for
|
||
|
// 7 more days. We can add another caveat that only allows for 3 more
|
||
|
// days of use and lend it to another party.
|
||
|
SatisfyPrevious func(previous Caveat, current Caveat) error
|
||
|
|
||
|
// SatisfyFinal satisfies the final caveat of an LSAT. If multiple
|
||
|
// caveats with the same condition exist, this will only be executed
|
||
|
// once all previous caveats are also satisfied.
|
||
|
SatisfyFinal func(Caveat) error
|
||
|
}
|
||
|
|
||
|
// NewServicesSatisfier implements a satisfier to determine whether the target
|
||
|
// service is authorized for a given LSAT.
|
||
|
//
|
||
|
// TODO(wilmer): Add tier verification?
|
||
|
func NewServicesSatisfier(targetService string) Satisfier {
|
||
|
return Satisfier{
|
||
|
Condition: CondServices,
|
||
|
SatisfyPrevious: func(prev, cur Caveat) error {
|
||
|
// Construct a set of the services we were previously
|
||
|
// allowed to access.
|
||
|
prevServices, err := decodeServicesCaveatValue(prev.Value)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
prevAllowed := make(map[string]struct{}, len(prevServices))
|
||
|
for _, service := range prevServices {
|
||
|
prevAllowed[service.Name] = struct{}{}
|
||
|
}
|
||
|
|
||
|
// The caveat should not include any new services that
|
||
|
// weren't previously allowed.
|
||
|
currentServices, err := decodeServicesCaveatValue(cur.Value)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
for _, service := range currentServices {
|
||
|
if _, ok := prevAllowed[service.Name]; !ok {
|
||
|
return fmt.Errorf("service %v not "+
|
||
|
"previously allowed", service)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
},
|
||
|
SatisfyFinal: func(c Caveat) error {
|
||
|
services, err := decodeServicesCaveatValue(c.Value)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
for _, service := range services {
|
||
|
if service.Name == targetService {
|
||
|
return nil
|
||
|
}
|
||
|
}
|
||
|
return fmt.Errorf("target service %v not authorized",
|
||
|
targetService)
|
||
|
},
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// NewCapabilitiesSatisfier implements a satisfier to determine whether the
|
||
|
// target capability for a service is authorized for a given LSAT.
|
||
|
func NewCapabilitiesSatisfier(service string, targetCapability string) Satisfier {
|
||
|
return Satisfier{
|
||
|
Condition: service + CondCapabilitiesSuffix,
|
||
|
SatisfyPrevious: func(prev, cur Caveat) error {
|
||
|
// Construct a set of the service's capabilities we were
|
||
|
// previously allowed to access.
|
||
|
prevCapabilities := strings.Split(prev.Value, ",")
|
||
|
allowed := make(map[string]struct{}, len(prevCapabilities))
|
||
|
for _, capability := range prevCapabilities {
|
||
|
allowed[capability] = struct{}{}
|
||
|
}
|
||
|
|
||
|
// The caveat should not include any new service
|
||
|
// capabilities that weren't previously allowed.
|
||
|
currentCapabilities := strings.Split(cur.Value, ",")
|
||
|
for _, capability := range currentCapabilities {
|
||
|
if _, ok := allowed[capability]; !ok {
|
||
|
return fmt.Errorf("capability %v not "+
|
||
|
"previously allowed", capability)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
},
|
||
|
SatisfyFinal: func(c Caveat) error {
|
||
|
capabilities := strings.Split(c.Value, ",")
|
||
|
for _, capability := range capabilities {
|
||
|
if capability == targetCapability {
|
||
|
return nil
|
||
|
}
|
||
|
}
|
||
|
return fmt.Errorf("target capability %v not authorized",
|
||
|
targetCapability)
|
||
|
},
|
||
|
}
|
||
|
}
|