summaryrefslogtreecommitdiff
path: root/internal/authorization/util.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/authorization/util.go')
-rw-r--r--internal/authorization/util.go15
1 files changed, 11 insertions, 4 deletions
diff --git a/internal/authorization/util.go b/internal/authorization/util.go
index 04ce482e4..e8b5990ae 100644
--- a/internal/authorization/util.go
+++ b/internal/authorization/util.go
@@ -42,9 +42,10 @@ func (l Level) String() string {
}
func stringSliceToRegexpSlice(strings []string) (regexps []regexp.Regexp, err error) {
+ var pattern *regexp.Regexp
+
for _, str := range strings {
- pattern, err := regexp.Compile(str)
- if err != nil {
+ if pattern, err = regexp.Compile(str); err != nil {
return nil, err
}
@@ -56,17 +57,23 @@ func stringSliceToRegexpSlice(strings []string) (regexps []regexp.Regexp, err er
func schemaSubjectToACLSubject(subjectRule string) (subject SubjectMatcher) {
if strings.HasPrefix(subjectRule, prefixUser) {
- user := strings.Trim(subjectRule[len(prefixUser):], " ")
+ user := strings.Trim(subjectRule[lenPrefixUser:], " ")
return AccessControlUser{Name: user}
}
if strings.HasPrefix(subjectRule, prefixGroup) {
- group := strings.Trim(subjectRule[len(prefixGroup):], " ")
+ group := strings.Trim(subjectRule[lenPrefixGroup:], " ")
return AccessControlGroup{Name: group}
}
+ if strings.HasPrefix(subjectRule, prefixOAuth2Client) {
+ clientID := strings.Trim(subjectRule[lenPrefixOAuth2Client:], " ")
+
+ return AccessControlClient{Provider: "OAuth2", ID: clientID}
+ }
+
return nil
}