|
|
@@ -1,7 +1,6 @@
|
|
|
package access
|
|
|
|
|
|
import (
|
|
|
- "encoding/json"
|
|
|
"strings"
|
|
|
|
|
|
"imuslab.com/zoraxy/mod/netutils"
|
|
|
@@ -29,72 +28,66 @@ type WhitelistEntry struct {
|
|
|
|
|
|
func (s *AccessRule) AddCountryCodeToWhitelist(countryCode string, comment string) {
|
|
|
countryCode = strings.ToLower(countryCode)
|
|
|
- entry := WhitelistEntry{
|
|
|
- EntryType: EntryType_CountryCode,
|
|
|
- CC: countryCode,
|
|
|
- Comment: comment,
|
|
|
- }
|
|
|
-
|
|
|
- s.GetDatabase().Write(s.GetFullTableName("whitelist-cn"), countryCode, entry)
|
|
|
+ newWhitelistCC := deepCopy(*s.WhiteListCountryCode)
|
|
|
+ newWhitelistCC[countryCode] = comment
|
|
|
+ s.WhiteListCountryCode = &newWhitelistCC
|
|
|
+ s.SaveChanges()
|
|
|
}
|
|
|
|
|
|
func (s *AccessRule) RemoveCountryCodeFromWhitelist(countryCode string) {
|
|
|
countryCode = strings.ToLower(countryCode)
|
|
|
- s.GetDatabase().Delete(s.GetFullTableName("whitelist-cn"), countryCode)
|
|
|
+ newWhitelistCC := deepCopy(*s.WhiteListCountryCode)
|
|
|
+ delete(newWhitelistCC, countryCode)
|
|
|
+ s.WhiteListCountryCode = &newWhitelistCC
|
|
|
+ s.SaveChanges()
|
|
|
}
|
|
|
|
|
|
func (s *AccessRule) IsCountryCodeWhitelisted(countryCode string) bool {
|
|
|
countryCode = strings.ToLower(countryCode)
|
|
|
- return s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-cn"), countryCode)
|
|
|
+ whitelistCC := *s.WhiteListCountryCode
|
|
|
+ _, ok := whitelistCC[countryCode]
|
|
|
+ return ok
|
|
|
}
|
|
|
|
|
|
func (s *AccessRule) GetAllWhitelistedCountryCode() []*WhitelistEntry {
|
|
|
whitelistedCountryCode := []*WhitelistEntry{}
|
|
|
- entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-cn"))
|
|
|
- if err != nil {
|
|
|
- return whitelistedCountryCode
|
|
|
+ whitelistCC := *s.WhiteListCountryCode
|
|
|
+ for cc, comment := range whitelistCC {
|
|
|
+ whitelistedCountryCode = append(whitelistedCountryCode, &WhitelistEntry{
|
|
|
+ EntryType: EntryType_CountryCode,
|
|
|
+ CC: cc,
|
|
|
+ Comment: comment,
|
|
|
+ })
|
|
|
}
|
|
|
- for _, keypairs := range entries {
|
|
|
- thisWhitelistEntry := WhitelistEntry{}
|
|
|
- json.Unmarshal(keypairs[1], &thisWhitelistEntry)
|
|
|
- whitelistedCountryCode = append(whitelistedCountryCode, &thisWhitelistEntry)
|
|
|
- }
|
|
|
-
|
|
|
return whitelistedCountryCode
|
|
|
}
|
|
|
|
|
|
//IP Whitelist
|
|
|
|
|
|
func (s *AccessRule) AddIPToWhiteList(ipAddr string, comment string) {
|
|
|
- thisIpEntry := WhitelistEntry{
|
|
|
- EntryType: EntryType_IP,
|
|
|
- IP: ipAddr,
|
|
|
- Comment: comment,
|
|
|
- }
|
|
|
-
|
|
|
- s.GetDatabase().Write(s.GetFullTableName("whitelist-ip"), ipAddr, thisIpEntry)
|
|
|
+ newWhitelistIP := deepCopy(*s.WhiteListIP)
|
|
|
+ newWhitelistIP[ipAddr] = comment
|
|
|
+ s.WhiteListIP = &newWhitelistIP
|
|
|
+ s.SaveChanges()
|
|
|
}
|
|
|
|
|
|
func (s *AccessRule) RemoveIPFromWhiteList(ipAddr string) {
|
|
|
- s.GetDatabase().Delete(s.GetFullTableName("whitelist-ip"), ipAddr)
|
|
|
+ newWhitelistIP := deepCopy(*s.WhiteListIP)
|
|
|
+ delete(newWhitelistIP, ipAddr)
|
|
|
+ s.WhiteListIP = &newWhitelistIP
|
|
|
+ s.SaveChanges()
|
|
|
}
|
|
|
|
|
|
func (s *AccessRule) IsIPWhitelisted(ipAddr string) bool {
|
|
|
- isWhitelisted := s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-ip"), ipAddr)
|
|
|
- if isWhitelisted {
|
|
|
- //single IP whitelist entry
|
|
|
- return true
|
|
|
- }
|
|
|
-
|
|
|
//Check for IP wildcard and CIRD rules
|
|
|
- AllWhitelistedIps := s.GetAllWhitelistedIpAsStringSlice()
|
|
|
- for _, whitelistRules := range AllWhitelistedIps {
|
|
|
- wildcardMatch := netutils.MatchIpWildcard(ipAddr, whitelistRules)
|
|
|
+ WhitelistedIP := *s.WhiteListIP
|
|
|
+ for ipOrCIDR, _ := range WhitelistedIP {
|
|
|
+ wildcardMatch := netutils.MatchIpWildcard(ipAddr, ipOrCIDR)
|
|
|
if wildcardMatch {
|
|
|
return true
|
|
|
}
|
|
|
|
|
|
- cidrMatch := netutils.MatchIpCIDR(ipAddr, whitelistRules)
|
|
|
+ cidrMatch := netutils.MatchIpCIDR(ipAddr, ipOrCIDR)
|
|
|
if cidrMatch {
|
|
|
return true
|
|
|
}
|
|
|
@@ -105,27 +98,15 @@ func (s *AccessRule) IsIPWhitelisted(ipAddr string) bool {
|
|
|
|
|
|
func (s *AccessRule) GetAllWhitelistedIp() []*WhitelistEntry {
|
|
|
whitelistedIp := []*WhitelistEntry{}
|
|
|
- entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-ip"))
|
|
|
- if err != nil {
|
|
|
- return whitelistedIp
|
|
|
- }
|
|
|
-
|
|
|
- for _, keypairs := range entries {
|
|
|
- //ip := string(keypairs[0])
|
|
|
- thisEntry := WhitelistEntry{}
|
|
|
- json.Unmarshal(keypairs[1], &thisEntry)
|
|
|
+ currentWhitelistedIP := *s.WhiteListIP
|
|
|
+ for ipOrCIDR, comment := range currentWhitelistedIP {
|
|
|
+ thisEntry := WhitelistEntry{
|
|
|
+ EntryType: EntryType_IP,
|
|
|
+ IP: ipOrCIDR,
|
|
|
+ Comment: comment,
|
|
|
+ }
|
|
|
whitelistedIp = append(whitelistedIp, &thisEntry)
|
|
|
}
|
|
|
|
|
|
return whitelistedIp
|
|
|
}
|
|
|
-
|
|
|
-func (s *AccessRule) GetAllWhitelistedIpAsStringSlice() []string {
|
|
|
- allWhitelistedIPs := []string{}
|
|
|
- entries := s.GetAllWhitelistedIp()
|
|
|
- for _, entry := range entries {
|
|
|
- allWhitelistedIPs = append(allWhitelistedIPs, entry.IP)
|
|
|
- }
|
|
|
-
|
|
|
- return allWhitelistedIPs
|
|
|
-}
|
Toby Chui