github.com/DataDog/datadog-agent/pkg/security/secl@v0.55.0-devel.0.20240517055856-10c4965fea94/rules/capabilities.go (about) 1 // Unless explicitly stated otherwise all files in this repository are licensed 2 // under the Apache License Version 2.0. 3 // This product includes software developed at Datadog (https://www.datadoghq.com/). 4 // Copyright 2016-present Datadog, Inc. 5 6 // Package rules holds rules related files 7 package rules 8 9 import ( 10 "github.com/DataDog/datadog-agent/pkg/security/secl/compiler/eval" 11 ) 12 13 // FieldCapabilities holds a list of field capabilities 14 type FieldCapabilities []FieldCapability 15 16 // FieldCapability represents a field and the type of its value (scalar, pattern, bitmask, ...) 17 type FieldCapability struct { 18 Field eval.Field 19 Types eval.FieldValueType 20 ValidateFnc func(FilterValue) bool 21 FilterWeight int 22 } 23 24 // GetFields returns all the fields of FieldCapabilities 25 func (fcs FieldCapabilities) GetFields() []eval.Field { 26 var fields []eval.Field 27 for _, fc := range fcs { 28 fields = append(fields, fc.Field) 29 } 30 return fields 31 } 32 33 // Validate ensures all the filter values match field capabilities 34 func (fcs FieldCapabilities) Validate(filterValues FilterValues) bool { 35 for _, filterValue := range filterValues { 36 var found bool 37 for _, fc := range fcs { 38 if filterValue.Field != fc.Field || filterValue.Type&fc.Types == 0 { 39 continue 40 } 41 42 if fc.ValidateFnc != nil { 43 if !fc.ValidateFnc(filterValue) { 44 continue 45 } 46 } 47 48 found = true 49 break 50 } 51 52 if !found { 53 return false 54 } 55 } 56 57 return true 58 }