storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/bucket/policy/condition/boolfunc.go (about)

     1  /*
     2   * MinIO Cloud Storage, (C) 2018 MinIO, Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package condition
    18  
    19  import (
    20  	"fmt"
    21  	"net/http"
    22  	"reflect"
    23  	"strconv"
    24  )
    25  
    26  // booleanFunc - Bool condition function. It checks whether Key is true or false.
    27  // https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_Boolean
    28  type booleanFunc struct {
    29  	k     Key
    30  	value string
    31  }
    32  
    33  // evaluate() - evaluates to check whether Key is present in given values or not.
    34  // Depending on condition boolean value, this function returns true or false.
    35  func (f booleanFunc) evaluate(values map[string][]string) bool {
    36  	requestValue, ok := values[http.CanonicalHeaderKey(f.k.Name())]
    37  	if !ok {
    38  		requestValue = values[f.k.Name()]
    39  	}
    40  
    41  	if len(requestValue) == 0 {
    42  		return false
    43  	}
    44  
    45  	return f.value == requestValue[0]
    46  }
    47  
    48  // key() - returns condition key which is used by this condition function.
    49  func (f booleanFunc) key() Key {
    50  	return f.k
    51  }
    52  
    53  // name() - returns "Bool" condition name.
    54  func (f booleanFunc) name() name {
    55  	return boolean
    56  }
    57  
    58  func (f booleanFunc) String() string {
    59  	return fmt.Sprintf("%v:%v:%v", boolean, f.k, f.value)
    60  }
    61  
    62  // toMap - returns map representation of this function.
    63  func (f booleanFunc) toMap() map[Key]ValueSet {
    64  	if !f.k.IsValid() {
    65  		return nil
    66  	}
    67  
    68  	return map[Key]ValueSet{
    69  		f.k: NewValueSet(NewStringValue(f.value)),
    70  	}
    71  }
    72  
    73  func newBooleanFunc(key Key, values ValueSet) (Function, error) {
    74  	if key != AWSSecureTransport {
    75  		return nil, fmt.Errorf("only %v key is allowed for %v condition", AWSSecureTransport, boolean)
    76  	}
    77  
    78  	if len(values) != 1 {
    79  		return nil, fmt.Errorf("only one value is allowed for boolean condition")
    80  	}
    81  
    82  	var value Value
    83  	for v := range values {
    84  		value = v
    85  		switch v.GetType() {
    86  		case reflect.Bool:
    87  			if _, err := v.GetBool(); err != nil {
    88  				return nil, err
    89  			}
    90  		case reflect.String:
    91  			s, err := v.GetString()
    92  			if err != nil {
    93  				return nil, err
    94  			}
    95  			if _, err = strconv.ParseBool(s); err != nil {
    96  				return nil, fmt.Errorf("value must be a boolean string for boolean condition")
    97  			}
    98  		default:
    99  			return nil, fmt.Errorf("value must be a boolean for boolean condition")
   100  		}
   101  	}
   102  
   103  	return &booleanFunc{key, value.String()}, nil
   104  }
   105  
   106  // NewBoolFunc - returns new Bool function.
   107  func NewBoolFunc(key Key, value string) (Function, error) {
   108  	return &booleanFunc{key, value}, nil
   109  }