Documentation ¶
Overview ¶
Package MAPL_enginge provides an engine to test messages against policy rules written in MAPL.
Index ¶
- Constants
- Variables
- func AddNetIpToMessage(message *MessageAttributes)
- func AddNetIpToMessages(messages *Messages)
- func AddResourceType(message *MessageAttributes)
- func AddTimeInfoToMessage(message *MessageAttributes) error
- func AndOrString(a_nodes []Node, andOrStr string) string
- func Check(message *MessageAttributes, rules *Rules) (decision int, descisionString string, relevantRuleIndex int, results []int, ...)
- func CheckOneRule(message *MessageAttributes, rule *Rule) (int, string)
- func ConvertConditionStringToIntFloatRegex(condition *Condition) error
- func ConvertFieldsToRegex(rule *Rule) error
- func ConvertOperationStringToRegex(str_in string) string
- func ConvertStringToRegex(str_in string) string
- func Coverage(messages *Messages, rules *Rules) (messageCoverage map[string]MessageCoverage, ruleCoverage map[string][]string)
- func IsNumberOfFieldsEqual(generalStruct GeneralStruct, yamlString string) (bool, string, error)
- func PrepareOneRule(rule *Rule) error
- func PrepareOneRuleWithPredefinedStrings(rule *Rule, stringsAndLists PredefinedStringsAndLists) error
- func PrepareRules(rules *Rules) error
- func PrepareRulesWithPredefinedStrings(rules *Rules, stringsAndLists PredefinedStringsAndLists) error
- func ReadBinaryFile(filename string) ([]byte, error)
- func ReplaceStringsAndListsInCondition(c *Condition, stringsAndlists PredefinedStringsAndLists) error
- func ReplaceStringsAndListsInOneRule(rule *Rule, stringsAndLists PredefinedStringsAndLists) error
- func RuleConditionsToString(rule Rule) string
- func RuleMD5Hash(rule Rule) (md5hash string)
- func RuleMD5HashConditions(rule Rule) (md5hash string)
- func RuleToString(rule Rule) string
- func SliceHasPrefix(sl []string, v string) bool
- func TestConditions(rule *Rule, message *MessageAttributes) (bool, string)
- func TestReceiver(rule *Rule, message *MessageAttributes) bool
- func TestSender(rule *Rule, message *MessageAttributes) bool
- func ValidateOneCondition(condition *Condition) (bool, error)
- func ValidateRule(rule *Rule) error
- type All
- func (a *All) Append(node Node)
- func (a *All) Eval(message *MessageAttributes) (bool, string)
- func (a *All) GetParentJsonpathAttribute() string
- func (a *All) GetReturnValueJsonpath() string
- func (a *All) MarshalJSON() ([]byte, error)
- func (a *All) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
- func (a *All) SetParentJsonpathAttribute(parentJsonpathAttribute string)
- func (a *All) SetReturnValueJsonpath(returnValueJsonpath string)
- func (a *All) String() string
- func (a *All) ToMongoQuery(parentString string) (bson.M, []bson.M, error)
- type And
- type Any
- func (a *Any) Append(node Node)
- func (a *Any) Eval(message *MessageAttributes) (bool, string)
- func (a *Any) GetParentJsonpathAttribute() string
- func (a *Any) GetReturnValueJsonpath() string
- func (a *Any) MarshalJSON() ([]byte, error)
- func (a *Any) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
- func (a *Any) SetParentJsonpathAttribute(parentJsonpathAttribute string)
- func (a *Any) SetReturnValueJsonpath(returnValueJsonpath string)
- func (a *Any) String() string
- func (a *Any) ToMongoQuery(parentString string) (bson.M, []bson.M, error)
- type AnyAllNode
- type Condition
- func (c *Condition) Append(node Node)
- func (c *Condition) Eval(message *MessageAttributes) (bool, string)
- func (c *Condition) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
- func (c *Condition) String() string
- func (c *Condition) ToMongoQuery(parentString string) (bson.M, []bson.M, error)
- type ConditionNode
- type ConditionsTree
- type ExpandedSenderReceiver
- type False
- type GeneralStruct
- type MessageAttributes
- type MessageCoverage
- type Messages
- type Node
- type Not
- type Or
- type PredefinedStringsAndLists
- type Receiver
- type Resource
- type Rule
- type RuleStrings
- type Rules
- func YamlReadRulesFromFile(filename string) (Rules, error)
- func YamlReadRulesFromFileWithPredefinedStrings(filename string, stringsAndlists PredefinedStringsAndLists) (Rules, error)
- func YamlReadRulesFromString(yamlString string) (Rules, error)
- func YamlReadRulesFromStringWithPredefinedStrings(yamlString string, stringsAndlists PredefinedStringsAndLists) (Rules, error)
- type Sender
- type True
Constants ¶
const ( DEFAULT int = iota ALLOW ALERT BLOCK NONE )
general action codes
Variables ¶
Functions ¶
func AddNetIpToMessage ¶
func AddNetIpToMessage(message *MessageAttributes)
AddNetIpToMessage converts string ips to type net.IP
func AddNetIpToMessages ¶
func AddNetIpToMessages(messages *Messages)
addNetIpToMessages function parses string ip data for all messages
func AddResourceType ¶
func AddResourceType(message *MessageAttributes)
AddResourceType function adds resource type to one message by the resource protocol for HTTP and TCP. For KAFKA the resource_type need to be filled in the message attributes.
func AddTimeInfoToMessage ¶
func AddTimeInfoToMessage(message *MessageAttributes) error
AddTimeInfoToMessage function parses timestamp data in one message and extract the second, minutes and hours since midnight.
func AndOrString ¶
func CheckOneRule ¶
func CheckOneRule(message *MessageAttributes, rule *Rule) (int, string)
CheckOneRules gives the result of testing the message attributes with of one rule
func ConvertFieldsToRegex ¶
convertFieldsToRegex converts some rule fields into regular expressions to be used later. This enables use of wildcards in the sender, receiver names, etc...
func ConvertOperationStringToRegex ¶
convertOperationStringToRegex function converts the operations string to regex. this is a special case of convertStringToRegex
func ConvertStringToRegex ¶
convertStringToRegex function converts one string to regex. Remove spaces, handle special characters and wildcards.
func IsNumberOfFieldsEqual ¶
func IsNumberOfFieldsEqual(generalStruct GeneralStruct, yamlString string) (bool, string, error)
IsNumberOfFieldsEqual is used to compare the structures read from files (mostly while debugging). We convert the structure into a string and count the number of non-empty "fields". Then we compare to the number of non empty fields in the original yaml string. It will not work with structure fields with default values (for example ints or floats) so we remove them.
func PrepareOneRule ¶
func PrepareOneRuleWithPredefinedStrings ¶
func PrepareOneRuleWithPredefinedStrings(rule *Rule, stringsAndLists PredefinedStringsAndLists) error
func PrepareRules ¶
func PrepareRulesWithPredefinedStrings ¶
func PrepareRulesWithPredefinedStrings(rules *Rules, stringsAndLists PredefinedStringsAndLists) error
func ReadBinaryFile ¶
func ReplaceStringsAndListsInCondition ¶
func ReplaceStringsAndListsInCondition(c *Condition, stringsAndlists PredefinedStringsAndLists) error
func ReplaceStringsAndListsInOneRule ¶
func ReplaceStringsAndListsInOneRule(rule *Rule, stringsAndLists PredefinedStringsAndLists) error
func RuleConditionsToString ¶
func RuleMD5Hash ¶
func RuleMD5HashConditions ¶
func RuleToString ¶
func SliceHasPrefix ¶
func TestConditions ¶
func TestConditions(rule *Rule, message *MessageAttributes) (bool, string)
testConditions tests the conditions of the rule with the message attributes
func TestReceiver ¶
func TestReceiver(rule *Rule, message *MessageAttributes) bool
func TestSender ¶
func TestSender(rule *Rule, message *MessageAttributes) bool
func ValidateOneCondition ¶
ValidateRuleConditions as much as possible
func ValidateRule ¶
Types ¶
type All ¶
type All struct { ParentJsonpathAttribute string ParentJsonpathAttributeOriginal string ReturnValueJsonpath string ReturnValueJsonpathOriginal string Node Node `yaml:"condition,omitempty" json:"condition,omitempty" bson:"condition,omitempty" structs:"condition,omitempty"` }
-------------------------------------- All Node --------------------------------------
func (*All) GetParentJsonpathAttribute ¶
func (*All) GetReturnValueJsonpath ¶
func (*All) MarshalJSON ¶
func (*All) PrepareAndValidate ¶
func (a *All) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
func (*All) SetParentJsonpathAttribute ¶
func (*All) SetReturnValueJsonpath ¶
type And ¶
type And struct {
Nodes []Node `yaml:"AND,omitempty" json:"AND,omitempty" bson:"AND,omitempty" structs:"AND,omitempty"`
}
-------------------------------------- And Node --------------------------------------
func (*And) PrepareAndValidate ¶
func (a *And) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
type Any ¶
type Any struct { ParentJsonpathAttribute string ParentJsonpathAttributeOriginal string ReturnValueJsonpath string ReturnValueJsonpathOriginal string Node Node `yaml:"condition,omitempty" json:"condition,omitempty" bson:"condition,omitempty" structs:"condition,omitempty"` }
-------------------------------------- Any Node --------------------------------------
func (*Any) GetParentJsonpathAttribute ¶
func (*Any) GetReturnValueJsonpath ¶
func (*Any) MarshalJSON ¶
func (*Any) PrepareAndValidate ¶
func (a *Any) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
func (*Any) SetParentJsonpathAttribute ¶
func (*Any) SetReturnValueJsonpath ¶
type AnyAllNode ¶
type Condition ¶
type Condition struct { Attribute string `yaml:"attribute,omitempty" json:"attribute" bson:"Attribute" structs:"Attribute,omitempty"` Method string `yaml:"method,omitempty" json:"method" bson:"Method" structs:"Method,omitempty"` Value string `yaml:"value,omitempty" json:"value" bson:"Value" structs:"Value,omitempty"` ValueInt int64 `yaml:"-" json:"ValueInt,omitempty" bson:"ValueInt,omitempty" structs:"ValueInt,omitempty"` ValueFloat float64 `yaml:"-" json:"ValueFloat,omitempty" bson:"ValueFloat,omitempty" structs:"ValueFloat,omitempty"` ValueRegex *regexp.Regexp `yaml:"-" json:"ValueRegex,omitempty" bson:"ValueRegex,omitempty" structs:"ValueRegex,omitempty"` ValueStringRegex *regexp.Regexp `yaml:"-" json:"ValueStringRegex,omitempty" bson:"ValueStringRegex,omitempty" structs:"ValueStringRegex,omitempty"` AttributeIsSenderLabel bool `` /* 131-byte string literal not displayed */ AttributeSenderLabelKey string `` /* 134-byte string literal not displayed */ AttributeIsReceiverLabel bool `` /* 137-byte string literal not displayed */ AttributeReceiverLabelKey string `` /* 140-byte string literal not displayed */ ValueIsReceiverLabel bool `yaml:"-" json:"ValueIsReceiverLabel,omitempty" bson:"ValueIsReceiverLabel,omitempty" structs:"ValueIsReceiverLabel,omitempty"` ValueReceiverLabelKey string `` /* 128-byte string literal not displayed */ AttributeIsSenderObject bool `` /* 134-byte string literal not displayed */ AttributeIsReceiverObject bool `` /* 140-byte string literal not displayed */ ValueIsReceiverObject bool `` /* 128-byte string literal not displayed */ AttributeSenderObjectAttribute string `` /* 155-byte string literal not displayed */ AttributeReceiverObjectAttribute string `` /* 161-byte string literal not displayed */ ValueReceiverObject string `yaml:"-" json:"ValueReceiverObject,omitempty" bson:"ValueReceiverObject,omitempty" structs:"ValueReceiverObject,omitempty"` AttributeIsJsonpath bool `yaml:"-" json:"AttributeIsJsonpath,omitempty" bson:"AttributeIsJsonpath,omitempty" structs:"AttributeIsJsonpath,omitempty"` AttributeIsJsonpathRelative bool `` /* 146-byte string literal not displayed */ AttributeJsonpathQuery string `` /* 131-byte string literal not displayed */ OriginalAttribute string `yaml:"-" json:"OriginalAttribute,omitempty" bson:"OriginalAttribute,omitempty" structs:"OriginalAttribute,omitempty"` // used in hash OriginalValue string `yaml:"-" json:"OriginalValue,omitempty" bson:"OriginalValue,omitempty" structs:"OriginalValue,omitempty"` // used in hash }
Condition structure - part of the rule as defined in MAPL (https://github.com/octarinesec/MAPL/tree/master/docs/MAPL_SPEC.md)
func ConditionFromConditionNode ¶
func ConditionFromConditionNode(c ConditionNode) Condition
func (*Condition) Eval ¶
func (c *Condition) Eval(message *MessageAttributes) (bool, string)
-------------------------------------- Basic Condition Node --------------------------------------
func (*Condition) PrepareAndValidate ¶
func (c *Condition) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
type ConditionNode ¶
type ConditionNode struct { Attribute string `yaml:"attribute,omitempty" json:"attribute" bson:"Attribute" structs:"Attribute,omitempty"` Method string `yaml:"method,omitempty" json:"method" bson:"Method" structs:"Method,omitempty"` Value string `yaml:"value,omitempty" json:"value" bson:"Value" structs:"Value,omitempty"` }
func ReadCondition ¶
func ReadCondition(v map[string]interface{}) ConditionNode
type ConditionsTree ¶
type ConditionsTree struct {
ConditionsTree Node `` /* 130-byte string literal not displayed */
}
----------------------- ConditionTree -----------------------
func (*ConditionsTree) UnmarshalJSON ¶
func (c *ConditionsTree) UnmarshalJSON(data []byte) error
func (*ConditionsTree) UnmarshalYAML ¶
func (c *ConditionsTree) UnmarshalYAML(unmarshal func(interface{}) error) error
type ExpandedSenderReceiver ¶
type ExpandedSenderReceiver struct { Name string `yaml:"-" json:"Name,omitempty" bson:"Name,omitempty"` Type string `yaml:"-" json:"Type,omitempty" bson:"Type,omitempty"` Regexp *regexp.Regexp `yaml:"-" json:"Regexp,omitempty" bson:"Regexp,omitempty"` IsIP bool `yaml:"-" json:"IsIP,omitempty" bson:"IsIP,omitempty"` IsCIDR bool `yaml:"-" json:"IsCIDR,omitempty" bson:"IsCIDR,omitempty"` CIDR net.IPNet `yaml:"-" json:"CIDR,omitempty" bson:"CIDR,omitempty"` IP net.IP `yaml:"-" json:"IP,omitempty" bson:"IP,omitempty"` }
func ConvertStringToExpandedSenderReceiver ¶
func ConvertStringToExpandedSenderReceiver(str_in string, type_in string) ([]ExpandedSenderReceiver, error)
type False ¶
type False struct{}
-------------------------------------- False Node (used in unit tests) --------------------------------------
func (False) PrepareAndValidate ¶
func (f False) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
type GeneralStruct ¶
type MessageAttributes ¶
type MessageAttributes struct { //-------------------------------------------------- // taken from Istio (retained only the ones we actually use) SourceIp string `yaml:"sender_ip,omitempty"` // Client IP address example: 10.0.0.117 SourceNamespace string `yaml:"sender_namespace,omitempty"` // Source workload instance namespace. example: my-namespace SourceCluster string `yaml:"sender_cluster,omitempty"` // Source workload instance cluster. example: aws:edo DestinationIp string `yaml:"receiver_ip,omitempty"` // Server IP address. example: 10.0.0.104 DestinationPort string `yaml:"receiver_port,omitempty"` // The recipient port on the server IP address. example: 8080 DestinationNamespace string `yaml:"receiver_namespace,omitempty"` // Destination workload instance namespace. example: istio-system DestinationCluster string `yaml:"receiver_cluster,omitempty"` // Destination workload instance cluster. example: aws:edo RequestPath string `yaml:"request_path,omitempty"` // The HTTP URL path including query string RequestHost string `yaml:"request_host,omitempty"` // HTTP/1.x host header or HTTP/2 authority header. Example: redis-master:3337 RequestMethod string `yaml:"request_method,omitempty"` // The HTTP method. RequestSize int64 `yaml:"request_size,omitempty"` // Size of the request in bytes.For HTTP requests this is equivalent to the Content-Length header. RequestTime string `yaml:"request_time,omitempty"` // The timestamp when the destination receives the request.This should be equivalent to Firebase “now”. [https://firebase.google.com/docs/reference/android/com/google/firebase/Timestamp] RequestUseragent string `yaml:"request_user_agent,omitempty"` // The HTTP User-Agent header. ContextProtocol string `yaml:"request_protocol,omitempty"` // Protocol of the request or connection being proxied. example: tcp // ----------------------------------------------- // The following are general attributes (not from Istio): MessageID string `yaml:"message_id,omitempty"` SourceService string `yaml:"sender_service,omitempty"` // The service identifier DestinationService string `yaml:"receiver_service,omitempty"` // The fully qualified name of the service that the server belongs to.my-svc.my-namespace SourceLabelsJson string `yaml:"sender_labels,omitempty"` // The sender service labels DestinationLabelsJson string `yaml:"receiver_labels,omitempty"` // The receiver service labels ContextType string `yaml:"request_type,omitempty"` // type of context in relation to the ContextProtocol. EncryptionType string `yaml:"encryption_type,omitempty"` EncryptionVersion *float64 `yaml:"encryption_version,omitempty"` RequestJsonRaw *[]byte `yaml:"json_raw,omitempty"` RequestJsonRawRelative *[]byte `yaml:"json_raw_relative,omitempty"` Domain string `yaml:"domain,omitempty"` RequestTimeSecondsFromMidnightUTC float64 `yaml:"-"` // conversion of RequestTime timestamp // used for debuggin in units tests RequestTimeMinutesFromMidnightUTC float64 `yaml:"-"` // conversion of RequestTime timestamp // used for debuggin in units tests RequestTimeHoursFromMidnightUTC float64 `yaml:"-"` // conversion of RequestTime timestamp // used for debuggin in units tests SourceNetIp net.IP `yaml:"-"` DestinationNetIp net.IP `yaml:"-"` SourceLabels map[string]string `yaml:"-"` DestinationLabels map[string]string `yaml:"-"` }
-------------------messages------------------------------------- MessageAttributes structure contains message attributes checked with the rules. The attributes were taken from Istio's HTTP message attributes [https://istio.io/docs/reference/config/policy-and-telemetry/attribute-vocabulary/]
func YamlReadMessageAttributes ¶
func YamlReadMessageAttributes(yamlString string) (MessageAttributes, error)
YamlReadMessageAttributes function reads message attributes from a yaml string
func (MessageAttributes) ToJson ¶
func (messageAttributes MessageAttributes) ToJson() (string, error)
ToJson converts a structure into a json string
type MessageCoverage ¶
type Messages ¶
type Messages struct {
Messages []MessageAttributes `yaml:"messages,omitempty"`
}
Messages structure contains a list of messages
func YamlReadMessagesFromFile ¶
YamlReadMessagesFromFile function reads messages from file
func YamlReadMessagesFromString ¶
YamlReadMessagesFromString function reads messages from a yaml string
type Node ¶
type Node interface { Eval(message *MessageAttributes) (bool, string) Append(node Node) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error String() string // to-do: order terms so that hash will be the same ToMongoQuery(parentString string) (bson.M, []bson.M, error) }
-------------------------------------- Node Interface --------------------------------------
func InterpretNode ¶
func ParseConditionsTree ¶
-------------------------------------- parsing utilities --------------------------------------
type Not ¶
type Not struct {
Node Node `yaml:"NOT,omitempty" json:"NOT,omitempty" bson:"NOT,omitempty" structs:"NOT,omitempty"`
}
-------------------------------------- Not Node --------------------------------------
func (*Not) PrepareAndValidate ¶
func (n *Not) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
type Or ¶
type Or struct {
Nodes []Node `yaml:"OR,omitempty" json:"OR,omitempty" bson:"OR,omitempty" structs:"OR,omitempty"`
}
-------------------------------------- Or Node --------------------------------------
func (*Or) PrepareAndValidate ¶
func (o *Or) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error
type PredefinedStringsAndLists ¶
type PredefinedStringsAndLists struct { PredefinedStrings map[string]string `` /* 132-byte string literal not displayed */ PredefinedLists map[string][]string `yaml:"predefinedLists,omitempty" json:"predefinedLists,omitempty" bson:"PredefinedLists" structs:"PredefinedLists,omitempty"` PredefinedListsWithoutRefs map[string][]string `yaml:"-,omitempty" json:"-,omitempty" bson:"PredefinedListsWithoutRefs" structs:"PredefinedListsWithoutRefs,omitempty"` }
func YamlReadStringListsFromFile ¶
func YamlReadStringListsFromFile(filename string) (PredefinedStringsAndLists, error)
func YamlReadStringListsFromString ¶
func YamlReadStringListsFromString(yamlString string) (PredefinedStringsAndLists, error)
type Receiver ¶
type Receiver struct { // if ReceiverName is a list (example: "srv1,srv2,srv123") then it is assumed that all are of the same type ReceiverName string `yaml:"receiverName,omitempty" json:"receiverName,omitempty" bson:"ReceiverName" structs:"ReceiverName,omitempty"` ReceiverType string `yaml:"receiverType,omitempty" json:"receiverType,omitempty" bson:"ReceiverType,omitempty" structs:"ReceiverType,omitempty"` ReceiverList []ExpandedSenderReceiver `yaml:"-" json:"receiverList,omitempty" bson:"ReceiverList,omitempty" structs:"ReceiverList,omitempty"` }
type Resource ¶
type Resource struct { /* Examples: // pay attention that the resource type should match the protocol path:<http_path_name>, kafkaTopic:<kafka_topic_name> consumerGroup:<consumer_group_name> port:<port number> */ ResourceType string `yaml:"resourceType,omitempty" json:"resourceType,omitempty" bson:"ResourceType,omitempty" structs:"ResourceType,omitempty"` ResourceName string `yaml:"resourceName,omitempty" json:"resourceName,omitempty" bson:"ResourceName,omitempty" structs:"ResourceName,omitempty"` ResourceNameRegex *regexp.Regexp `yaml:"-" json:"-,omitempty" bson:"ResourceNameRegex,omitempty" structs:"ResourceNameRegex,omitempty"` }
Resource structure - part of the rule as defined in MAPL (https://github.com/octarinesec/MAPL/tree/master/docs/MAPL_SPEC.md)
type Rule ¶
type Rule struct { // rule syntax: // <sender, receiver, resource, operation> : <conditions> : <decision> // RuleID string `yaml:"rule_id,omitempty" json:"ruleID,omitempty" bson:"RuleID,omitempty" structs:"RuleID,omitempty"` Sender Sender `yaml:"sender,omitempty" json:"sender,omitempty" bson:"Sender" structs:"Sender,omitempty"` Receiver Receiver `yaml:"receiver,omitempty" json:"receiver,omitempty" bson:"Receiver" structs:"Receiver,omitempty"` Protocol string `yaml:"protocol,omitempty" json:"protocol,omitempty" bson:"ResourceProtocol" structs:"Protocol,omitempty"` Resource Resource `yaml:"resource,omitempty" json:"resource,omitempty" bson:"Resource" structs:"Resource,omitempty"` Operation string `yaml:"operation,omitempty" json:"operation,omitempty" bson:"Operation" structs:"Operation,omitempty"` Conditions ConditionsTree `yaml:"conditions,omitempty" json:"conditions,omitempty" bson:"conditions,omitempty" structs:"conditions,omitempty"` Decision string `yaml:"decision,omitempty" json:"decision,omitempty" bson:"Decision" structs:"Decision,omitempty"` Metadata map[string]string `yaml:"metadata,omitempty" json:"metadata,omitempty" bson:"Metadata" structs:"Metadata,omitempty"` Hash string `yaml:"hash,omitempty" json:"hash,omitempty" bson:"Hash" structs:"Hash,omitempty"` OperationRegex *regexp.Regexp `yaml:"o,omitempty" json:"o,omitempty" bson:"OperationRegex,omitempty" structs:"OperationRegex,omitempty"` AlreadyConvertedFieldsToRegexFlag bool `yaml:"-,omitempty" json:"-,omitempty" bson:"-,omitempty" structs:"-,omitempty"` // default is false }
func (Rule) ConditionsEqual ¶
type RuleStrings ¶
type RuleStrings struct { RuleSetId string SenderString string ReceiverString string ProtocolString string ResourceString string OperationString string ConditionsString string DecisionString string }
func GetRuleStrings ¶
func GetRuleStrings(r *Rule) RuleStrings
type Rules ¶
type Rules struct {
Rules []Rule `yaml:"rules,omitempty" json:"rules,omitempty"`
}
Rules structure contains a list of rules
func YamlReadRulesFromFile ¶
func YamlReadRulesFromFileWithPredefinedStrings ¶
func YamlReadRulesFromFileWithPredefinedStrings(filename string, stringsAndlists PredefinedStringsAndLists) (Rules, error)
func YamlReadRulesFromString ¶
YamlReadRulesFromString function reads rules from a yaml string
func YamlReadRulesFromStringWithPredefinedStrings ¶
func YamlReadRulesFromStringWithPredefinedStrings(yamlString string, stringsAndlists PredefinedStringsAndLists) (Rules, error)
type Sender ¶
type Sender struct { // if SenderName is a list (example: "srv1,srv2,srv123") then it is assumed that all are of the same type SenderName string `yaml:"senderName,omitempty" json:"senderName,omitempty" bson:"SenderName" structs:"SenderName,omitempty"` SenderType string `yaml:"senderType,omitempty" json:"senderType,omitempty" bson:"SenderType,omitempty" structs:"SenderType,omitempty"` SenderList []ExpandedSenderReceiver `yaml:"-" json:"senderList,omitempty" bson:"SenderList,omitempty" structs:"SenderList,omitempty"` }
-------------------rules-------------------------------------
type True ¶
type True struct{}
-------------------------------------- True Node (used in unit tests) --------------------------------------
func (True) PrepareAndValidate ¶
func (t True) PrepareAndValidate(stringsAndlists PredefinedStringsAndLists) error