Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: tokenserver/appengine/utils/identityset/identityset.go

Issue 2413683004: token-server: Delegation config import, validation and evaluation. (Closed)
Patch Set: also check validity_duration Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « tokenserver/appengine/services/minter/tokenminter/service.go ('k') | tokenserver/appengine/utils/identityset/identityset_test.go » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The LUCI Authors. All rights reserved. 1 // Copyright 2016 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 // Package identityset implements a set-like structure for identity.Identity. 5 // Package identityset implements a set-like structure for identity.Identity.
6 package identityset 6 package identityset
7 7
8 import ( 8 import (
9 "fmt" 9 "fmt"
10 "sort"
10 "strings" 11 "strings"
11 12
12 "golang.org/x/net/context" 13 "golang.org/x/net/context"
13 14
14 "github.com/luci/luci-go/server/auth" 15 "github.com/luci/luci-go/server/auth"
15 "github.com/luci/luci-go/server/auth/identity" 16 "github.com/luci/luci-go/server/auth/identity"
16 ) 17 )
17 18
18 type identSet map[identity.Identity]struct{} 19 type identSet map[identity.Identity]struct{}
19 type groupSet map[string]struct{} 20 type groupSet map[string]struct{}
(...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after
144 145
145 // IsSuperset returns true if this set is a super set of another set. 146 // IsSuperset returns true if this set is a super set of another set.
146 // 147 //
147 // Two equal sets are considered supersets of each other. 148 // Two equal sets are considered supersets of each other.
148 // 149 //
149 // 'nil' receiver and argument values are valid and represent empty sets. 150 // 'nil' receiver and argument values are valid and represent empty sets.
150 func (s *Set) IsSuperset(subset *Set) bool { 151 func (s *Set) IsSuperset(subset *Set) bool {
151 return subset.IsSubset(s) 152 return subset.IsSubset(s)
152 } 153 }
153 154
155 // ToStrings returns a sorted list of strings representing this set.
156 //
157 // See 'FromStrings' for the format of this list.
158 func (s *Set) ToStrings() []string {
159 if s.IsEmpty() {
160 return []string{}
161 }
162 if s.All {
163 return []string{"*"}
164 }
165 out := make([]string, 0, len(s.IDs)+len(s.Groups))
166 for ident := range s.IDs {
167 out = append(out, string(ident))
168 }
169 for group := range s.Groups {
170 out = append(out, "group:"+group)
171 }
172 sort.Strings(out)
173 return out
174 }
175
154 // FromStrings constructs a Set by parsing a slice of strings. 176 // FromStrings constructs a Set by parsing a slice of strings.
155 // 177 //
156 // Each string is either: 178 // Each string is either:
157 // * "<kind>:<id>" identity string. 179 // * "<kind>:<id>" identity string.
158 // * "group:<name>" group reference. 180 // * "group:<name>" group reference.
159 // * "*" token to mean "All identities". 181 // * "*" token to mean "All identities".
160 // 182 //
161 // Any string that matches 'skip' predicate is skipped. 183 // Any string that matches 'skip' predicate is skipped.
162 func FromStrings(str []string, skip func(string) bool) (*Set, error) { 184 func FromStrings(str []string, skip func(string) bool) (*Set, error) {
163 set := &Set{} 185 set := &Set{}
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
257 for origID := range orig.IDs { 279 for origID := range orig.IDs {
258 extended[origID] = struct{}{} 280 extended[origID] = struct{}{}
259 } 281 }
260 extended[id] = struct{}{} 282 extended[id] = struct{}{}
261 283
262 return &Set{ 284 return &Set{
263 IDs: extended, 285 IDs: extended,
264 Groups: orig.Groups, 286 Groups: orig.Groups,
265 } 287 }
266 } 288 }
OLDNEW
« no previous file with comments | « tokenserver/appengine/services/minter/tokenminter/service.go ('k') | tokenserver/appengine/utils/identityset/identityset_test.go » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698