-
Notifications
You must be signed in to change notification settings - Fork 71
/
utils.go
77 lines (70 loc) · 1.72 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package client
import (
"hash/crc32"
"sort"
"strings"
rbacv1 "k8s.io/api/rbac/v1"
)
func splitWithEscaping(s string, separator, escape byte) []string {
var token []byte
var tokens []string
for i := 0; i < len(s); i++ {
if s[i] == separator {
tokens = append(tokens, strings.TrimSpace(string(token)))
token = token[:0]
} else if s[i] == escape && i+1 < len(s) {
i++
token = append(token, s[i])
} else {
token = append(token, s[i])
}
}
tokens = append(tokens, strings.TrimSpace(string(token)))
return tokens
}
func asMap(entries []string) map[string]string {
result := map[string]string{}
for _, entry := range entries {
parts := strings.Split(entry, "=")
if len(parts) > 1 {
result[parts[0]] = parts[1]
} else {
result[parts[0]] = ""
}
}
return result
}
func ContainsAllPolicies(elements []rbacv1.PolicyRule, included []rbacv1.PolicyRule) bool {
if nil == elements || nil == included {
return false
}
getHashedRules := func(rules []rbacv1.PolicyRule) []uint32 {
var hashedRules []uint32
for _, inc := range rules {
var resources []string
resources = append(resources, inc.Resources...)
resources = append(resources, inc.Verbs...)
resources = append(resources, inc.APIGroups...)
sort.Strings(resources)
str := strings.Join(resources, "")
hashedRules = append(hashedRules, crc32.ChecksumIEEE([]byte(str)))
}
return hashedRules
}
hashedIncluded := getHashedRules(included)
hashedElements := getHashedRules(elements)
for _, el := range hashedElements {
if !Contains(hashedIncluded, el) {
return false
}
}
return true
}
func Contains(elements []uint32, element uint32) bool {
for _, el := range elements {
if el == element {
return true
}
}
return false
}