mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-29 18:33:05 +00:00
remove custom contains funcs for slices.Contains (#2015)
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
parent
9e523d4687
commit
11fde62b8c
4 changed files with 7 additions and 26 deletions
|
@ -4,6 +4,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
|
"slices"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
@ -617,14 +618,14 @@ func nodesToPtables(
|
||||||
forcedTags = strings.TrimLeft(forcedTags, ",")
|
forcedTags = strings.TrimLeft(forcedTags, ",")
|
||||||
var invalidTags string
|
var invalidTags string
|
||||||
for _, tag := range node.GetInvalidTags() {
|
for _, tag := range node.GetInvalidTags() {
|
||||||
if !contains(node.GetForcedTags(), tag) {
|
if !slices.Contains(node.GetForcedTags(), tag) {
|
||||||
invalidTags += "," + pterm.LightRed(tag)
|
invalidTags += "," + pterm.LightRed(tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
invalidTags = strings.TrimLeft(invalidTags, ",")
|
invalidTags = strings.TrimLeft(invalidTags, ",")
|
||||||
var validTags string
|
var validTags string
|
||||||
for _, tag := range node.GetValidTags() {
|
for _, tag := range node.GetValidTags() {
|
||||||
if !contains(node.GetForcedTags(), tag) {
|
if !slices.Contains(node.GetForcedTags(), tag) {
|
||||||
validTags += "," + pterm.LightGreen(tag)
|
validTags += "," + pterm.LightGreen(tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,6 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"reflect"
|
|
||||||
|
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
|
@ -197,13 +196,3 @@ func (t tokenAuth) GetRequestMetadata(
|
||||||
func (tokenAuth) RequireTransportSecurity() bool {
|
func (tokenAuth) RequireTransportSecurity() bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func contains[T string](ts []T, t T) bool {
|
|
||||||
for _, v := range ts {
|
|
||||||
if reflect.DeepEqual(v, t) {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"html/template"
|
"html/template"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"slices"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
@ -365,7 +366,7 @@ func validateOIDCAllowedDomains(
|
||||||
) error {
|
) error {
|
||||||
if len(allowedDomains) > 0 {
|
if len(allowedDomains) > 0 {
|
||||||
if at := strings.LastIndex(claims.Email, "@"); at < 0 ||
|
if at := strings.LastIndex(claims.Email, "@"); at < 0 ||
|
||||||
!util.IsStringInSlice(allowedDomains, claims.Email[at+1:]) {
|
!slices.Contains(allowedDomains, claims.Email[at+1:]) {
|
||||||
log.Trace().Msg("authenticated principal does not match any allowed domain")
|
log.Trace().Msg("authenticated principal does not match any allowed domain")
|
||||||
|
|
||||||
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
||||||
|
@ -393,7 +394,7 @@ func validateOIDCAllowedGroups(
|
||||||
) error {
|
) error {
|
||||||
if len(allowedGroups) > 0 {
|
if len(allowedGroups) > 0 {
|
||||||
for _, group := range allowedGroups {
|
for _, group := range allowedGroups {
|
||||||
if util.IsStringInSlice(claims.Groups, group) {
|
if slices.Contains(claims.Groups, group) {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -420,7 +421,7 @@ func validateOIDCAllowedUsers(
|
||||||
claims *IDTokenClaims,
|
claims *IDTokenClaims,
|
||||||
) error {
|
) error {
|
||||||
if len(allowedUsers) > 0 &&
|
if len(allowedUsers) > 0 &&
|
||||||
!util.IsStringInSlice(allowedUsers, claims.Email) {
|
!slices.Contains(allowedUsers, claims.Email) {
|
||||||
log.Trace().Msg("authenticated principal does not match any allowed user")
|
log.Trace().Msg("authenticated principal does not match any allowed user")
|
||||||
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
writer.Header().Set("Content-Type", "text/plain; charset=utf-8")
|
||||||
writer.WriteHeader(http.StatusBadRequest)
|
writer.WriteHeader(http.StatusBadRequest)
|
||||||
|
|
|
@ -56,16 +56,6 @@ func GenerateRandomStringDNSSafe(size int) (string, error) {
|
||||||
return str[:size], nil
|
return str[:size], nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func IsStringInSlice(slice []string, str string) bool {
|
|
||||||
for _, s := range slice {
|
|
||||||
if s == str {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
func TailNodesToString(nodes []*tailcfg.Node) string {
|
func TailNodesToString(nodes []*tailcfg.Node) string {
|
||||||
temp := make([]string, len(nodes))
|
temp := make([]string, len(nodes))
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue