apps/core
1
0
Fork 0
mirror of https://github.com/datarhei/core.git synced 2025-09-27 12:22:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix leaking slices

Browse Source
This commit is contained in:
Ingo Oppermann
2025-07-09 14:37:58 +02:00
parent ede6debf71
commit 2beb9d529e
3 changed files with 29 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
iam/policy/access.go
View File

@@ -2,6 +2,7 @@ package policy
import ( import (
"fmt" "fmt"
"slices"
"strings" "strings"
) )
@@ -17,6 +18,16 @@ func (p Policy) String() string {
return fmt.Sprintf("%s@%s (%s):%s %s", p.Name, p.Domain, strings.Join(p.Types, "|"), p.Resource, strings.Join(p.Actions, "|")) return fmt.Sprintf("%s@%s (%s):%s %s", p.Name, p.Domain, strings.Join(p.Types, "|"), p.Resource, strings.Join(p.Actions, "|"))
} }
func (p Policy) Clone() Policy {
return Policy{
Name: p.Name,
Domain: p.Domain,
Types: slices.Clone(p.Types),
Resource: p.Resource,
Actions: slices.Clone(p.Actions),
}
}
type Enforcer interface { type Enforcer interface {
Enforce(name, domain, rtype, resource, action string) (bool, Policy) Enforce(name, domain, rtype, resource, action string) (bool, Policy)

9
iam/policy/manager.go
View File

@@ -2,6 +2,7 @@ package policy
import ( import (
"fmt" "fmt"
"slices"
"github.com/datarhei/core/v16/log" "github.com/datarhei/core/v16/log"
) )
@@ -51,9 +52,9 @@ func (am *policyaccess) HasPolicy(name, domain string, types []string, resource
return am.enforcer.HasPolicy(Policy{ return am.enforcer.HasPolicy(Policy{
Name: name, Name: name,
Domain: domain, Domain: domain,
Types: types, Types: slices.Clone(types),
Resource: resource, Resource: resource,
Actions: actions, Actions: slices.Clone(actions),
}) })
} }
@@ -61,9 +62,9 @@ func (am *policyaccess) AddPolicy(name, domain string, types []string, resource
policy := Policy{ policy := Policy{
Name: name, Name: name,
Domain: domain, Domain: domain,
Types: types, Types: slices.Clone(types),
Resource: resource, Resource: resource,
Actions: actions, Actions: slices.Clone(actions),
} }
return am.enforcer.AddPolicy(policy) return am.enforcer.AddPolicy(policy)

18
iam/policy/model.go
View File

@@ -91,7 +91,7 @@ func (m *model) addPolicy(policy Policy) error {
policies = []Policy{} policies = []Policy{}
} }
policies = append(policies, policy) policies = append(policies, policy.Clone())
m.policies[key] = policies m.policies[key] = policies
return nil return nil
@@ -152,7 +152,9 @@ func (m *model) GetFilteredPolicy(name, domain string) []Policy {
if len(name) == 0 && len(domain) == 0 { if len(name) == 0 && len(domain) == 0 {
for _, policies := range m.policies { for _, policies := range m.policies {
filteredPolicies = append(filteredPolicies, policies...) for _, p := range policies {
filteredPolicies = append(filteredPolicies, p.Clone())
}
} }
} else if len(name) != 0 && len(domain) == 0 { } else if len(name) != 0 && len(domain) == 0 {
for key, policies := range m.policies { for key, policies := range m.policies {
@@ -160,7 +162,9 @@ func (m *model) GetFilteredPolicy(name, domain string) []Policy {
continue continue
} }
filteredPolicies = append(filteredPolicies, policies...) for _, p := range policies {
filteredPolicies = append(filteredPolicies, p.Clone())
}
} }
} else if len(name) == 0 && len(domain) != 0 { } else if len(name) == 0 && len(domain) != 0 {
for key, policies := range m.policies { for key, policies := range m.policies {
@@ -168,7 +172,9 @@ func (m *model) GetFilteredPolicy(name, domain string) []Policy {
continue continue
} }
filteredPolicies = append(filteredPolicies, policies...) for _, p := range policies {
filteredPolicies = append(filteredPolicies, p.Clone())
}
} }
} else { } else {
for key, policies := range m.policies { for key, policies := range m.policies {
@@ -178,7 +184,9 @@ func (m *model) GetFilteredPolicy(name, domain string) []Policy {
continue continue
} }
filteredPolicies = append(filteredPolicies, policies...) for _, p := range policies {
filteredPolicies = append(filteredPolicies, p.Clone())
}
} }
} }