diff --git a/checker/multiple.go b/checker/multiple.go index 69cb9c8e..d121efb0 100644 --- a/checker/multiple.go +++ b/checker/multiple.go @@ -39,16 +39,14 @@ func (ls listChecker) Check(v string, has bool) bool { func (m *multipleChecker) Check(v string, has bool) bool { if has && m.equals != nil { - //全选逻辑处理 - for k, _ := range m.equals { - if k == "ALL" { - return true - } - } if ok := m.equals[v]; ok { return true } + //全选逻辑处理 + if _, ok := m.equals["ALL"]; ok { + return true + } } return m.other.Check(v, has) } diff --git a/drivers/strategy/limiting-strategy/limiting_test.go b/drivers/strategy/limiting-strategy/limiting_test.go index 23c7a4e4..8a8be9f7 100644 --- a/drivers/strategy/limiting-strategy/limiting_test.go +++ b/drivers/strategy/limiting-strategy/limiting_test.go @@ -2,6 +2,7 @@ package limiting_strategy import ( "context" + "fmt" "net" "strconv" "testing" @@ -12,7 +13,7 @@ import ( "github.com/eolinker/eosc/eocontext" ) -var maxID = 1000 +var maxID = 10000 type EmptyContext struct { labels map[string]string @@ -22,7 +23,7 @@ func NewEmptyContext() *EmptyContext { e := &EmptyContext{ labels: map[string]string{ //"api": strconv.Itoa(rand.Intn(maxID)), - "api": strconv.Itoa(1), + "api": strconv.Itoa(maxID), }, } return e @@ -151,11 +152,15 @@ func BenchmarkLimiting(b *testing.B) { handlers := make([]*LimitingHandler, 0, maxID) for i := 0; i < maxID; i++ { name := strconv.Itoa(i + 1) + apis := make([]string, 0, maxID) + for j := 0; j < 1000; j++ { + apis = append(apis, fmt.Sprintf("%d", j+1)) + } handler, _ := NewLimitingHandler(name, &Config{ Stop: false, - Priority: 0, + Priority: i, Filters: strategy.FilterConfig{ - "api": []string{name}, + "api": apis, }, }) handlers = append(handlers, handler) @@ -168,7 +173,7 @@ func BenchmarkLimiting(b *testing.B) { for _, h := range handlers { if h.Filter().Check(ctx) { //fmt.Printf("match %s\n", h.name) - break + continue } } //fmt.Println("spend time:", time.Now().Sub(begin)) diff --git a/drivers/strategy/visit-strategy/actuator.go b/drivers/strategy/visit-strategy/actuator.go index 02350ce9..d0167614 100644 --- a/drivers/strategy/visit-strategy/actuator.go +++ b/drivers/strategy/visit-strategy/actuator.go @@ -82,29 +82,33 @@ func (a *tActuator) Strategy(ctx eocontext.EoContext, next eocontext.IChain) err a.lock.RLock() handlers := a.handlers a.lock.RUnlock() - + pass := true for _, handler := range handlers { - //check筛选条件 + // 匹配Filter if !handler.filter.Check(httpCtx) { + // 未命中,下一条规则 continue } - - //第一个判断条件为访问规则必须是允许,并且生效范围检测出是黑名单 第二个判断条件为访问规则必须是拒绝,并且生效返回检测出是黑名单 - if (handler.rule.visit && !handler.rule.effectFilter.Check(ctx)) || (!handler.rule.visit && handler.rule.effectFilter.Check(ctx)) { - ctx.SetLabel("handler", "visit") - httpCtx.Response().SetStatus(403, "") - errInfo := "not allowed" - httpCtx.Response().SetBody([]byte(errInfo)) - return errors.New(errInfo) + // 匹配资源 + match := handler.rule.effectFilter.Check(ctx) + if match { + // 匹配成功 + pass = handler.rule.visit + break } - + pass = !handler.rule.visit if handler.rule.isContinue { continue } break - } - + if !pass { + ctx.SetLabel("handler", "visit") + httpCtx.Response().SetStatus(403, "") + errInfo := "not allowed" + httpCtx.Response().SetBody([]byte(errInfo)) + return errors.New(errInfo) + } if next != nil { return next.DoChain(ctx) }