-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor(plugins) integrates handler files
Removes smaller code files by integrating them into the `handler` files. Reducing overall file clutter Signed-off-by: Thibault Charbonnier <[email protected]>
- Loading branch information
1 parent
78e56dd
commit 6d5184a
Showing
34 changed files
with
871 additions
and
1,042 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,66 @@ | ||
local BasePlugin = require "kong.plugins.base_plugin" | ||
local access = require "kong.plugins.acl.access" | ||
local cache = require "kong.tools.database_cache" | ||
local responses = require "kong.tools.responses" | ||
local utils = require "kong.tools.utils" | ||
|
||
local ACLHandler = BasePlugin:extend() | ||
|
||
ACLHandler.PRIORITY = 950 | ||
|
||
function ACLHandler:new() | ||
ACLHandler.super.new(self, "acl") | ||
end | ||
|
||
function ACLHandler:access(conf) | ||
ACLHandler.super.access(self) | ||
access.execute(conf) | ||
end | ||
|
||
local consumer_id | ||
if ngx.ctx.authenticated_credential then | ||
consumer_id = ngx.ctx.authenticated_credential.consumer_id | ||
else | ||
return responses.send_HTTP_FORBIDDEN("Cannot identify the consumer, add an authentication plugin to use the ACL plugin") | ||
end | ||
|
||
ACLHandler.PRIORITY = 950 | ||
-- Retrieve ACL | ||
local acls = cache.get_or_set(cache.acls_key(consumer_id), function() | ||
local results, err = dao.acls:find_by_keys({consumer_id = consumer_id}) | ||
if err then | ||
return responses.send_HTTP_INTERNAL_SERVER_ERROR(err) | ||
end | ||
return results | ||
end) | ||
|
||
if not acls then acls = {} end | ||
|
||
local block | ||
|
||
if utils.table_size(conf.blacklist) > 0 and utils.table_size(acls) > 0 then | ||
for _, v in ipairs(acls) do | ||
if utils.table_contains(conf.blacklist, v.group) then | ||
block = true | ||
break | ||
end | ||
end | ||
end | ||
|
||
if utils.table_size(conf.whitelist) > 0 then | ||
if utils.table_size(acls) == 0 then | ||
block = true | ||
else | ||
local contains | ||
for _, v in ipairs(acls) do | ||
if utils.table_contains(conf.whitelist, v.group) then | ||
contains = true | ||
break | ||
end | ||
end | ||
if not contains then block = true end | ||
end | ||
end | ||
|
||
if block then | ||
return responses.send_HTTP_FORBIDDEN("You cannot consume this service") | ||
end | ||
end | ||
|
||
return ACLHandler |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,75 @@ | ||
local BasePlugin = require "kong.plugins.base_plugin" | ||
local access = require "kong.plugins.cors.access" | ||
local responses = require "kong.tools.responses" | ||
|
||
local CorsHandler = BasePlugin:extend() | ||
|
||
CorsHandler.PRIORITY = 2000 | ||
|
||
|
||
local function configure_origin(ngx, conf) | ||
if conf.origin == nil then | ||
ngx.header["Access-Control-Allow-Origin"] = "*" | ||
else | ||
ngx.header["Access-Control-Allow-Origin"] = conf.origin | ||
ngx.header["Vary"] = "Origin" | ||
end | ||
end | ||
|
||
local function configure_credentials(ngx, conf) | ||
if (conf.credentials) then | ||
ngx.header["Access-Control-Allow-Credentials"] = "true" | ||
end | ||
end | ||
|
||
local function configure_headers(ngx, conf, headers) | ||
if conf.headers == nil then | ||
ngx.header["Access-Control-Allow-Headers"] = headers["access-control-request-headers"] or "" | ||
else | ||
ngx.header["Access-Control-Allow-Headers"] = table.concat(conf.headers, ",") | ||
end | ||
end | ||
|
||
local function configure_exposed_headers(ngx, conf) | ||
if conf.exposed_headers ~= nil then | ||
ngx.header["Access-Control-Expose-Headers"] = table.concat(conf.exposed_headers, ",") | ||
end | ||
end | ||
|
||
local function configure_methods(ngx, conf) | ||
if conf.methods == nil then | ||
ngx.header["Access-Control-Allow-Methods"] = "GET,HEAD,PUT,PATCH,POST,DELETE" | ||
else | ||
ngx.header["Access-Control-Allow-Methods"] = table.concat(conf.methods, ",") | ||
end | ||
end | ||
|
||
local function configure_max_age(ngx, conf) | ||
if conf.max_age ~= nil then | ||
ngx.header["Access-Control-Max-Age"] = tostring(conf.max_age) | ||
end | ||
end | ||
|
||
function CorsHandler:new() | ||
CorsHandler.super.new(self, "cors") | ||
end | ||
|
||
function CorsHandler:access(conf) | ||
CorsHandler.super.access(self) | ||
access.execute(conf) | ||
end | ||
configure_origin(ngx, conf) | ||
configure_credentials(ngx, conf) | ||
|
||
CorsHandler.PRIORITY = 2000 | ||
if ngx.req.get_method() == "OPTIONS" then -- Preflight request | ||
configure_headers(ngx, conf, ngx.req.get_headers()) | ||
configure_methods(ngx, conf) | ||
configure_max_age(ngx, conf) | ||
|
||
if not conf.preflight_continue then -- Check if the preflight request should end here, or be proxied | ||
return responses.send_HTTP_NO_CONTENT() | ||
end | ||
|
||
else | ||
configure_exposed_headers(ngx, conf) | ||
end | ||
end | ||
|
||
return CorsHandler |
Oops, something went wrong.