Don't do stupid things like use a dn as a pattern

Also add metadata fields in objects created on initialization
author: Alex Auvolat <alex@adnab.me> 2020-01-26 23:12:00 +0100
committer: Alex Auvolat <alex@adnab.me> 2020-01-26 23:12:00 +0100
commit: 8a605f44b017621eb2bd739d6c7c1de213d7a13f (patch)
tree: 5cdfeb584c9deaa57eab54ed153bc62079b7a796 /acl.go
parent: e9fb34bb26779df5442aff9889de0854bff05902 (diff)
download: bottin-8a605f44b017621eb2bd739d6c7c1de213d7a13f.tar.gz
bottin-8a605f44b017621eb2bd739d6c7c1de213d7a13f.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/acl.go b/acl.go
index 483e8fd..ec6e4de 100644
--- a/acl.go
+++ b/acl.go
@@ -87,8 +87,14 @@ func (entry *ACLEntry) Check(login *Login, action string, target string, attribu
 		}
 	}
 
-	rule_target_with_self := strings.ReplaceAll(entry.target, "SELF", login.user)
-	if !match(rule_target_with_self, target) {
+	matchTarget := match(entry.target, target)
+	if !matchTarget && len(target) >= len(login.user) {
+		start := len(target) - len(login.user)
+		if target[start:] == login.user {
+			matchTarget = match(entry.target, target[:start]+"SELF")
+		}
+	}
+	if !matchTarget {
 		return false
 	}
author	Alex Auvolat <alex@adnab.me>	2020-01-26 23:12:00 +0100
committer	Alex Auvolat <alex@adnab.me>	2020-01-26 23:12:00 +0100
commit	8a605f44b017621eb2bd739d6c7c1de213d7a13f (patch)
tree	5cdfeb584c9deaa57eab54ed153bc62079b7a796 /acl.go
parent	e9fb34bb26779df5442aff9889de0854bff05902 (diff)
download	bottin-8a605f44b017621eb2bd739d6c7c1de213d7a13f.tar.gz bottin-8a605f44b017621eb2bd739d6c7c1de213d7a13f.zip