Add shorter version of some common access rules definitions

This add conversion of - allow to - allow: all and - allow: acl_name to - allow: - acl: acl_name (this works also for deny, and number in shapers)
2016-06-15 19:20:27 +02:00 · 2016-06-15 19:20:27 +02:00 · 7b308e0d41
parent 9004608181
commit 7b308e0d41
2 changed files with 34 additions and 4 deletions
--- a/src/acl.erl
+++ b/src/acl.erl
@ -518,11 +518,16 @@ parse_ip_netmask(S) ->
 transform_access_rules_config(Config) ->
    lists:map(fun transform_access_rules_config2/1, lists:flatten(Config)).

+transform_access_rules_config2(Type) when is_integer(Type); Type == allow; Type == deny ->
+    {Type, [all]};
+transform_access_rules_config2({Type, ACL}) when is_atom(ACL) ->
+    {Type, [{acl, ACL}]};
 transform_access_rules_config2({Res, Rules}) when is_list(Rules) ->
-    {Res, lists:map(fun({Type, Args}) when is_list(Args) ->
-			     normalize_spec({Type, hd(lists:flatten(Args))});
-			(V) -> normalize_spec(V)
-		     end, lists:flatten(Rules))};
+    T = lists:map(fun({Type, Args}) when is_list(Args) ->
+			  normalize_spec({Type, hd(lists:flatten(Args))});
+		     (V) -> normalize_spec(V)
+		  end, lists:flatten(Rules)),
+    {Res, T};
 transform_access_rules_config2({Res, Rule}) ->
    {Res, [Rule]}.

--- a/test/acl_test.exs
+++ b/test/acl_test.exs
@ -302,6 +302,31 @@ defmodule ACLTest do
    assert :acl.access_matches(rules, %{usr: {"user1", "server11", "res1"}}, :global) == :deny
    assert :acl.access_matches(rules, %{usr: {"user11", "server11", "res1"}}, :global) == :deny
  end
+
+  test "transform_access_rules_config expands allow rule" do
+    assert :acl.transform_access_rules_config([:allow]) == [{:allow, [:all]}]
+  end
+
+  test "transform_access_rules_config expands deny rule" do
+    assert :acl.transform_access_rules_config([:deny]) == [{:deny, [:all]}]
+  end
+
+  test "transform_access_rules_config expands <integer> rule" do
+    assert :acl.transform_access_rules_config([100]) == [{100, [:all]}]
+  end
+
+  test "transform_access_rules_config expands allow: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{:allow, :test1}]) == [{:allow, [{:acl, :test1}]}]
+  end
+
+  test "transform_access_rules_config expands deny: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{:deny, :test1}]) == [{:deny, [{:acl, :test1}]}]
+  end
+
+  test "transform_access_rules_config expands integer: <acl_name> rule" do
+    assert :acl.transform_access_rules_config([{100, :test1}]) == [{100, [{:acl, :test1}]}]
+  end
+
  ## Checking ACL on both user pattern and IP
  ## ========================================