|
|
@ -83,13 +83,13 @@ let
|
|
|
|
/** getEndpoint :: acl_peer -> acl_peer -> ic_endpoint */
|
|
|
|
/** getEndpoint :: acl_peer -> acl_peer -> ic_endpoint */
|
|
|
|
getEndpoint = acl_subnet: acl_peerFrom: acl_peerTo:
|
|
|
|
getEndpoint = acl_subnet: acl_peerFrom: acl_peerTo:
|
|
|
|
let
|
|
|
|
let
|
|
|
|
peersForEndpoint = endpoint: catAttrs "name" (selectPeers (if endpoint ? match then endpoint.match else []));
|
|
|
|
peersForEndpoint = endpoint: catAttrs "name" (selectPeers (attrByPath ["match"] [] endpoint));
|
|
|
|
allPeerEndpoints = if acl_peerTo ? endpoints then
|
|
|
|
allPeerEndpoints = if acl_peerTo ? endpoints then
|
|
|
|
(filter (endpoint: elem acl_peerFrom.name (peersForEndpoint endpoint)) acl_peerTo.endpoints)
|
|
|
|
(filter (endpoint: elem acl_peerFrom.name (peersForEndpoint endpoint)) acl_peerTo.endpoints)
|
|
|
|
else [];
|
|
|
|
else [];
|
|
|
|
allGroupEndpoints = concatMap (acl_group: acl_group.endpoints) (intersectLists
|
|
|
|
allGroupEndpoints = concatMap (acl_group: attrByPath ["endpoints"] [] (groupFromName acl_group)) (intersectLists
|
|
|
|
(if acl_peerTo ? groups then acl_peerTo.groups else [])
|
|
|
|
(attrByPath ["groups"] [] acl_peerTo)
|
|
|
|
(if acl_peerFrom ? groups then acl_peerTo.groups else [])
|
|
|
|
(attrByPath ["groups"] [] acl_peerFrom)
|
|
|
|
);
|
|
|
|
);
|
|
|
|
allSubnetEndpoints = acl_subnet.endpoints;
|
|
|
|
allSubnetEndpoints = acl_subnet.endpoints;
|
|
|
|
allEndpointMatches = allSubnetEndpoints ++ allGroupEndpoints ++ allPeerEndpoints;
|
|
|
|
allEndpointMatches = allSubnetEndpoints ++ allGroupEndpoints ++ allPeerEndpoints;
|
|
|
|