crates/tranquil-pds/src/delegation/scopes.rs at main · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / crates / tranquil-pds / src / delegation / scopes.rs
at main 5.2 kB view raw
  1use std::collections::HashSet;
  2
  3pub struct ScopePreset {
  4    pub name: &'static str,
  5    pub label: &'static str,
  6    pub description: &'static str,
  7    pub scopes: &'static str,
  8}
  9
 10pub const SCOPE_PRESETS: &[ScopePreset] = &[
 11    ScopePreset {
 12        name: "owner",
 13        label: "Owner",
 14        description: "Full control including delegation management",
 15        scopes: "atproto",
 16    },
 17    ScopePreset {
 18        name: "admin",
 19        label: "Admin",
 20        description: "Manage account settings, post content, upload media",
 21        scopes: "atproto repo:* blob:*/* account:*?action=manage",
 22    },
 23    ScopePreset {
 24        name: "editor",
 25        label: "Editor",
 26        description: "Post content and upload media",
 27        scopes: "repo:*?action=create repo:*?action=update repo:*?action=delete blob:*/*",
 28    },
 29    ScopePreset {
 30        name: "viewer",
 31        label: "Viewer",
 32        description: "Read-only access",
 33        scopes: "",
 34    },
 35];
 36
 37pub fn intersect_scopes(requested: &str, granted: &str) -> String {
 38    if granted.is_empty() {
 39        return String::new();
 40    }
 41
 42    let requested_set: HashSet<&str> = requested.split_whitespace().collect();
 43    let granted_set: HashSet<&str> = granted.split_whitespace().collect();
 44
 45    let granted_has_atproto = granted_set.contains("atproto");
 46    let requested_has_atproto = requested_set.contains("atproto");
 47
 48    if granted_has_atproto && requested_has_atproto {
 49        return "atproto".to_string();
 50    }
 51
 52    if granted_has_atproto {
 53        return requested_set.into_iter().collect::<Vec<_>>().join(" ");
 54    }
 55
 56    if requested_has_atproto {
 57        return granted_set.into_iter().collect::<Vec<_>>().join(" ");
 58    }
 59
 60    let mut result: Vec<&str> = requested_set
 61        .iter()
 62        .filter_map(|requested_scope| {
 63            if granted_set.contains(requested_scope) {
 64                Some(*requested_scope)
 65            } else {
 66                find_matching_scope(requested_scope, &granted_set)
 67            }
 68        })
 69        .collect();
 70
 71    result.sort();
 72    result.join(" ")
 73}
 74
 75fn find_matching_scope<'a>(requested: &str, granted: &HashSet<&'a str>) -> Option<&'a str> {
 76    granted
 77        .iter()
 78        .find(|&granted_scope| scopes_compatible(granted_scope, requested))
 79        .map(|v| v as _)
 80}
 81
 82fn scopes_compatible(granted: &str, requested: &str) -> bool {
 83    if granted == requested {
 84        return true;
 85    }
 86
 87    let (granted_base, _granted_params) = split_scope(granted);
 88    let (requested_base, _requested_params) = split_scope(requested);
 89
 90    if granted_base.ends_with(":*")
 91        && requested_base.starts_with(&granted_base[..granted_base.len() - 1])
 92    {
 93        return true;
 94    }
 95
 96    if let Some(prefix) = granted_base.strip_suffix(".*")
 97        && requested_base.starts_with(prefix)
 98        && requested_base.len() > prefix.len()
 99    {
100        return true;
101    }
102
103    false
104}
105
106fn split_scope(scope: &str) -> (&str, Option<&str>) {
107    if let Some(idx) = scope.find('?') {
108        (&scope[..idx], Some(&scope[idx + 1..]))
109    } else {
110        (scope, None)
111    }
112}
113
114pub fn validate_delegation_scopes(scopes: &str) -> Result<(), String> {
115    if scopes.is_empty() {
116        return Ok(());
117    }
118
119    scopes
120        .split_whitespace()
121        .try_for_each(|scope| {
122            let (base, _) = split_scope(scope);
123            if is_valid_scope_prefix(base) {
124                Ok(())
125            } else {
126                Err(format!("Invalid scope: {}", scope))
127            }
128        })
129}
130
131fn is_valid_scope_prefix(base: &str) -> bool {
132    const VALID_PREFIXES: [&str; 7] = [
133        "atproto",
134        "repo:",
135        "blob:",
136        "rpc:",
137        "account:",
138        "identity:",
139        "transition:",
140    ];
141
142    VALID_PREFIXES
143        .iter()
144        .any(|prefix| base == prefix.trim_end_matches(':') || base.starts_with(prefix))
145}
146
147#[cfg(test)]
148mod tests {
149    use super::*;
150
151    #[test]
152    fn test_intersect_both_atproto() {
153        assert_eq!(intersect_scopes("atproto", "atproto"), "atproto");
154    }
155
156    #[test]
157    fn test_intersect_granted_atproto() {
158        let result = intersect_scopes("repo:* blob:*/*", "atproto");
159        assert!(result.contains("repo:*"));
160        assert!(result.contains("blob:*/*"));
161    }
162
163    #[test]
164    fn test_intersect_requested_atproto() {
165        let result = intersect_scopes("atproto", "repo:* blob:*/*");
166        assert!(result.contains("repo:*"));
167        assert!(result.contains("blob:*/*"));
168    }
169
170    #[test]
171    fn test_intersect_exact_match() {
172        assert_eq!(
173            intersect_scopes("repo:*?action=create", "repo:*?action=create"),
174            "repo:*?action=create"
175        );
176    }
177
178    #[test]
179    fn test_intersect_empty_granted() {
180        assert_eq!(intersect_scopes("atproto", ""), "");
181    }
182
183    #[test]
184    fn test_validate_scopes_valid() {
185        assert!(validate_delegation_scopes("atproto").is_ok());
186        assert!(validate_delegation_scopes("repo:* blob:*/*").is_ok());
187        assert!(validate_delegation_scopes("").is_ok());
188    }
189
190    #[test]
191    fn test_validate_scopes_invalid() {
192        assert!(validate_delegation_scopes("invalid:scope").is_err());
193    }
194}