MCPcopy Index your code
hub / github.com/ContentSquare/chproxy / getScope

Method getScope

proxy.go:893–922  ·  view source on GitHub ↗
(req *http.Request)

Source from the content-addressed store, hash-verified

891}
892
893func (rp *reverseProxy) getScope(req *http.Request) (*scope, int, error) {
894 name, password := getAuth(req)
895 sessionId := getSessionId(req)
896 sessionTimeout := getSessionTimeout(req)
897 var (
898 u *user
899 c *cluster
900 cu *clusterUser
901 )
902
903 found, u, c, cu := rp.getUser(name, password)
904 if !found {
905 return nil, http.StatusUnauthorized, fmt.Errorf("invalid username or password for user %q", name)
906 }
907 if u.denyHTTP && req.TLS == nil {
908 return nil, http.StatusForbidden, fmt.Errorf("user %q is not allowed to access via http", u.name)
909 }
910 if u.denyHTTPS && req.TLS != nil {
911 return nil, http.StatusForbidden, fmt.Errorf("user %q is not allowed to access via https", u.name)
912 }
913 if !u.allowedNetworks.Contains(req.RemoteAddr) {
914 return nil, http.StatusForbidden, fmt.Errorf("user %q is not allowed to access", u.name)
915 }
916 if !cu.allowedNetworks.Contains(req.RemoteAddr) {
917 return nil, http.StatusForbidden, fmt.Errorf("cluster user %q is not allowed to access", cu.name)
918 }
919
920 s := newScope(req, u, c, cu, sessionId, sessionTimeout)
921 return s, 0, nil
922}

Callers 1

ServeHTTPMethod · 0.95

Calls 6

getUserMethod · 0.95
getAuthFunction · 0.85
getSessionIdFunction · 0.85
getSessionTimeoutFunction · 0.85
newScopeFunction · 0.85
ContainsMethod · 0.80

Tested by

no test coverage detected