MCPcopy
hub / github.com/crowdsecurity/crowdsec / GetAllowlistsContentForAPIC

Method GetAllowlistsContentForAPIC

pkg/database/allowlists.go:366–402  ·  view source on GitHub ↗
(ctx context.Context)

Source from the content-addressed store, hash-verified

364}
365
366func (c *Client) GetAllowlistsContentForAPIC(ctx context.Context) ([]netip.Addr, []netip.Prefix, error) {
367 allowlists, err := c.ListAllowLists(ctx, true)
368 if err != nil {
369 return nil, nil, fmt.Errorf("unable to get allowlists: %w", err)
370 }
371
372 var (
373 ips []netip.Addr
374 nets []netip.Prefix
375 )
376
377 for _, allowlist := range allowlists {
378 for _, item := range allowlist.Edges.AllowlistItems {
379 if item.ExpiresAt.IsZero() || item.ExpiresAt.After(time.Now().UTC()) {
380 if strings.Contains(item.Value, "/") {
381 ipNet, err := netip.ParsePrefix(item.Value)
382 if err != nil {
383 c.Log.Errorf("unable to parse CIDR %s: %s", item.Value, err)
384 continue
385 }
386
387 nets = append(nets, ipNet)
388 } else {
389 ip, err := netip.ParseAddr(item.Value)
390 if err != nil {
391 c.Log.Errorf("unable to parse IP %s", item.Value)
392 continue
393 }
394
395 ips = append(ips, ip)
396 }
397 }
398 }
399 }
400
401 return ips, nets, nil
402}
403
404func (c *Client) ApplyAllowlistsToExistingDecisions(ctx context.Context) (int, error) {
405 // Soft delete (set expiration to now) all decisions that matches any allowlist

Callers 1

ApplyApicWhitelistsMethod · 0.80

Calls 2

ListAllowListsMethod · 0.95
IsZeroMethod · 0.80

Tested by

no test coverage detected