(ctx context.Context)
| 364 | } |
| 365 | |
| 366 | func (c *Client) GetAllowlistsContentForAPIC(ctx context.Context) ([]netip.Addr, []netip.Prefix, error) { |
| 367 | allowlists, err := c.ListAllowLists(ctx, true) |
| 368 | if err != nil { |
| 369 | return nil, nil, fmt.Errorf("unable to get allowlists: %w", err) |
| 370 | } |
| 371 | |
| 372 | var ( |
| 373 | ips []netip.Addr |
| 374 | nets []netip.Prefix |
| 375 | ) |
| 376 | |
| 377 | for _, allowlist := range allowlists { |
| 378 | for _, item := range allowlist.Edges.AllowlistItems { |
| 379 | if item.ExpiresAt.IsZero() || item.ExpiresAt.After(time.Now().UTC()) { |
| 380 | if strings.Contains(item.Value, "/") { |
| 381 | ipNet, err := netip.ParsePrefix(item.Value) |
| 382 | if err != nil { |
| 383 | c.Log.Errorf("unable to parse CIDR %s: %s", item.Value, err) |
| 384 | continue |
| 385 | } |
| 386 | |
| 387 | nets = append(nets, ipNet) |
| 388 | } else { |
| 389 | ip, err := netip.ParseAddr(item.Value) |
| 390 | if err != nil { |
| 391 | c.Log.Errorf("unable to parse IP %s", item.Value) |
| 392 | continue |
| 393 | } |
| 394 | |
| 395 | ips = append(ips, ip) |
| 396 | } |
| 397 | } |
| 398 | } |
| 399 | } |
| 400 | |
| 401 | return ips, nets, nil |
| 402 | } |
| 403 | |
| 404 | func (c *Client) ApplyAllowlistsToExistingDecisions(ctx context.Context) (int, error) { |
| 405 | // Soft delete (set expiration to now) all decisions that matches any allowlist |
no test coverage detected