rusty_vault 0.2.1

RustyVault is a powerful identity-based secrets management software, providing features such as cryptographic key management, encryption as a service, public key cryptography, certificates management, identity credentials management and so forth. RustyVault's RESTful API is designed to be fully compatible with Hashicorp Vault.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

//! This module is a Rust replica of
//! https://github.com/hashicorp/vault/blob/main/sdk/helper/policyutil/policyutil.go

use super::string::remove_duplicates;

// sanitize_policies performs the common input validation tasks
// which are performed on the list of policies across RustyVault.
// The resulting collection will have no duplicate elements.
// If 'root' policy was present in the list of policies, then
// all other policies will be ignored, the result will contain
// just the 'root'. In cases where 'root' is not present, if
// 'default' policy is not already present, it will be added
// if add_default is set to true.
pub fn sanitize_policies(policies: &mut Vec<String>, add_default: bool) {
    let mut default_found = false;
    for p in policies.iter() {
        let q = p.trim().to_lowercase();
        if q.is_empty() {
            continue;
        }

        // If 'root' policy is present, ignore all other policies.
        if q == "root" {
            policies.clear();
            policies.push("root".to_string());
            default_found = true;
            break;
        }
        if q == "default" {
            default_found = true;
        }
    }

    // Always add 'default' except only if the policies contain 'root'.
    if add_default && (!default_found || policies.is_empty()) {
        policies.push("default".to_string());
    }

    remove_duplicates(policies, false, true)
}

#[cfg(test)]
mod test {
    use super::*;

    #[test]
    fn test_policy() {
        let mut policies1 = vec![
            String::from("Root"),
            String::from("root"),
            String::from("Admin"),
            String::from("Default"),
            String::from(""),
            String::from("Admin"),
        ];

        sanitize_policies(&mut policies1, true);
        assert_eq!(policies1, vec!["root".to_string()]);

        let mut policies2 = vec![
            String::from("rooot"),
            String::from("Admin"),
            String::from("Default"),
            String::from(""),
            String::from("Admin"),
        ];

        sanitize_policies(&mut policies2, true);
        assert_eq!(policies2, vec!["admin".to_string(), "default".to_string(), "rooot".to_string()]);

        let mut policies3 = vec![String::from("rooot"), String::from("Admin"), String::from(""), String::from("Admin")];

        sanitize_policies(&mut policies3, true);
        assert_eq!(policies3, vec!["admin".to_string(), "default".to_string(), "rooot".to_string()]);

        let mut policies4 = vec![String::from("")];

        sanitize_policies(&mut policies4, true);
        assert_eq!(policies4, vec!["default".to_string()]);

        let mut policies5 = Vec::new();

        sanitize_policies(&mut policies5, true);
        assert_eq!(policies5, vec!["default".to_string()]);

        let mut policies6 = Vec::new();

        sanitize_policies(&mut policies6, false);
        assert_eq!(policies6.len(), 0);

        let mut policies7 = vec![String::from("rooot"), String::from("Admin"), String::from(""), String::from("Admin")];

        sanitize_policies(&mut policies7, false);
        assert_eq!(policies7, vec!["admin".to_string(), "rooot".to_string()]);
    }
}