scratchstack-aspen 0.3.1

AWS IAM policy language (Aspen) parser and internal representation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

use {
    super::variant::Variant,
    crate::{serutil::StringLikeList, AspenError, Context, PolicyVersion},
    scratchstack_aws_principal::SessionValue,
};

/// Boolean operation names.
pub(super) const BOOL_DISPLAY_NAMES: [&str; 2] = ["Bool", "BoolIfExists"];

pub(super) fn bool_match(
    context: &Context,
    pv: PolicyVersion,
    allowed: &StringLikeList<String>,
    value: &SessionValue,
    variant: Variant,
) -> Result<bool, AspenError> {
    match value {
        SessionValue::Null => Ok(variant.if_exists()),
        SessionValue::Bool(value) => {
            let mut allowed_bool = Vec::with_capacity(2);
            for el in allowed.iter() {
                let el = match pv {
                    PolicyVersion::None | PolicyVersion::V2008_10_17 => el.clone(),
                    PolicyVersion::V2012_10_17 => context.subst_vars_plain(el)?,
                };

                match el.as_str() {
                    "true" => allowed_bool.push(true),
                    "false" => allowed_bool.push(false),
                    _ => (),
                }
            }
            Ok(allowed_bool.contains(value))
        }
        _ => Ok(false),
    }
}