feat: reusable rule engine to prevent memory reallocation

2024-09-24 15:46:42 +02:00
parent f37425018b
commit fea0610346
23 changed files with 885 additions and 198 deletions
--- a/internal/proxy/director/layer/authn/layer.go
+++ b/internal/proxy/director/layer/authn/layer.go
@ -74,7 +74,7 @@ func (l *Layer) Middleware(layer *store.Layer) proxy.Middleware {
 				return
 			}

-			if err := l.applyRules(r, options, user); err != nil {
+			if err := l.applyRules(ctx, r, options, user); err != nil {
 				if errors.Is(err, ErrForbidden) {
 					l.renderForbiddenPage(w, r, layer, options, user)
 					return
--- a/internal/proxy/director/layer/authn/rules.go
+++ b/internal/proxy/director/layer/authn/rules.go
@ -1,6 +1,7 @@
 package authn

 import (
+	"context"
 	"net/http"

 	"forge.cadoles.com/cadoles/bouncer/internal/rule"
@ -9,30 +10,32 @@ import (
 	"github.com/pkg/errors"
 )

-type Env struct {
+type Vars struct {
 	User *User `expr:"user"`
 }

-func (l *Layer) applyRules(r *http.Request, options *LayerOptions, user *User) error {
+func (l *Layer) applyRules(ctx context.Context, r *http.Request, options *LayerOptions, user *User) error {
 	rules := options.Rules
 	if len(rules) == 0 {
 		return nil
 	}

-	engine, err := rule.NewEngine[*Env](
+	engine, err := rule.NewEngine[*Vars](
 		rule.WithRules(options.Rules...),
 		rule.WithExpr(getAuthnAPI()...),
-		ruleHTTP.WithRequestFuncs(r),
+		ruleHTTP.WithRequestFuncs(),
 	)
 	if err != nil {
 		return errors.WithStack(err)
 	}

-	env := &Env{
+	vars := &Vars{
 		User: user,
 	}

-	if _, err := engine.Apply(env); err != nil {
+	ctx = ruleHTTP.WithRequest(ctx, r)
+
+	if _, err := engine.Apply(ctx, vars); err != nil {
 		return errors.WithStack(err)
 	}