bugfix: use my regex license to allow placeholders in route perms

devflowinc · Dec 17, 2024 · 90fe0a1 · 90fe0a1
1 parent 5a899ca
commit 90fe0a1
Showing 1 changed file with 21 additions and 2 deletions.
diff --git a/server/src/middleware/auth_middleware.rs b/server/src/middleware/auth_middleware.rs
@@ -121,10 +121,29 @@ where
                             }
                         }
 
-                        let route = format!("{} {}", req.method(), req.match_info().as_str());
+                        let curly_matcher =
+                            regex::Regex::new(r"\{[a-zA-Z0-9_-]+\}").expect("Valid regex");
 
+                        let route = format!("{} {}", req.method(), req.match_info().as_str());
                         if let Some(api_key_scopes) = user_api_key.scopes {
-                            if !api_key_scopes.is_empty() && api_key_scopes.contains(&Some(route)) {
+                            if !api_key_scopes.is_empty()
+                                && (api_key_scopes.contains(&Some(route.clone()))
+                                    || api_key_scopes
+                                        .iter()
+                                        .filter_map(|scope| scope.as_ref())
+                                        .any(|scope| {
+                                            let wildcard_scope = curly_matcher
+                                                .replace_all(scope, "[a-zA-Z0-9_-]+")
+                                                .to_string();
+                                            if let Ok(wildcard_scope_regex) =
+                                                regex::Regex::new(&wildcard_scope)
+                                            {
+                                                wildcard_scope_regex.is_match(&route)
+                                            } else {
+                                                false
+                                            }
+                                        }))
+                            {
                                 if let Some(ref mut user) = user {
                                     user.user_orgs.iter_mut().for_each(|org| {
                                         if org.organization_id