HEX
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
System: Windows NT website-api 10.0 build 20348 (Windows Server 2016) AMD64
User: SYSTEM (0)
PHP: 7.4.30
Disabled: NONE
$ pwd: C:/github_repos/caswaf_my/rule/
Upload Files
File: C:/github_repos/caswaf_my/rule/rule_ua.go
// Copyright 2024 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package rule

import (
	"fmt"
	"net/http"
	"regexp"
	"strings"

	"github.com/casbin/caswaf/object"
)

type UaRule struct{}

func (r *UaRule) checkRule(expressions []*object.Expression, req *http.Request) (bool, string, string, error) {
	userAgent := req.UserAgent()
	for _, expression := range expressions {
		ua := expression.Value
		reason := fmt.Sprintf("expression matched: \"%s %s %s\"", userAgent, expression.Operator, expression.Value)
		switch expression.Operator {
		case "contains":
			if strings.Contains(userAgent, ua) {
				return true, "", reason, nil
			}
		case "does not contain":
			if !strings.Contains(userAgent, ua) {
				return true, "", reason, nil
			}
		case "equals":
			if userAgent == ua {
				return true, "", reason, nil
			}
		case "does not equal":
			if strings.Compare(userAgent, ua) != 0 {
				return true, "", reason, nil
			}
		case "match":
			// regex match
			isHit, err := regexp.MatchString(ua, userAgent)
			if err != nil {
				return false, "", "", err
			}
			if isHit {
				return true, "", reason, nil
			}
		}
	}

	return false, "", "", nil
}
@ Telegram