capability/policy/match.go

package policy

import (
	"cmp"
	"fmt"

	"github.com/ipld/go-ipld-prime"
	"github.com/ipld/go-ipld-prime/datamodel"
	"github.com/ipld/go-ipld-prime/must"

	"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"
)

// Match determines if the IPLD node matches the policy document.
func Match(policy Policy, node ipld.Node) bool {
	for _, stmt := range policy {
		ok := matchStatement(stmt, node)
		if !ok {
			return false
		}
	}
	return true
}

func matchStatement(statement Statement, node ipld.Node) bool {
	switch statement.Kind() {
	case KindEqual:
		if s, ok := statement.(EqualityStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			return datamodel.DeepEqual(s.Value(), one)
		}
	case KindGreaterThan:
		if s, ok := statement.(InequalityStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			return isOrdered(s.Value(), one, gt)
		}
	case KindGreaterThanOrEqual:
		if s, ok := statement.(InequalityStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			return isOrdered(s.Value(), one, gte)
		}
	case KindLessThan:
		if s, ok := statement.(InequalityStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			return isOrdered(s.Value(), one, lt)
		}
	case KindLessThanOrEqual:
		if s, ok := statement.(InequalityStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			return isOrdered(s.Value(), one, lte)
		}
	case KindNot:
		if s, ok := statement.(NegationStatement); ok {
			return !matchStatement(s.Value(), node)
		}
	case KindAnd:
		if s, ok := statement.(ConjunctionStatement); ok {
			for _, cs := range s.Value() {
				r := matchStatement(cs, node)
				if !r {
					return false
				}
			}
			return true
		}
	case KindOr:
		if s, ok := statement.(DisjunctionStatement); ok {
			if len(s.Value()) == 0 {
				return true
			}
			for _, cs := range s.Value() {
				r := matchStatement(cs, node)
				if r {
					return true
				}
			}
			return false
		}
	case KindLike:
		if s, ok := statement.(WildcardStatement); ok {
			one, _, err := selector.Select(s.Selector(), node)
			if err != nil || one == nil {
				return false
			}
			v, err := one.AsString()
			if err != nil {
				return false
			}
			return s.Value().Match(v)
		}
	case KindAll:
		if s, ok := statement.(QuantifierStatement); ok {
			_, many, err := selector.Select(s.Selector(), node)
			if err != nil || many == nil {
				return false
			}
			for _, n := range many {
				ok := Match(s.Value(), n)
				if !ok {
					return false
				}
			}
			return true
		}
	case KindAny:
		if s, ok := statement.(QuantifierStatement); ok {
			_, many, err := selector.Select(s.Selector(), node)
			if err != nil || many == nil {
				return false
			}
			for _, n := range many {
				ok := Match(s.Value(), n)
				if ok {
					return true
				}
			}
			return false
		}
	}
	panic(fmt.Errorf("unimplemented statement kind: %s", statement.Kind()))
}

func isOrdered(expected ipld.Node, actual ipld.Node, satisfies func(order int) bool) bool {
	if expected.Kind() == ipld.Kind_Int && actual.Kind() == ipld.Kind_Int {
		a := must.Int(actual)
		b := must.Int(expected)
		return satisfies(cmp.Compare(a, b))
	}

	if expected.Kind() == ipld.Kind_Float && actual.Kind() == ipld.Kind_Float {
		a, err := actual.AsFloat()
		if err != nil {
			panic(fmt.Errorf("extracting node float: %w", err))
		}
		b, err := expected.AsFloat()
		if err != nil {
			panic(fmt.Errorf("extracting selector float: %w", err))
		}
		return satisfies(cmp.Compare(a, b))
	}

	return false
}

func gt(order int) bool  { return order == 1 }
func gte(order int) bool { return order == 0 || order == 1 }
func lt(order int) bool  { return order == -1 }
func lte(order int) bool { return order == 0 || order == -1 }
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`package policy`

			`import (`
			`"cmp"`
			`"fmt"`

			`"github.com/ipld/go-ipld-prime"`
feat: simplify 2024-08-20 22:27:56 +02:00			`"github.com/ipld/go-ipld-prime/datamodel"`
			`"github.com/ipld/go-ipld-prime/must"`
delegation: first import with rough IPLD round-trip 2024-08-30 22:06:59 +02:00
make the go module a v1 2024-08-30 23:11:51 +02:00			`"github.com/ucan-wg/go-ucan/v1/capability/policy/selector"`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`)`

			`// Match determines if the IPLD node matches the policy document.`
feat: simplify 2024-08-20 22:27:56 +02:00			`func Match(policy Policy, node ipld.Node) bool {`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`for _, stmt := range policy {`
feat: simplify 2024-08-20 22:27:56 +02:00			`ok := matchStatement(stmt, node)`
			`if !ok {`
feat: quantification 2024-08-21 08:44:17 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`return true`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`

feat: simplify 2024-08-20 22:27:56 +02:00			`func matchStatement(statement Statement, node ipld.Node) bool {`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`switch statement.Kind() {`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindEqual:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(EqualityStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`return datamodel.DeepEqual(s.Value(), one)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindGreaterThan:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(InequalityStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: better selector 2024-08-20 15:55:04 +02:00			`return isOrdered(s.Value(), one, gt)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindGreaterThanOrEqual:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(InequalityStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: better selector 2024-08-20 15:55:04 +02:00			`return isOrdered(s.Value(), one, gte)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindLessThan:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(InequalityStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: better selector 2024-08-20 15:55:04 +02:00			`return isOrdered(s.Value(), one, lt)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindLessThanOrEqual:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(InequalityStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: better selector 2024-08-20 15:55:04 +02:00			`return isOrdered(s.Value(), one, lte)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindNot:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(NegationStatement); ok {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return !matchStatement(s.Value(), node)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindAnd:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(ConjunctionStatement); ok {`
			`for _, cs := range s.Value() {`
feat: simplify 2024-08-20 22:27:56 +02:00			`r := matchStatement(cs, node)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if !r {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`return true`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindOr:`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if s, ok := statement.(DisjunctionStatement); ok {`
feat: better selector 2024-08-20 15:55:04 +02:00			`if len(s.Value()) == 0 {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return true`
feat: better selector 2024-08-20 15:55:04 +02:00			`}`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`for _, cs := range s.Value() {`
feat: simplify 2024-08-20 22:27:56 +02:00			`r := matchStatement(cs, node)`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if r {`
feat: simplify 2024-08-20 22:27:56 +02:00			`return true`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindLike:`
feat: wildcard 2024-08-21 08:13:44 +02:00			`if s, ok := statement.(WildcardStatement); ok {`
			`one, _, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| one == nil {`
			`return false`
			`}`
			`v, err := one.AsString()`
			`if err != nil {`
			`return false`
			`}`
			`return s.Value().Match(v)`
			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindAll:`
feat: quantification 2024-08-21 08:44:17 +02:00			`if s, ok := statement.(QuantifierStatement); ok {`
			`_, many, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| many == nil {`
			`return false`
			`}`
			`for _, n := range many {`
			`ok := Match(s.Value(), n)`
			`if !ok {`
			`return false`
			`}`
			`}`
			`return true`
			`}`
capability: normal go formatting for enums 2024-09-01 17:06:21 +02:00			`case KindAny:`
feat: quantification 2024-08-21 08:44:17 +02:00			`if s, ok := statement.(QuantifierStatement); ok {`
			`_, many, err := selector.Select(s.Selector(), node)`
			`if err != nil \|\| many == nil {`
			`return false`
			`}`
			`for _, n := range many {`
			`ok := Match(s.Value(), n)`
			`if ok {`
			`return true`
			`}`
			`}`
			`return false`
			`}`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`panic(fmt.Errorf("unimplemented statement kind: %s", statement.Kind()))`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`

feat: simplify 2024-08-20 22:27:56 +02:00			`func isOrdered(expected ipld.Node, actual ipld.Node, satisfies func(order int) bool) bool {`
feat: better selector 2024-08-20 15:55:04 +02:00			`if expected.Kind() == ipld.Kind_Int && actual.Kind() == ipld.Kind_Int {`
feat: simplify 2024-08-20 22:27:56 +02:00			`a := must.Int(actual)`
			`b := must.Int(expected)`
			`return satisfies(cmp.Compare(a, b))`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`

feat: better selector 2024-08-20 15:55:04 +02:00			`if expected.Kind() == ipld.Kind_Float && actual.Kind() == ipld.Kind_Float {`
			`a, err := actual.AsFloat()`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if err != nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`panic(fmt.Errorf("extracting node float: %w", err))`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: better selector 2024-08-20 15:55:04 +02:00			`b, err := expected.AsFloat()`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`if err != nil {`
feat: simplify 2024-08-20 22:27:56 +02:00			`panic(fmt.Errorf("extracting selector float: %w", err))`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`
feat: simplify 2024-08-20 22:27:56 +02:00			`return satisfies(cmp.Compare(a, b))`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`

feat: simplify 2024-08-20 22:27:56 +02:00			`return false`
feat: add policy implementation 2024-08-19 23:16:36 +02:00			`}`

			`func gt(order int) bool { return order == 1 }`
			`func gte(order int) bool { return order == 0 \|\| order == 1 }`
			`func lt(order int) bool { return order == -1 }`
			`func lte(order int) bool { return order == 0 \|\| order == -1 }`