ParseAllowList parses, validates, normalizes, and deduplicates a list of allow-list entries. If max is <=0, a default cap of 128 is applied.
(inputs []string, maxEntries int)
| 47 | // ParseAllowList parses, validates, normalizes, and deduplicates a list of |
| 48 | // allow-list entries. If max is <=0, a default cap of 128 is applied. |
| 49 | func ParseAllowList(inputs []string, maxEntries int) ([]AllowListElement, error) { |
| 50 | if len(inputs) == 0 { |
| 51 | return nil, nil |
| 52 | } |
| 53 | if len(inputs) > maxEntries { |
| 54 | return nil, xerrors.Errorf("allow_list has %d entries; max allowed is %d", len(inputs), maxEntries) |
| 55 | } |
| 56 | |
| 57 | elems := make([]AllowListElement, 0, len(inputs)) |
| 58 | for _, s := range inputs { |
| 59 | e, err := ParseAllowListEntry(s) |
| 60 | if err != nil { |
| 61 | return nil, err |
| 62 | } |
| 63 | // Global wildcard short-circuits |
| 64 | if e.Type == policy.WildcardSymbol && e.ID == policy.WildcardSymbol { |
| 65 | return []AllowListElement{AllowListAll()}, nil |
| 66 | } |
| 67 | elems = append(elems, e) |
| 68 | } |
| 69 | |
| 70 | return NormalizeAllowList(elems) |
| 71 | } |
| 72 | |
| 73 | // NormalizeAllowList enforces max entry limits, collapses typed wildcards, and |
| 74 | // produces a deterministic, deduplicated allow list. A global wildcard returns |