automationPolicyIsSubset returns true if a's subjects are a subset of b's subjects.
(a, b *caddytls.AutomationPolicy)
| 1077 | // automationPolicyIsSubset returns true if a's subjects are a subset |
| 1078 | // of b's subjects. |
| 1079 | func automationPolicyIsSubset(a, b *caddytls.AutomationPolicy) bool { |
| 1080 | if len(b.SubjectsRaw) == 0 { |
| 1081 | return true |
| 1082 | } |
| 1083 | if len(a.SubjectsRaw) == 0 { |
| 1084 | return false |
| 1085 | } |
| 1086 | for _, aSubj := range a.SubjectsRaw { |
| 1087 | inSuperset := slices.ContainsFunc(b.SubjectsRaw, func(bSubj string) bool { |
| 1088 | return certmagic.MatchWildcard(aSubj, bSubj) |
| 1089 | }) |
| 1090 | if !inSuperset { |
| 1091 | return false |
| 1092 | } |
| 1093 | } |
| 1094 | return true |
| 1095 | } |
| 1096 | |
| 1097 | // automationPolicyShadows returns the index of a policy that aps[i] shadows; |
| 1098 | // in other words, for all policies after position i, if that policy covers |
no outgoing calls