@cloud-copilot/iam-simulate
Version:
Simulate evaluation of AWS IAM policies
51 lines • 1.93 kB
JavaScript
import { convertIamString } from '../../util.js';
export const Bool = {
name: 'Bool',
matches: (request, keyValue, policyValues) => {
const explains = policyValues.map((policyValue) => {
const { pattern, errors } = convertIamString(policyValue, request, {
replaceWildcards: false
});
if (errors && errors.length > 0) {
return {
value: policyValue,
matches: false,
errors
};
}
const resolvedValue = convertIamString(policyValue, request, {
replaceWildcards: false,
convertToRegex: false
});
const lowercaseResolvedValue = resolvedValue.toLowerCase();
if (lowercaseResolvedValue != 'true' && lowercaseResolvedValue != 'false') {
return {
matches: false,
value: policyValue,
errors: ['Invalid boolean pattern'],
resolvedValue: resolvedValue == policyValue ? undefined : resolvedValue
};
}
if (keyValue.toLowerCase() != 'true' && keyValue.toLowerCase() != 'false') {
return {
matches: false,
value: policyValue,
errors: [`request value '${keyValue}' is not a boolean`]
};
}
return {
matches: new RegExp(pattern, 'i').test(keyValue),
value: policyValue,
resolvedValue: resolvedValue == policyValue ? undefined : resolvedValue
};
});
return {
matches: explains.some((explain) => explain.matches),
explains
};
},
allowsVariables: true,
allowsWildcards: false,
isNegative: false
};
//# sourceMappingURL=Bool.js.map