From bab21a9baedbe2b71849617d6e4a20903e628490 Mon Sep 17 00:00:00 2001
From: Frank Villaro-Dixon <frank@villaro-dixon.eu>
Date: Tue, 28 May 2024 12:26:40 +0200
Subject: [PATCH] cfg: add read/write opts

Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu>
---
 example-cfg.yml | 28 +++++++++++++++++++++++++++-
 src/config.rs   | 36 +++++++++++++++++++++++++++++++-----
 2 files changed, 58 insertions(+), 6 deletions(-)

diff --git a/example-cfg.yml b/example-cfg.yml
index 3e67fc2..e45768d 100644
--- a/example-cfg.yml
+++ b/example-cfg.yml
@@ -1,11 +1,14 @@
 clients:
+  # Exclusive writers
   - name: pyranometer
-    metrics:
+    write_metrics:
     - irradiance
     - temperature
     auth:
       type: sha256
       hash: ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb # a
+
+  # Reader and writer on the same metric
   - name: tgbt
     metrics:
     - testproxy.*
@@ -13,6 +16,29 @@ clients:
       type: sha256
       hash: ac790471b321143716e7773d589af923236ebdd435ba17c671df3558becc5154 # 7a5becc5b5bb581522fd0bb8891bb99a70275620
 
+  # Reader and writer on different metrics
+  - name: tgbt
+    write_metrics:
+    - barfoo
+    read_metrics:
+    - foobar.*
+    auth:
+      # ...
+
+  # Reader only
+  - name: consumer
+    read_metrics:
+    - irradiance
+    auth:
+      # ...
+
+  # Anonymous login
+  - name: public_consumer
+    read_metrics:
+    - weather.*
+    auth:
+      type: anonymous
+
 
 config:
   opentsdb:
diff --git a/src/config.rs b/src/config.rs
index cb85075..875be10 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -15,8 +15,13 @@ pub struct Config {
 #[derive(Debug, Deserialize, Clone)]
 pub struct Client {
     pub name: String,
+    #[serde(default)]
     pub metrics: Vec<String>,
-    pub auth: Auth,
+    #[serde(default)]
+    pub read_metrics: Vec<String>,
+    #[serde(default)]
+    pub write_metrics: Vec<String>,
+    pub auth: Option<Auth>,
 }
 
 impl Client {
@@ -26,6 +31,24 @@ impl Client {
                 return true;
             }
         }
+        for m in &self.write_metrics {
+            if glob_match(m, metric) {
+                return true;
+            }
+        }
+        false
+    }
+    pub fn can_read(&self, metric: &str) -> bool {
+        for m in &self.metrics {
+            if glob_match(m, metric) {
+                return true;
+            }
+        }
+        for m in &self.read_metrics {
+            if glob_match(m, metric) {
+                return true;
+            }
+        }
         false
     }
 }
@@ -34,7 +57,7 @@ impl Client {
 pub struct Auth {
     #[serde(rename = "type")]
     pub auth_type: String,
-    pub hash: String,
+    pub hash: Option<String>,
 }
 
 impl Auth {
@@ -44,7 +67,10 @@ impl Auth {
                 let mut hasher = Sha256::new();
                 hasher.update(token);
                 let result = hasher.finalize();
-                format!("{:x}", result) == self.hash
+                if let Some(hash) = &self.hash {
+                    return format!("{:x}", result) == *hash;
+                }
+                false
             }
             _ => false,
         }
@@ -81,7 +107,7 @@ fn default_opentsdb_url() -> String {
 
 pub fn load_config_file(filename: &str) -> Config {
     let yaml_content = fs::read_to_string(filename)
-        .unwrap_or_else(|_| panic!("Unable to read config file {}", filename));
+        .unwrap_or_else(|_| panic!("Unable to read config file `{}`", filename));
     let config: Config = serde_yaml::from_str(&yaml_content).expect("Unable to parse YAML");
     config
 }
@@ -89,5 +115,5 @@ pub fn load_config_file(filename: &str) -> Config {
 pub fn try_authenticate_client<'a>(clients: &'a [Client], token: &str) -> Option<&'a Client> {
     clients
         .iter()
-        .find(|client| client.auth.is_valid_token(token))
+        .find(|client| client.auth.is_some() && client.auth.as_ref().unwrap().is_valid_token(token))
 }