File size: 2,149 Bytes
a21c316 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 | use crate::proxy::config::{ProxyAuthMode, ProxyConfig, SecurityMonitorConfig};
#[derive(Debug, Clone)]
pub struct ProxySecurityConfig {
pub auth_mode: ProxyAuthMode,
pub api_key: String,
pub admin_password: Option<String>,
pub allow_lan_access: bool,
pub port: u16,
pub security_monitor: SecurityMonitorConfig,
}
impl ProxySecurityConfig {
pub fn from_proxy_config(config: &ProxyConfig) -> Self {
Self {
auth_mode: config.auth_mode.clone(),
api_key: config.api_key.clone(),
admin_password: config.admin_password.clone(),
allow_lan_access: config.allow_lan_access,
port: config.port,
security_monitor: config.security_monitor.clone(),
}
}
pub fn effective_auth_mode(&self) -> ProxyAuthMode {
match self.auth_mode {
ProxyAuthMode::Auto => {
if self.allow_lan_access {
ProxyAuthMode::AllExceptHealth
} else {
ProxyAuthMode::Off
}
}
ref other => other.clone(),
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn auto_mode_resolves_off_for_local_only() {
let s = ProxySecurityConfig {
auth_mode: ProxyAuthMode::Auto,
api_key: "sk-test".to_string(),
admin_password: None,
allow_lan_access: false,
port: 8080,
security_monitor: crate::proxy::config::SecurityMonitorConfig::default(),
};
assert!(matches!(s.effective_auth_mode(), ProxyAuthMode::Off));
}
#[test]
fn auto_mode_resolves_all_except_health_for_lan() {
let s = ProxySecurityConfig {
auth_mode: ProxyAuthMode::Auto,
api_key: "sk-test".to_string(),
admin_password: None,
allow_lan_access: true,
port: 8080,
security_monitor: crate::proxy::config::SecurityMonitorConfig::default(),
};
assert!(matches!(
s.effective_auth_mode(),
ProxyAuthMode::AllExceptHealth
));
}
}
|