static bool ApplyPolicy()

in src/oslogin_utils.cc [1288:1317]

• 23 lines of code
• 5 McCabe index (conditional complexity)

static bool ApplyPolicy(const char *user_name, string email, const char *policy, struct AuthOptions opts) {
  std::stringstream url;
  url << kMetadataServerUrl << "authorize?email=" << UrlEncode(email) << "&policy=" << policy;

  // Don't try to add fingerprint parameter to policy call if we don't have it.
  if (opts.fp_len > 0) {
    url << "&fingerprint=" << opts.fingerprint;
  }

  string response;
  long http_code = 0;
  // Invalid user, just leave from here - the principal will not be allowed/authorized.
  if (!HttpGet(url.str(), &response, &http_code)) {
    SysLogErr("Failed to validate that OS Login user %s has %s permission.", user_name, policy);
    return false;
  }

  if (http_code != 200) {
    SysLogErr("Failed to validate that OS Login user %s has %s permission; "
              "got HTTP response code: %lu", user_name, policy, http_code);
    return false;
  }

  if (!ParseJsonToSuccess(response)) {
    SysLogErr("OS Login user %s does not have %s permission.", user_name, policy);
    return false;
  }

  return true;
}