func()

in src/internal/filter/opa/opafilter.go [109:172]

• 55 lines of code
• 9 McCabe index (conditional complexity)

func (self *opaFilter) processRequest(
	ctx context.Context,
	rule rule,
	req *pb.ProcessingRequest) (*evalResult, *pb.ProcessingResponse) {
	var err error
	defer filter.RecordSpanError(ctx, &err)

	input, err := requestToInput(req)
	if err != nil {
		log.Errorf("failed to convert incoming message to policy input: %s", err)
		return nil, filter.CreateErrorProxyResponse(
			typev3.StatusCode_InternalServerError,
			"failed to convert incoming message to policy input")
	}

	log.Infof("Evaluating '%s' policy for %s '%s'", rule, self.method, self.path)
	input["context"] = self.currentRequestContext
	input["teeType"] = self.teeType
	result, err := self.eval(rule, input)
	if err != nil {
		log.Errorf("failed to evaluate query: %s", err)
		return nil, filter.CreateErrorProxyResponse(
			typev3.StatusCode_InternalServerError,
			"failed to evaluate query")
	}

	allowed, err := result.IsAllowed()
	if err != nil {
		log.Errorf("IsAllowed invocation failed: %s", err)
		return nil, filter.CreateErrorProxyResponse(
			typev3.StatusCode_InternalServerError,
			"failed to get allowed value")
	}

	if !allowed {
		return nil, disallowedResponse(ctx, result)
	}

	isImmediateResponse, err := result.IsImmediateResponse()
	if err != nil {
		log.Errorf("failed to get response body: %s", err)
		return nil, filter.CreateErrorProxyResponse(
			typev3.StatusCode_InternalServerError,
			"failed to get response body")
	}

	if isImmediateResponse {
		return nil, immediateResponse(ctx, result)
	}

	context, err := result.GetResponseContext()
	if err != nil {
		log.Errorf("failed to get response context: %s", err)
		return nil, filter.CreateErrorProxyResponse(
			typev3.StatusCode_InternalServerError,
			"failed to get response context")
	}

	if context != nil {
		self.currentRequestContext = context
	}

	return &result, nil
}