From eb2032e233e3a4e3260aac35bb59fa09dfb18877 Mon Sep 17 00:00:00 2001
From: Henrik Hautakoski <henrik.hautakoski@gmail.com>
Date: Wed, 4 Dec 2024 15:14:10 +0100
Subject: [PATCH] internal/types/blacklist.go: implement wildcard for contracts

---
 internal/types/blacklist.go      | 12 +++++++++++-
 internal/types/blacklist_test.go | 19 ++++++++++++++++++-
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/internal/types/blacklist.go b/internal/types/blacklist.go
index 24419c8..b123997 100644
--- a/internal/types/blacklist.go
+++ b/internal/types/blacklist.go
@@ -31,8 +31,18 @@ func (bl *Blacklist) Add(contract string, action string) {
 	bl.table[contract] = append(bl.table[contract], action)
 }
 
+func (bl Blacklist) list(contracts ...string) [][]string {
+	ret := [][]string{}
+	for _, contract := range contracts {
+		if v, ok := bl.table[contract]; ok {
+			ret = append(ret, v)
+		}
+	}
+	return ret
+}
+
 func (bl Blacklist) IsAllowed(contract string, action string) bool {
-	if v, ok := bl.table[contract]; ok {
+	for _, v := range bl.list(contract, "*") {
 		for _, act := range v {
 			if act == action || act == "*" {
 				return bl.isWhitelist == true
diff --git a/internal/types/blacklist_test.go b/internal/types/blacklist_test.go
index 631d329..3c6a8a8 100644
--- a/internal/types/blacklist_test.go
+++ b/internal/types/blacklist_test.go
@@ -52,20 +52,32 @@ func TestBlacklist_IsAllowed(t *testing.T) {
 func TestBlacklist_IsAllowedWildcard(t *testing.T) {
 	bl := Blacklist{
 		table: map[string][]string{
-			"mycontract": {"*"},
+			"mycontract":   {"*"},
+			"*":            {"action1", "action2"},
+			"evilcontract": {"evilaction"},
 		},
 	}
 
 	require.False(t, bl.IsAllowed("mycontract", "myaction"))
 	require.False(t, bl.IsAllowed("mycontract", "noop"))
 	require.False(t, bl.IsAllowed("mycontract", "xxx"))
+
+	// Wildcard contract
+	require.False(t, bl.IsAllowed("somecontract", "action1"))
+	require.False(t, bl.IsAllowed("someothercontract", "action1"))
+	require.False(t, bl.IsAllowed("randomcontract", "action2"))
+	require.False(t, bl.IsAllowed("evilcontract", "action2"))
+	require.False(t, bl.IsAllowed("evilcontract", "evilaction"))
+
 	require.True(t, bl.IsAllowed("xxx", "yyy"))
+	require.True(t, bl.IsAllowed("evilcontract", "alloweaction"))
 }
 
 func TestBlacklist_Whitelist(t *testing.T) {
 	bl := Blacklist{
 		table: map[string][]string{
 			"mycontract": {"myaction", "noop"},
+			"*":          {"goodaction1", "goodaction2"},
 		},
 	}
 
@@ -73,6 +85,11 @@ func TestBlacklist_Whitelist(t *testing.T) {
 
 	require.True(t, bl.IsAllowed("mycontract", "myaction"))
 	require.True(t, bl.IsAllowed("mycontract", "noop"))
+
+	// Wildcard contract
+	require.True(t, bl.IsAllowed("mycontract", "goodaction1"))
+	require.True(t, bl.IsAllowed("someothercontract", "goodaction2"))
+
 	require.False(t, bl.IsAllowed("mycontract", "xxx"))
 	require.False(t, bl.IsAllowed("xxx", "yyy"))
 }