diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | src/Sproxy/Server/DB.hs | 4 |
2 files changed, 3 insertions, 3 deletions
@@ -135,7 +135,7 @@ Keep in mind that: - HTTP methods are *case-sensitive*. - HTTP query parameters are ignored when matching a request against the rules. - Privileges are case-sensitive and treated as is. -- SQL wildcards (`_` and `%`) are supported for emails, domains, paths. +- SQL wildcards (`_` and `%`) are supported for emails, paths (this _will_ change in future versions). HTTP headers passed to the back-end server diff --git a/src/Sproxy/Server/DB.hs b/src/Sproxy/Server/DB.hs index 984d229..34d6109 100644 --- a/src/Sproxy/Server/DB.hs +++ b/src/Sproxy/Server/DB.hs @@ -66,10 +66,10 @@ userGroups db email domain path method = withResource db $ \c -> fmap SQLite.fromOnly <$> SQLite.queryNamed c [q| SELECT gm."group" FROM group_privilege gp JOIN group_member gm ON gm."group" = gp."group" WHERE :email LIKE gm.email - AND :domain LIKE gp.domain + AND gp.domain = :domain AND gp.privilege IN ( SELECT privilege FROM privilege_rule - WHERE :domain LIKE domain + WHERE domain = domain AND :path LIKE path AND method = :method ORDER BY length(path) - length(replace(path, '/', '')) DESC LIMIT 1 |