From dcebf4705dfe974746519a37570aecd7eb4e2b2c Mon Sep 17 00:00:00 2001
From: Igor Pashev <pashev.igor@gmail.com>
Date: Sun, 18 Dec 2016 14:29:18 +0300
Subject: BREAKING: no wildcards for domain names

This feature was ambiguous (in the same way as paths are)
and never used anyway.
---
 README.md               | 2 +-
 src/Sproxy/Server/DB.hs | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index e69ed6e..846af72 100644
--- a/README.md
+++ b/README.md
@@ -135,7 +135,7 @@ Keep in mind that:
 - HTTP methods are *case-sensitive*.
 - HTTP query parameters are ignored when matching a request against the rules.
 - Privileges are case-sensitive and treated as is.
-- SQL wildcards (`_` and `%`) are supported for emails, domains, paths.
+- SQL wildcards (`_` and `%`) are supported for emails, paths (this _will_ change in future versions).
 
 
 HTTP headers passed to the back-end server
diff --git a/src/Sproxy/Server/DB.hs b/src/Sproxy/Server/DB.hs
index 984d229..34d6109 100644
--- a/src/Sproxy/Server/DB.hs
+++ b/src/Sproxy/Server/DB.hs
@@ -66,10 +66,10 @@ userGroups db email domain path method =
   withResource db $ \c -> fmap SQLite.fromOnly <$> SQLite.queryNamed c [q|
       SELECT gm."group" FROM group_privilege gp JOIN group_member gm ON gm."group"  = gp."group"
       WHERE :email LIKE gm.email
-      AND :domain LIKE gp.domain
+      AND gp.domain = :domain
       AND gp.privilege IN (
         SELECT privilege FROM privilege_rule
-        WHERE :domain LIKE domain
+        WHERE domain = domain
         AND :path LIKE path
         AND method = :method
         ORDER BY length(path) - length(replace(path, '/', '')) DESC LIMIT 1
-- 
cgit v1.2.3