refactor(rules): introduce block DSL, phase-based execution, and flow validation

- add block syntax parser/scanner with nested @blocks and elif/else support - restructure rule execution into explicit pre/post phases with phase flags - classify commands by phase and termination behavior - enforce flow semantics (default rule handling, dead-rule detection) - expand HTTP flow coverage with block + YAML parity tests and benches - refresh rules README/spec and update playground/docs integration
2026-04-18 22:49:52 +02:00 · 2026-02-23 22:24:15 +08:00
parent 0850ea3918
commit faecbab2cb
34 changed files with 4691 additions and 1057 deletions
--- a/internal/route/rules/block_parser_bench_test.go
+++ b/internal/route/rules/block_parser_bench_test.go
@@ -0,0 +1,48 @@
+package rules
+
+import "testing"
+
+func BenchmarkParseBlockRules(b *testing.B) {
+	const rulesString = `
+default {
+  remove resp_header X-Secret
+  add resp_header X-Custom-Header custom-value
+}
+
+header X-Test-Header {
+  set header X-Remote-Type public
+  @remote 127.0.0.1 | remote 192.168.0.0/16 {
+    set header X-Remote-Type private
+  }
+}
+
+path glob(/api/admin/*) {
+	@cookie session-id {
+		set header X-Session-ID $cookie(session-id)
+	}
+}
+
+!remote 192.168.0.0/16 {
+  @!header X-User-Role admin & !header X-User-Role user {
+    error 403 "Access denied"
+  } elif remote 127.0.0.1 {
+    @header X-User-Role staff {
+      set header X-User-Role staff
+    }
+  } else {
+    error 403 "Access denied"
+  }
+}
+`
+
+	var rules Rules
+	err := rules.Parse(rulesString)
+	if err != nil {
+		b.Fatal(err)
+	}
+
+	for b.Loop() {
+		var rules Rules
+		_ = rules.Parse(rulesString)
+	}
+}