diff --git a/internal/server/guard_init.go b/internal/server/guard_init.go index 9ccfd0188..996470c10 100644 --- a/internal/server/guard_init.go +++ b/internal/server/guard_init.go @@ -16,6 +16,10 @@ import ( var logGuardInit = logger.New("server:guard_init") +func newNoopGuard() guard.Guard { + return guard.NewNoopGuard() +} + // legacyPolicySource is returned by resolveGuardPolicy when no explicit policy // is configured and the caller should fall back to legacy session-label semantics. const legacyPolicySource = "legacy" @@ -81,7 +85,7 @@ func (us *UnifiedServer) registerGuard(serverID string) error { g, err = us.createGuardFromConfig(guardName, guardCfg) if err != nil { logger.LogWarnToServer(serverID, "difc", "Failed to create guard '%s': %v (falling back to noop)", guardName, err) - g = guard.NewNoopGuard() + g = newNoopGuard() } } else { // Guard name specified but no config found - try registered guard types @@ -89,12 +93,12 @@ func (us *UnifiedServer) registerGuard(serverID string) error { g, err = guard.CreateGuard(guardName) if err != nil { logger.LogWarnToServer(serverID, "difc", "Guard '%s' not found: %v (falling back to noop)", guardName, err) - g = guard.NewNoopGuard() + g = newNoopGuard() } } } else { // No guard configured - use noop - g = guard.NewNoopGuard() + g = newNoopGuard() } } @@ -130,7 +134,7 @@ func (us *UnifiedServer) requireGuardPolicyIfGuardEnabled(serverID string, g gua } logger.LogWarnToServer(serverID, "difc", "Guard '%s' is available but no guard policy is set; falling back to noop guard", g.Name()) - return guard.NewNoopGuard(), nil + return newNoopGuard(), nil } return g, nil @@ -211,7 +215,7 @@ func (us *UnifiedServer) logWASMGuardsDirConfiguration() { func (us *UnifiedServer) createGuardFromConfig(name string, cfg *config.GuardConfig) (guard.Guard, error) { switch cfg.Type { case "noop", "": - return guard.NewNoopGuard(), nil + return newNoopGuard(), nil case "wasm": // WASM guard loading - requires path