From df74a7fce6cc189dff389b6333d0088b8acd2c1a Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 24 Jul 2025 12:47:32 -0500
Subject: Implement check function.

---
 gn_libs/privileges.py | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/gn_libs/privileges.py b/gn_libs/privileges.py
index cd77f10..ad813da 100644
--- a/gn_libs/privileges.py
+++ b/gn_libs/privileges.py
@@ -1,5 +1,6 @@
 """Utilities for handling privileges."""
 import logging
+from functools import reduce
 from typing import Union, Sequence, Iterator, TypeAlias
 
 logger = logging.getLogger(__name__)
@@ -137,8 +138,24 @@ def parse(spec: str) -> ParseTree:
     return __parse_tree__(__tokenise__(spec))
 
 
+def __make_checker__(check_fn):
+    def __checker__(privileges, *checks):
+        def __check__(acc, curr):
+            if curr[0] in _OPERATORS_:
+                return acc + (_OPERATOR_FUNCTION_[curr[0]](
+                    privileges, *curr[1:]),)
+            return acc + (check_fn((priv in privileges) for priv in curr),)
+        results = reduce(__check__, checks, tuple())
+        return len(results) > 0 and check_fn(results)
+
+    return __checker__
+
+
+_OPERATOR_FUNCTION_ = {
+    "OR": __make_checker__(any),
+    "AND": __make_checker__(all)
+}
 def check(spec: str, privileges: tuple[str, ...]) -> bool:
     """Check that the sequence of `privileges` satisfies `spec`."""
-    _spec = spec
-    _privs = privileges
-    return False
+    _spec = parse(spec)
+    return _OPERATOR_FUNCTION_[_spec[0]](privileges, *_spec[1:])
-- 
cgit v1.2.3