yetangitu/ejabberd
1
0
Fork 0
mirror of https://github.com/processone/ejabberd synced 2025-10-06 12:00:15 +02:00
Code Issues Releases Wiki Activity

* src/ejabberd_c2s.erl: Added forbidden_session_hook

Browse source 
* src/acl.erl: New access types: resource, resource_regexp and
resource_glob
* doc/guide.tex: Likewise

SVN Revision: 1301
This commit is contained in:
Badlop 2008-04-25 09:25:31 +00:00
parent b1756e8e34
commit c88a4650ba
4 changed files with 28 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
ChangeLog
View file

@ -1,3 +1,11 @@
2008-04-25 Badlop <badlop@process-one.net>
* src/ejabberd_c2s.erl: Added forbidden_session_hook
* src/acl.erl: New access types: resource, resource_regexp and
resource_glob
* doc/guide.tex: Likewise
2008-04-23 Alexey Shchepin <alexey@process-one.net> 2008-04-23 Alexey Shchepin <alexey@process-one.net>
* src/treap.erl: Bugfix * src/treap.erl: Bugfix

11
doc/guide.tex
View file

@ -1142,6 +1142,11 @@ declarations of ACLs in the configuration file have the following syntax:
\begin{verbatim} \begin{verbatim}
{acl, exampleorg, {server, "example.org"}}. {acl, exampleorg, {server, "example.org"}}.
\end{verbatim} \end{verbatim}
\titem{\{resource, <resource>\}} Matches any JID with a resource
\term{<resource>}. Example:
\begin{verbatim}
{acl, mucklres, {resource, "muckl"}}.
\end{verbatim}
\titem{\{user\_regexp, <regexp>\}} Matches any local user with a name that \titem{\{user\_regexp, <regexp>\}} Matches any local user with a name that
matches \term{<regexp>} on local virtual hosts. Example: matches \term{<regexp>} on local virtual hosts. Example:
\begin{verbatim} \begin{verbatim}
@ -1158,6 +1163,11 @@ declarations of ACLs in the configuration file have the following syntax:
\begin{verbatim} \begin{verbatim}
{acl, icq, {server_regexp, "^icq\\."}}. {acl, icq, {server_regexp, "^icq\\."}}.
\end{verbatim} \end{verbatim}
\titem{\{resource\_regexp, <regexp>\}} Matches any JID with a resource that
matches \term{<regexp>}. Example:
\begin{verbatim}
{acl, icq, {resource_regexp, "^laptop\\."}}.
\end{verbatim}
\titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches any user \titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches any user
with a name that matches \term{<user\_regexp>} at any server that matches with a name that matches \term{<user\_regexp>} at any server that matches
\term{<server\_regexp>}. Example: \term{<server\_regexp>}. Example:
@ -1167,6 +1177,7 @@ declarations of ACLs in the configuration file have the following syntax:
\titem{\{user\_glob, <glob>\}} \titem{\{user\_glob, <glob>\}}
\titem{\{user\_glob, <glob>, <server>\}} \titem{\{user\_glob, <glob>, <server>\}}
\titem{\{server\_glob, <glob>\}} \titem{\{server\_glob, <glob>\}}
\titem{\{resource\_glob, <glob>\}}
\titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is the same as \titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is the same as
above. However, it uses shell glob patterns instead of regexp. These patterns above. However, it uses shell glob patterns instead of regexp. These patterns
can have the following special characters: can have the following special characters:

8
src/acl.erl
View file

@ -158,7 +158,7 @@ match_acl(ACL, JID, Host) ->
all -> true; all -> true;
none -> false; none -> false;
_ -> _ ->
{User, Server, _Resource} = jlib:jid_tolower(JID), {User, Server, Resource} = jlib:jid_tolower(JID),
lists:any(fun(#acl{aclspec = Spec}) -> lists:any(fun(#acl{aclspec = Spec}) ->
case Spec of case Spec of
all -> all ->
@ -173,6 +173,8 @@ match_acl(ACL, JID, Host) ->
(U == User) andalso (S == Server); (U == User) andalso (S == Server);
{server, S} -> {server, S} ->
S == Server; S == Server;
{resource, R} ->
R == Resource;
{user_regexp, UR} -> {user_regexp, UR} ->
((Host == Server) orelse ((Host == Server) orelse
((Host == global) andalso ((Host == global) andalso
@ -183,6 +185,8 @@ match_acl(ACL, JID, Host) ->
is_regexp_match(User, UR); is_regexp_match(User, UR);
{server_regexp, SR} -> {server_regexp, SR} ->
is_regexp_match(Server, SR); is_regexp_match(Server, SR);
{resource_regexp, RR} ->
is_regexp_match(Resource, RR);
{node_regexp, UR, SR} -> {node_regexp, UR, SR} ->
is_regexp_match(Server, SR) andalso is_regexp_match(Server, SR) andalso
is_regexp_match(User, UR); is_regexp_match(User, UR);
@ -197,6 +201,8 @@ match_acl(ACL, JID, Host) ->
is_glob_match(User, UR); is_glob_match(User, UR);
{server_glob, SR} -> {server_glob, SR} ->
is_glob_match(Server, SR); is_glob_match(Server, SR);
{resource_glob, RR} ->
is_glob_match(Resource, RR);
{node_glob, UR, SR} -> {node_glob, UR, SR} ->
is_glob_match(Server, SR) andalso is_glob_match(Server, SR) andalso
is_glob_match(User, UR); is_glob_match(User, UR);

2
src/ejabberd_c2s.erl
View file

@ -823,6 +823,8 @@ wait_for_session({xmlstreamelement, El}, StateData) ->
pres_t = ?SETS:from_list(Ts1), pres_t = ?SETS:from_list(Ts1),
privacy_list = PrivList}); privacy_list = PrivList});
_ -> _ ->
ejabberd_hooks:run(forbidden_session_hook,
StateData#state.server, [JID]),
?INFO_MSG("(~w) Forbidden session for ~s", ?INFO_MSG("(~w) Forbidden session for ~s",
[StateData#state.socket, [StateData#state.socket,
jlib:jid_to_string(JID)]), jlib:jid_to_string(JID)]),