mirror of
https://github.com/processone/ejabberd
synced 2025-10-06 03:50:15 +02:00
* src/ejabberd_c2s.erl: Added forbidden_session_hook
* src/acl.erl: New access types: resource, resource_regexp and resource_glob * doc/guide.tex: Likewise SVN Revision: 1301
This commit is contained in:
Badlop
parent
b1756e8e34
commit
c88a4650ba
4 changed files with 28 additions and 1 deletions
|
|
@ -1,3 +1,11 @@
|
||||||
|
2008-04-25 Badlop <badlop@process-one.net>
|
||||||
|
|
||||||
|
* src/ejabberd_c2s.erl: Added forbidden_session_hook
|
||||||
|
|
||||||
|
* src/acl.erl: New access types: resource, resource_regexp and
|
||||||
|
resource_glob
|
||||||
|
* doc/guide.tex: Likewise
|
||||||
|
|
||||||
2008-04-23 Alexey Shchepin <alexey@process-one.net>
|
2008-04-23 Alexey Shchepin <alexey@process-one.net>
|
||||||
|
|
||||||
* src/treap.erl: Bugfix
|
* src/treap.erl: Bugfix
|
||||||
|
|
|
||||||
|
|
@ -1142,6 +1142,11 @@ declarations of ACLs in the configuration file have the following syntax:
|
||||||
\begin{verbatim}
|
\begin{verbatim}
|
||||||
{acl, exampleorg, {server, "example.org"}}.
|
{acl, exampleorg, {server, "example.org"}}.
|
||||||
\end{verbatim}
|
\end{verbatim}
|
||||||
|
\titem{\{resource, <resource>\}} Matches any JID with a resource
|
||||||
|
\term{<resource>}. Example:
|
||||||
|
\begin{verbatim}
|
||||||
|
{acl, mucklres, {resource, "muckl"}}.
|
||||||
|
\end{verbatim}
|
||||||
\titem{\{user\_regexp, <regexp>\}} Matches any local user with a name that
|
\titem{\{user\_regexp, <regexp>\}} Matches any local user with a name that
|
||||||
matches \term{<regexp>} on local virtual hosts. Example:
|
matches \term{<regexp>} on local virtual hosts. Example:
|
||||||
\begin{verbatim}
|
\begin{verbatim}
|
||||||
|
|
@ -1158,6 +1163,11 @@ declarations of ACLs in the configuration file have the following syntax:
|
||||||
\begin{verbatim}
|
\begin{verbatim}
|
||||||
{acl, icq, {server_regexp, "^icq\\."}}.
|
{acl, icq, {server_regexp, "^icq\\."}}.
|
||||||
\end{verbatim}
|
\end{verbatim}
|
||||||
|
\titem{\{resource\_regexp, <regexp>\}} Matches any JID with a resource that
|
||||||
|
matches \term{<regexp>}. Example:
|
||||||
|
\begin{verbatim}
|
||||||
|
{acl, icq, {resource_regexp, "^laptop\\."}}.
|
||||||
|
\end{verbatim}
|
||||||
\titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches any user
|
\titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches any user
|
||||||
with a name that matches \term{<user\_regexp>} at any server that matches
|
with a name that matches \term{<user\_regexp>} at any server that matches
|
||||||
\term{<server\_regexp>}. Example:
|
\term{<server\_regexp>}. Example:
|
||||||
|
|
@ -1167,6 +1177,7 @@ declarations of ACLs in the configuration file have the following syntax:
|
||||||
\titem{\{user\_glob, <glob>\}}
|
\titem{\{user\_glob, <glob>\}}
|
||||||
\titem{\{user\_glob, <glob>, <server>\}}
|
\titem{\{user\_glob, <glob>, <server>\}}
|
||||||
\titem{\{server\_glob, <glob>\}}
|
\titem{\{server\_glob, <glob>\}}
|
||||||
|
\titem{\{resource\_glob, <glob>\}}
|
||||||
\titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is the same as
|
\titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is the same as
|
||||||
above. However, it uses shell glob patterns instead of regexp. These patterns
|
above. However, it uses shell glob patterns instead of regexp. These patterns
|
||||||
can have the following special characters:
|
can have the following special characters:
|
||||||
|
|
|
||||||
|
|
@ -158,7 +158,7 @@ match_acl(ACL, JID, Host) ->
|
||||||
all -> true;
|
all -> true;
|
||||||
none -> false;
|
none -> false;
|
||||||
_ ->
|
_ ->
|
||||||
{User, Server, _Resource} = jlib:jid_tolower(JID),
|
{User, Server, Resource} = jlib:jid_tolower(JID),
|
||||||
lists:any(fun(#acl{aclspec = Spec}) ->
|
lists:any(fun(#acl{aclspec = Spec}) ->
|
||||||
case Spec of
|
case Spec of
|
||||||
all ->
|
all ->
|
||||||
|
|
@ -173,6 +173,8 @@ match_acl(ACL, JID, Host) ->
|
||||||
(U == User) andalso (S == Server);
|
(U == User) andalso (S == Server);
|
||||||
{server, S} ->
|
{server, S} ->
|
||||||
S == Server;
|
S == Server;
|
||||||
|
{resource, R} ->
|
||||||
|
R == Resource;
|
||||||
{user_regexp, UR} ->
|
{user_regexp, UR} ->
|
||||||
((Host == Server) orelse
|
((Host == Server) orelse
|
||||||
((Host == global) andalso
|
((Host == global) andalso
|
||||||
|
|
@ -183,6 +185,8 @@ match_acl(ACL, JID, Host) ->
|
||||||
is_regexp_match(User, UR);
|
is_regexp_match(User, UR);
|
||||||
{server_regexp, SR} ->
|
{server_regexp, SR} ->
|
||||||
is_regexp_match(Server, SR);
|
is_regexp_match(Server, SR);
|
||||||
|
{resource_regexp, RR} ->
|
||||||
|
is_regexp_match(Resource, RR);
|
||||||
{node_regexp, UR, SR} ->
|
{node_regexp, UR, SR} ->
|
||||||
is_regexp_match(Server, SR) andalso
|
is_regexp_match(Server, SR) andalso
|
||||||
is_regexp_match(User, UR);
|
is_regexp_match(User, UR);
|
||||||
|
|
@ -197,6 +201,8 @@ match_acl(ACL, JID, Host) ->
|
||||||
is_glob_match(User, UR);
|
is_glob_match(User, UR);
|
||||||
{server_glob, SR} ->
|
{server_glob, SR} ->
|
||||||
is_glob_match(Server, SR);
|
is_glob_match(Server, SR);
|
||||||
|
{resource_glob, RR} ->
|
||||||
|
is_glob_match(Resource, RR);
|
||||||
{node_glob, UR, SR} ->
|
{node_glob, UR, SR} ->
|
||||||
is_glob_match(Server, SR) andalso
|
is_glob_match(Server, SR) andalso
|
||||||
is_glob_match(User, UR);
|
is_glob_match(User, UR);
|
||||||
|
|
|
||||||
|
|
@ -823,6 +823,8 @@ wait_for_session({xmlstreamelement, El}, StateData) ->
|
||||||
pres_t = ?SETS:from_list(Ts1),
|
pres_t = ?SETS:from_list(Ts1),
|
||||||
privacy_list = PrivList});
|
privacy_list = PrivList});
|
||||||
_ ->
|
_ ->
|
||||||
|
ejabberd_hooks:run(forbidden_session_hook,
|
||||||
|
StateData#state.server, [JID]),
|
||||||
?INFO_MSG("(~w) Forbidden session for ~s",
|
?INFO_MSG("(~w) Forbidden session for ~s",
|
||||||
[StateData#state.socket,
|
[StateData#state.socket,
|
||||||
jlib:jid_to_string(JID)]),
|
jlib:jid_to_string(JID)]),
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue