diff options
author | Mickael Remond <mremond@process-one.net> | 2016-04-08 19:45:25 +0200 |
---|---|---|
committer | Mickael Remond <mremond@process-one.net> | 2016-04-08 19:45:25 +0200 |
commit | 127342449ec9e0302ef662c815dd062721941c92 (patch) | |
tree | efc5d02e4e32ef81ea62f35995cf0c1c61fa6dc7 /src/acl.erl | |
parent | Add TODO to improve ACL (diff) |
Allow testing user pattern directly in access rules
Diffstat (limited to 'src/acl.erl')
-rw-r--r-- | src/acl.erl | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/src/acl.erl b/src/acl.erl index 58b80b6a..06202c67 100644 --- a/src/acl.erl +++ b/src/acl.erl @@ -31,7 +31,7 @@ -export([start/0, to_record/3, add/3, add_list/3, add_local/3, add_list_local/3, load_from_config/0, - match_rule/3, match_acl/3, transform_options/1, + match_rule/3, match_access/4, match_acl/3, transform_options/1, opt_type/1]). -export([add_access/3, clear/0]). @@ -255,6 +255,19 @@ normalize_spec(Spec) -> end end. +-spec match_access(global | binary(), access_name(), + jid() | ljid() | inet:ip_address(), + atom()) -> any(). + +match_access(_Host, all, _JID, _Default) -> + allow; +match_access(_Host, none, _JID, _Default) -> + deny; +match_access(_Host, {user, UserPattern}, JID, Default) -> + match_user_spec({user, UserPattern}, JID, Default); +match_access(Host, AccessRule, JID, _Default) -> + match_rule(Host, AccessRule, JID). + -spec match_rule(global | binary(), access_name(), jid() | ljid() | inet:ip_address()) -> any(). @@ -357,6 +370,16 @@ match_acl(ACL, JID, Host) -> get_aclspecs(ACL, Host) -> ets:lookup(acl, {ACL, Host}) ++ ets:lookup(acl, {ACL, global}). + +match_user_spec(Spec, JID, Default) -> + case do_match_user_spec(Spec, jid:tolower(JID)) of + true -> Default; + false -> deny + end. + +do_match_user_spec({user, {U, S}}, {User, Server, _Resource}) -> + U == User andalso S == Server. + is_regexp_match(String, RegExp) -> case ejabberd_regexp:run(String, RegExp) of nomatch -> false; |