Chapril
/
xmpp.chapril.org-ejabberd
mirror of https://github.com/processone/ejabberd.git
24
1
Fork 0
Code Releases Activity

Use {access,shaper}_rules_validator in other places where access rules are used

This commit is contained in:
Paweł Chmielowski 2016-06-21 13:18:24 +02:00
parent 52d45604ba
commit 3a8da27d86
17 changed files with 44 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/ejabberd_c2s.erl
View File

@ -259,14 +259,10 @@ close(FsmRef) -> (?GEN_FSM):send_event(FsmRef, closed).
%%%----------------------------------------------------------------------
init([{SockMod, Socket}, Opts]) ->
Access = case lists:keysearch(access, 1, Opts) of
{value, {_, A}} -> A;
_ -> all
end,
Shaper = case lists:keysearch(shaper, 1, Opts) of
{value, {_, S}} -> S;
_ -> none
end,
Access = gen_mod:get_opt(access, Opts,
fun acl:access_rules_validator/1, all),
Shaper = gen_mod:get_opt(shaper, Opts,
fun acl:shaper_rules_validator/1, none),
XMLSocket = case lists:keysearch(xml_socket, 1, Opts) of
{value, {_, XS}} -> XS;
_ -> false

4
src/ejabberd_oauth.erl
View File

@ -130,7 +130,7 @@ authenticate_user({User, Server}, {password, Password} = Ctx) ->
Access =
ejabberd_config:get_option(
{oauth_access, JID#jid.lserver},
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
none),
case acl:match_rule(JID#jid.lserver, Access, JID) of
allow ->
@ -486,5 +486,5 @@ logo() ->
opt_type(oauth_expire) ->
fun(I) when is_integer(I), I >= 0 -> I end;
opt_type(oauth_access) ->
fun(A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
opt_type(_) -> [oauth_expire, oauth_access].

4
src/ejabberd_s2s.erl
View File

@ -539,7 +539,7 @@ allow_host2(MyServer, S2SHost) ->
allow_host1(MyHost, S2SHost) ->
Rule = ejabberd_config:get_option(
s2s_access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
all),
JID = jid:make(<<"">>, S2SHost, <<"">>),
case acl:match_rule(MyHost, Rule, JID) of
@ -738,5 +738,5 @@ opt_type(route_subdomains) ->
(local) -> local
end;
opt_type(s2s_access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
opt_type(_) -> [route_subdomains, s2s_access].

4
src/mod_announce.erl
View File

@ -903,7 +903,7 @@ send_announcement_to_all(Host, SubjectS, BodyS) ->
get_access(Host) ->
gen_mod:get_module_opt(Host, ?MODULE, access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
none).
%%-------------------------------------------------------------------------
@ -920,6 +920,6 @@ import(LServer, DBType, LA) ->
Mod:import(LServer, LA).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end;
mod_opt_type(_) -> [access, db_type].

4
src/mod_fail2ban.erl
View File

@ -167,7 +167,7 @@ code_change(_OldVsn, State, _Extra) ->
%%%===================================================================
is_whitelisted(Host, Addr) ->
Access = gen_mod:get_module_opt(Host, ?MODULE, access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
none),
acl:match_rule(Host, Access, Addr) == allow.
@ -187,7 +187,7 @@ format_date({{Year, Month, Day}, {Hour, Minute, Second}}) ->
[Hour, Minute, Second, Day, Month, Year]).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(c2s_auth_ban_lifetime) ->
fun (T) when is_integer(T), T > 0 -> T end;
mod_opt_type(c2s_max_auth_failures) ->

4
src/mod_http_upload.erl
View File

@ -178,7 +178,7 @@ mod_opt_type(host) ->
mod_opt_type(name) ->
fun iolist_to_binary/1;
mod_opt_type(access) ->
fun(A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(max_size) ->
fun(I) when is_integer(I), I > 0 -> I;
(infinity) -> infinity
@ -235,7 +235,7 @@ init({ServerHost, Opts}) ->
fun iolist_to_binary/1,
<<"HTTP File Upload">>),
Access = gen_mod:get_opt(access, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:access_rules_validator/1,
local),
MaxSize = gen_mod:get_opt(max_size, Opts,
fun(I) when is_integer(I), I > 0 -> I;

8
src/mod_http_upload_quota.erl
View File

@ -99,9 +99,9 @@ stop(ServerHost) ->
-spec mod_opt_type(atom()) -> fun((term()) -> term()) | [atom()].
mod_opt_type(access_soft_quota) ->
fun(A) when is_atom(A) -> A end;
fun acl:shaper_rules_validator/1;
mod_opt_type(access_hard_quota) ->
fun(A) when is_atom(A) -> A end;
fun acl:shaper_rules_validator/1;
mod_opt_type(max_days) ->
fun(I) when is_integer(I), I > 0 -> I;
(infinity) -> infinity
@ -118,10 +118,10 @@ mod_opt_type(_) ->
init({ServerHost, Opts}) ->
process_flag(trap_exit, true),
AccessSoftQuota = gen_mod:get_opt(access_soft_quota, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:shaper_rules_validator/1,
soft_upload_quota),
AccessHardQuota = gen_mod:get_opt(access_hard_quota, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:shaper_rules_validator/1,
hard_upload_quota),
MaxDays = gen_mod:get_opt(max_days, Opts,
fun(I) when is_integer(I), I > 0 -> I;

4
src/mod_irc.erl
View File

@ -117,7 +117,7 @@ init([Host, Opts]) ->
Mod = gen_mod:db_mod(Host, Opts, ?MODULE),
Mod:init(Host, Opts),
Access = gen_mod:get_opt(access, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:access_rules_validator/1,
all),
catch ets:new(irc_connection,
[named_table, public,
@ -1252,7 +1252,7 @@ import(LServer, DBType, Data) ->
Mod:import(LServer, Data).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end;
mod_opt_type(default_encoding) ->
fun iolist_to_binary/1;

16
src/mod_muc.erl
View File

@ -193,14 +193,14 @@ init([Host, Opts]) ->
clean_table_from_bad_node(node(), MyHost),
mnesia:subscribe(system),
Access = gen_mod:get_opt(access, Opts,
fun(A) when is_atom(A) -> A end, all),
fun acl:access_rules_validator/1, all),
AccessCreate = gen_mod:get_opt(access_create, Opts,
fun(A) when is_atom(A) -> A end, all),
fun acl:access_rules_validator/1, all),
AccessAdmin = gen_mod:get_opt(access_admin, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:access_rules_validator/1,
none),
AccessPersistent = gen_mod:get_opt(access_persistent, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:access_rules_validator/1,
all),
HistorySize = gen_mod:get_opt(history_size, Opts,
fun(I) when is_integer(I), I>=0 -> I end,
@ -925,13 +925,13 @@ import(LServer, DBType, Data) ->
Mod:import(LServer, Data).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(access_admin) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(access_create) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(access_persistent) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end;
mod_opt_type(default_room_options) ->
fun (L) when is_list(L) -> L end;

2
src/mod_muc_log.erl
View File

@ -141,7 +141,7 @@ init([Host, Opts]) ->
fun iolist_to_binary/1,
false),
AccessLog = gen_mod:get_opt(access_log, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:access_rules_validator/1,
muc_admin),
Timezone = gen_mod:get_opt(timezone, Opts,
fun(local) -> local;

4
src/mod_multicast.erl
View File

@ -140,7 +140,7 @@ init([LServerS, Opts]) ->
LServiceS = gen_mod:get_opt_host(LServerS, Opts,
<<"multicast.@HOST@">>),
Access = gen_mod:get_opt(access, Opts,
fun (A) when is_atom(A) -> A end, all),
fun acl:access_rules_validator/1, all),
SLimits =
build_service_limit_record(gen_mod:get_opt(limits, Opts,
fun (A) when is_list(A) ->
@ -1220,7 +1220,7 @@ stj(String) -> jid:from_string(String).
jts(String) -> jid:to_string(String).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(host) -> fun iolist_to_binary/1;
mod_opt_type(limits) ->
fun (A) when is_list(A) -> A end;

4
src/mod_offline.erl
View File

@ -162,7 +162,7 @@ init([Host, Opts]) ->
?MODULE, handle_offline_query, IQDisc),
AccessMaxOfflineMsgs =
gen_mod:get_opt(access_max_user_messages, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:shaper_rules_validator/1,
max_user_offline_messages),
{ok,
#state{host = Host,
@ -866,7 +866,7 @@ import(LServer, DBType, Data) ->
Mod:import(LServer, Data).
mod_opt_type(access_max_user_messages) ->
fun (A) -> A end;
fun acl:shaper_rules_validator/1;
mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end;
mod_opt_type(store_empty_body) ->
fun (V) when is_boolean(V) -> V;

2
src/mod_proxy65_service.erl
View File

@ -260,7 +260,7 @@ parse_options(ServerHost, Opts) ->
Port = gen_mod:get_opt(port, Opts,
fun(P) when is_integer(P), P>0, P<65536 -> P end,
7777),
ACL = gen_mod:get_opt(access, Opts, fun(A) when is_atom(A) -> A end,
ACL = gen_mod:get_opt(access, Opts, fun acl:access_rules_validator/1,
all),
Name = gen_mod:get_opt(name, Opts, fun iolist_to_binary/1,
<<"SOCKS5 Bytestreams">>),

2
src/mod_proxy65_stream.erl
View File

@ -83,7 +83,7 @@ init([Socket, Host, Opts]) ->
(anonymous) -> anonymous
end, anonymous),
Shaper = gen_mod:get_opt(shaper, Opts,
fun(A) when is_atom(A) -> A end,
fun acl:shaper_rules_validator/1,
none),
RecvBuf = gen_mod:get_opt(recbuf, Opts,
fun(I) when is_integer(I), I>0 -> I end,

12
src/mod_register.erl
View File

@ -74,7 +74,7 @@ stop(Host) ->
stream_feature_register(Acc, Host) ->
AF = gen_mod:get_module_opt(Host, ?MODULE, access_from,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
all),
case (AF /= none) and lists:keymember(<<"mechanisms">>, 2, Acc) of
true ->
@ -126,7 +126,7 @@ process_iq(From, To,
RTag = fxml:get_subtag(SubEl, <<"remove">>),
Server = To#jid.lserver,
Access = gen_mod:get_module_opt(Server, ?MODULE, access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
all),
AllowRemove = allow ==
acl:match_rule(Server, Access, From),
@ -402,7 +402,7 @@ try_register(User, Server, Password, SourceRaw, Lang) ->
_ ->
JID = jid:make(User, Server, <<"">>),
Access = gen_mod:get_module_opt(Server, ?MODULE, access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
all),
IPAccess = get_ip_access(Server),
case {acl:match_rule(Server, Access, JID),
@ -528,7 +528,7 @@ check_from(#jid{user = <<"">>, server = <<"">>},
allow;
check_from(JID, Server) ->
Access = gen_mod:get_module_opt(Server, ?MODULE, access_from,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
none),
acl:match_rule(Server, Access, JID).
@ -736,13 +736,13 @@ check_ip_access(IPAddress, IPAccess) ->
acl:match_rule(global, IPAccess, IPAddress).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(access_from) ->
fun (A) when is_atom(A) -> A end;
mod_opt_type(captcha_protected) ->
fun (B) when is_boolean(B) -> B end;
mod_opt_type(ip_access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(iqdisc) -> fun gen_iq_handler:check_type/1;
mod_opt_type(password_strength) ->
fun (N) when is_number(N), N >= 0 -> N end;

2
src/mod_register_web.erl
View File

@ -491,7 +491,7 @@ form_del_get(Host, Lang) ->
%% {error, invalid_jid}
register_account(Username, Host, Password) ->
Access = gen_mod:get_module_opt(Host, mod_register, access,
fun(A) when is_atom(A) -> A end,
fun(A) -> A end,
all),
case jid:make(Username, Host, <<"">>) of
error -> {error, invalid_jid};

4
src/mod_roster.erl
View File

@ -351,7 +351,7 @@ get_roster_by_jid_t(LUser, LServer, LJID) ->
try_process_iq_set(From, To, #iq{sub_el = SubEl, lang = Lang} = IQ) ->
#jid{server = Server} = From,
Access = gen_mod:get_module_opt(Server, ?MODULE, access, fun(A) when is_atom(A) -> A end, all),
Access = gen_mod:get_module_opt(Server, ?MODULE, access, fun(A) -> A end, all),
case acl:match_rule(Server, Access, From) of
deny ->
Txt = <<"Denied by ACL">>,
@ -1235,7 +1235,7 @@ import(LServer, DBType, R) ->
Mod:import(LServer, R).
mod_opt_type(access) ->
fun (A) when is_atom(A) -> A end;
fun acl:access_rules_validator/1;
mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end;
mod_opt_type(iqdisc) -> fun gen_iq_handler:check_type/1;
mod_opt_type(managers) ->