From 3a8da27d86058dae9e60467a08b146f9fc676736 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= Date: Tue, 21 Jun 2016 13:18:24 +0200 Subject: [PATCH] Use {access,shaper}_rules_validator in other places where access rules are used --- src/ejabberd_c2s.erl | 12 ++++-------- src/ejabberd_oauth.erl | 4 ++-- src/ejabberd_s2s.erl | 4 ++-- src/mod_announce.erl | 4 ++-- src/mod_fail2ban.erl | 4 ++-- src/mod_http_upload.erl | 4 ++-- src/mod_http_upload_quota.erl | 8 ++++---- src/mod_irc.erl | 4 ++-- src/mod_muc.erl | 16 ++++++++-------- src/mod_muc_log.erl | 2 +- src/mod_multicast.erl | 4 ++-- src/mod_offline.erl | 4 ++-- src/mod_proxy65_service.erl | 2 +- src/mod_proxy65_stream.erl | 2 +- src/mod_register.erl | 12 ++++++------ src/mod_register_web.erl | 2 +- src/mod_roster.erl | 4 ++-- 17 files changed, 44 insertions(+), 48 deletions(-) diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl index b11607237..2a1018827 100644 --- a/src/ejabberd_c2s.erl +++ b/src/ejabberd_c2s.erl @@ -259,14 +259,10 @@ close(FsmRef) -> (?GEN_FSM):send_event(FsmRef, closed). %%%---------------------------------------------------------------------- init([{SockMod, Socket}, Opts]) -> - Access = case lists:keysearch(access, 1, Opts) of - {value, {_, A}} -> A; - _ -> all - end, - Shaper = case lists:keysearch(shaper, 1, Opts) of - {value, {_, S}} -> S; - _ -> none - end, + Access = gen_mod:get_opt(access, Opts, + fun acl:access_rules_validator/1, all), + Shaper = gen_mod:get_opt(shaper, Opts, + fun acl:shaper_rules_validator/1, none), XMLSocket = case lists:keysearch(xml_socket, 1, Opts) of {value, {_, XS}} -> XS; _ -> false diff --git a/src/ejabberd_oauth.erl b/src/ejabberd_oauth.erl index d8e0a435d..1c570bcb3 100644 --- a/src/ejabberd_oauth.erl +++ b/src/ejabberd_oauth.erl @@ -130,7 +130,7 @@ authenticate_user({User, Server}, {password, Password} = Ctx) -> Access = ejabberd_config:get_option( {oauth_access, JID#jid.lserver}, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, none), case acl:match_rule(JID#jid.lserver, Access, JID) of allow -> @@ -486,5 +486,5 @@ logo() -> opt_type(oauth_expire) -> fun(I) when is_integer(I), I >= 0 -> I end; opt_type(oauth_access) -> - fun(A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; opt_type(_) -> [oauth_expire, oauth_access]. diff --git a/src/ejabberd_s2s.erl b/src/ejabberd_s2s.erl index be1ee4659..19de64adb 100644 --- a/src/ejabberd_s2s.erl +++ b/src/ejabberd_s2s.erl @@ -539,7 +539,7 @@ allow_host2(MyServer, S2SHost) -> allow_host1(MyHost, S2SHost) -> Rule = ejabberd_config:get_option( s2s_access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, all), JID = jid:make(<<"">>, S2SHost, <<"">>), case acl:match_rule(MyHost, Rule, JID) of @@ -738,5 +738,5 @@ opt_type(route_subdomains) -> (local) -> local end; opt_type(s2s_access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; opt_type(_) -> [route_subdomains, s2s_access]. diff --git a/src/mod_announce.erl b/src/mod_announce.erl index 9a9e665f5..fc57d6bd1 100644 --- a/src/mod_announce.erl +++ b/src/mod_announce.erl @@ -903,7 +903,7 @@ send_announcement_to_all(Host, SubjectS, BodyS) -> get_access(Host) -> gen_mod:get_module_opt(Host, ?MODULE, access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, none). %%------------------------------------------------------------------------- @@ -920,6 +920,6 @@ import(LServer, DBType, LA) -> Mod:import(LServer, LA). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end; mod_opt_type(_) -> [access, db_type]. diff --git a/src/mod_fail2ban.erl b/src/mod_fail2ban.erl index fed106700..f0460e704 100644 --- a/src/mod_fail2ban.erl +++ b/src/mod_fail2ban.erl @@ -167,7 +167,7 @@ code_change(_OldVsn, State, _Extra) -> %%%=================================================================== is_whitelisted(Host, Addr) -> Access = gen_mod:get_module_opt(Host, ?MODULE, access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, none), acl:match_rule(Host, Access, Addr) == allow. @@ -187,7 +187,7 @@ format_date({{Year, Month, Day}, {Hour, Minute, Second}}) -> [Hour, Minute, Second, Day, Month, Year]). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(c2s_auth_ban_lifetime) -> fun (T) when is_integer(T), T > 0 -> T end; mod_opt_type(c2s_max_auth_failures) -> diff --git a/src/mod_http_upload.erl b/src/mod_http_upload.erl index 0bb383700..a2aa75465 100644 --- a/src/mod_http_upload.erl +++ b/src/mod_http_upload.erl @@ -178,7 +178,7 @@ mod_opt_type(host) -> mod_opt_type(name) -> fun iolist_to_binary/1; mod_opt_type(access) -> - fun(A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(max_size) -> fun(I) when is_integer(I), I > 0 -> I; (infinity) -> infinity @@ -235,7 +235,7 @@ init({ServerHost, Opts}) -> fun iolist_to_binary/1, <<"HTTP File Upload">>), Access = gen_mod:get_opt(access, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:access_rules_validator/1, local), MaxSize = gen_mod:get_opt(max_size, Opts, fun(I) when is_integer(I), I > 0 -> I; diff --git a/src/mod_http_upload_quota.erl b/src/mod_http_upload_quota.erl index 4f9d95217..e08cd0b91 100644 --- a/src/mod_http_upload_quota.erl +++ b/src/mod_http_upload_quota.erl @@ -99,9 +99,9 @@ stop(ServerHost) -> -spec mod_opt_type(atom()) -> fun((term()) -> term()) | [atom()]. mod_opt_type(access_soft_quota) -> - fun(A) when is_atom(A) -> A end; + fun acl:shaper_rules_validator/1; mod_opt_type(access_hard_quota) -> - fun(A) when is_atom(A) -> A end; + fun acl:shaper_rules_validator/1; mod_opt_type(max_days) -> fun(I) when is_integer(I), I > 0 -> I; (infinity) -> infinity @@ -118,10 +118,10 @@ mod_opt_type(_) -> init({ServerHost, Opts}) -> process_flag(trap_exit, true), AccessSoftQuota = gen_mod:get_opt(access_soft_quota, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:shaper_rules_validator/1, soft_upload_quota), AccessHardQuota = gen_mod:get_opt(access_hard_quota, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:shaper_rules_validator/1, hard_upload_quota), MaxDays = gen_mod:get_opt(max_days, Opts, fun(I) when is_integer(I), I > 0 -> I; diff --git a/src/mod_irc.erl b/src/mod_irc.erl index f6487a1a9..4bcf69c3b 100644 --- a/src/mod_irc.erl +++ b/src/mod_irc.erl @@ -117,7 +117,7 @@ init([Host, Opts]) -> Mod = gen_mod:db_mod(Host, Opts, ?MODULE), Mod:init(Host, Opts), Access = gen_mod:get_opt(access, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:access_rules_validator/1, all), catch ets:new(irc_connection, [named_table, public, @@ -1252,7 +1252,7 @@ import(LServer, DBType, Data) -> Mod:import(LServer, Data). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end; mod_opt_type(default_encoding) -> fun iolist_to_binary/1; diff --git a/src/mod_muc.erl b/src/mod_muc.erl index 3d098e0d5..b46585066 100644 --- a/src/mod_muc.erl +++ b/src/mod_muc.erl @@ -193,14 +193,14 @@ init([Host, Opts]) -> clean_table_from_bad_node(node(), MyHost), mnesia:subscribe(system), Access = gen_mod:get_opt(access, Opts, - fun(A) when is_atom(A) -> A end, all), + fun acl:access_rules_validator/1, all), AccessCreate = gen_mod:get_opt(access_create, Opts, - fun(A) when is_atom(A) -> A end, all), + fun acl:access_rules_validator/1, all), AccessAdmin = gen_mod:get_opt(access_admin, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:access_rules_validator/1, none), AccessPersistent = gen_mod:get_opt(access_persistent, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:access_rules_validator/1, all), HistorySize = gen_mod:get_opt(history_size, Opts, fun(I) when is_integer(I), I>=0 -> I end, @@ -925,13 +925,13 @@ import(LServer, DBType, Data) -> Mod:import(LServer, Data). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(access_admin) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(access_create) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(access_persistent) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end; mod_opt_type(default_room_options) -> fun (L) when is_list(L) -> L end; diff --git a/src/mod_muc_log.erl b/src/mod_muc_log.erl index 1f32f6f9b..167a96e37 100644 --- a/src/mod_muc_log.erl +++ b/src/mod_muc_log.erl @@ -141,7 +141,7 @@ init([Host, Opts]) -> fun iolist_to_binary/1, false), AccessLog = gen_mod:get_opt(access_log, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:access_rules_validator/1, muc_admin), Timezone = gen_mod:get_opt(timezone, Opts, fun(local) -> local; diff --git a/src/mod_multicast.erl b/src/mod_multicast.erl index 83520c0be..cbe2a4e50 100644 --- a/src/mod_multicast.erl +++ b/src/mod_multicast.erl @@ -140,7 +140,7 @@ init([LServerS, Opts]) -> LServiceS = gen_mod:get_opt_host(LServerS, Opts, <<"multicast.@HOST@">>), Access = gen_mod:get_opt(access, Opts, - fun (A) when is_atom(A) -> A end, all), + fun acl:access_rules_validator/1, all), SLimits = build_service_limit_record(gen_mod:get_opt(limits, Opts, fun (A) when is_list(A) -> @@ -1220,7 +1220,7 @@ stj(String) -> jid:from_string(String). jts(String) -> jid:to_string(String). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(host) -> fun iolist_to_binary/1; mod_opt_type(limits) -> fun (A) when is_list(A) -> A end; diff --git a/src/mod_offline.erl b/src/mod_offline.erl index 4c71fbfbc..a794a0371 100644 --- a/src/mod_offline.erl +++ b/src/mod_offline.erl @@ -162,7 +162,7 @@ init([Host, Opts]) -> ?MODULE, handle_offline_query, IQDisc), AccessMaxOfflineMsgs = gen_mod:get_opt(access_max_user_messages, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:shaper_rules_validator/1, max_user_offline_messages), {ok, #state{host = Host, @@ -866,7 +866,7 @@ import(LServer, DBType, Data) -> Mod:import(LServer, Data). mod_opt_type(access_max_user_messages) -> - fun (A) -> A end; + fun acl:shaper_rules_validator/1; mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end; mod_opt_type(store_empty_body) -> fun (V) when is_boolean(V) -> V; diff --git a/src/mod_proxy65_service.erl b/src/mod_proxy65_service.erl index d64afa04d..7db6f9da2 100644 --- a/src/mod_proxy65_service.erl +++ b/src/mod_proxy65_service.erl @@ -260,7 +260,7 @@ parse_options(ServerHost, Opts) -> Port = gen_mod:get_opt(port, Opts, fun(P) when is_integer(P), P>0, P<65536 -> P end, 7777), - ACL = gen_mod:get_opt(access, Opts, fun(A) when is_atom(A) -> A end, + ACL = gen_mod:get_opt(access, Opts, fun acl:access_rules_validator/1, all), Name = gen_mod:get_opt(name, Opts, fun iolist_to_binary/1, <<"SOCKS5 Bytestreams">>), diff --git a/src/mod_proxy65_stream.erl b/src/mod_proxy65_stream.erl index 840173299..e6362d48c 100644 --- a/src/mod_proxy65_stream.erl +++ b/src/mod_proxy65_stream.erl @@ -83,7 +83,7 @@ init([Socket, Host, Opts]) -> (anonymous) -> anonymous end, anonymous), Shaper = gen_mod:get_opt(shaper, Opts, - fun(A) when is_atom(A) -> A end, + fun acl:shaper_rules_validator/1, none), RecvBuf = gen_mod:get_opt(recbuf, Opts, fun(I) when is_integer(I), I>0 -> I end, diff --git a/src/mod_register.erl b/src/mod_register.erl index 73a999c35..43499d2e5 100644 --- a/src/mod_register.erl +++ b/src/mod_register.erl @@ -74,7 +74,7 @@ stop(Host) -> stream_feature_register(Acc, Host) -> AF = gen_mod:get_module_opt(Host, ?MODULE, access_from, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, all), case (AF /= none) and lists:keymember(<<"mechanisms">>, 2, Acc) of true -> @@ -126,7 +126,7 @@ process_iq(From, To, RTag = fxml:get_subtag(SubEl, <<"remove">>), Server = To#jid.lserver, Access = gen_mod:get_module_opt(Server, ?MODULE, access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, all), AllowRemove = allow == acl:match_rule(Server, Access, From), @@ -402,7 +402,7 @@ try_register(User, Server, Password, SourceRaw, Lang) -> _ -> JID = jid:make(User, Server, <<"">>), Access = gen_mod:get_module_opt(Server, ?MODULE, access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, all), IPAccess = get_ip_access(Server), case {acl:match_rule(Server, Access, JID), @@ -528,7 +528,7 @@ check_from(#jid{user = <<"">>, server = <<"">>}, allow; check_from(JID, Server) -> Access = gen_mod:get_module_opt(Server, ?MODULE, access_from, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, none), acl:match_rule(Server, Access, JID). @@ -736,13 +736,13 @@ check_ip_access(IPAddress, IPAccess) -> acl:match_rule(global, IPAccess, IPAddress). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(access_from) -> fun (A) when is_atom(A) -> A end; mod_opt_type(captcha_protected) -> fun (B) when is_boolean(B) -> B end; mod_opt_type(ip_access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(iqdisc) -> fun gen_iq_handler:check_type/1; mod_opt_type(password_strength) -> fun (N) when is_number(N), N >= 0 -> N end; diff --git a/src/mod_register_web.erl b/src/mod_register_web.erl index d93140312..2b7e5f532 100644 --- a/src/mod_register_web.erl +++ b/src/mod_register_web.erl @@ -491,7 +491,7 @@ form_del_get(Host, Lang) -> %% {error, invalid_jid} register_account(Username, Host, Password) -> Access = gen_mod:get_module_opt(Host, mod_register, access, - fun(A) when is_atom(A) -> A end, + fun(A) -> A end, all), case jid:make(Username, Host, <<"">>) of error -> {error, invalid_jid}; diff --git a/src/mod_roster.erl b/src/mod_roster.erl index d66304796..f79061560 100644 --- a/src/mod_roster.erl +++ b/src/mod_roster.erl @@ -351,7 +351,7 @@ get_roster_by_jid_t(LUser, LServer, LJID) -> try_process_iq_set(From, To, #iq{sub_el = SubEl, lang = Lang} = IQ) -> #jid{server = Server} = From, - Access = gen_mod:get_module_opt(Server, ?MODULE, access, fun(A) when is_atom(A) -> A end, all), + Access = gen_mod:get_module_opt(Server, ?MODULE, access, fun(A) -> A end, all), case acl:match_rule(Server, Access, From) of deny -> Txt = <<"Denied by ACL">>, @@ -1235,7 +1235,7 @@ import(LServer, DBType, R) -> Mod:import(LServer, R). mod_opt_type(access) -> - fun (A) when is_atom(A) -> A end; + fun acl:access_rules_validator/1; mod_opt_type(db_type) -> fun(T) -> ejabberd_config:v_db(?MODULE, T) end; mod_opt_type(iqdisc) -> fun gen_iq_handler:check_type/1; mod_opt_type(managers) ->