mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-24 17:29:28 +01:00
Add shorter version of some common access rules definitions
This add conversion of - allow to - allow: all and - allow: acl_name to - allow: - acl: acl_name (this works also for deny, and number in shapers)
This commit is contained in:
parent
9004608181
commit
7b308e0d41
13
src/acl.erl
13
src/acl.erl
@ -518,11 +518,16 @@ parse_ip_netmask(S) ->
|
||||
transform_access_rules_config(Config) ->
|
||||
lists:map(fun transform_access_rules_config2/1, lists:flatten(Config)).
|
||||
|
||||
transform_access_rules_config2(Type) when is_integer(Type); Type == allow; Type == deny ->
|
||||
{Type, [all]};
|
||||
transform_access_rules_config2({Type, ACL}) when is_atom(ACL) ->
|
||||
{Type, [{acl, ACL}]};
|
||||
transform_access_rules_config2({Res, Rules}) when is_list(Rules) ->
|
||||
{Res, lists:map(fun({Type, Args}) when is_list(Args) ->
|
||||
normalize_spec({Type, hd(lists:flatten(Args))});
|
||||
(V) -> normalize_spec(V)
|
||||
end, lists:flatten(Rules))};
|
||||
T = lists:map(fun({Type, Args}) when is_list(Args) ->
|
||||
normalize_spec({Type, hd(lists:flatten(Args))});
|
||||
(V) -> normalize_spec(V)
|
||||
end, lists:flatten(Rules)),
|
||||
{Res, T};
|
||||
transform_access_rules_config2({Res, Rule}) ->
|
||||
{Res, [Rule]}.
|
||||
|
||||
|
@ -302,6 +302,31 @@ defmodule ACLTest do
|
||||
assert :acl.access_matches(rules, %{usr: {"user1", "server11", "res1"}}, :global) == :deny
|
||||
assert :acl.access_matches(rules, %{usr: {"user11", "server11", "res1"}}, :global) == :deny
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands allow rule" do
|
||||
assert :acl.transform_access_rules_config([:allow]) == [{:allow, [:all]}]
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands deny rule" do
|
||||
assert :acl.transform_access_rules_config([:deny]) == [{:deny, [:all]}]
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands <integer> rule" do
|
||||
assert :acl.transform_access_rules_config([100]) == [{100, [:all]}]
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands allow: <acl_name> rule" do
|
||||
assert :acl.transform_access_rules_config([{:allow, :test1}]) == [{:allow, [{:acl, :test1}]}]
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands deny: <acl_name> rule" do
|
||||
assert :acl.transform_access_rules_config([{:deny, :test1}]) == [{:deny, [{:acl, :test1}]}]
|
||||
end
|
||||
|
||||
test "transform_access_rules_config expands integer: <acl_name> rule" do
|
||||
assert :acl.transform_access_rules_config([{100, :test1}]) == [{100, [{:acl, :test1}]}]
|
||||
end
|
||||
|
||||
## Checking ACL on both user pattern and IP
|
||||
## ========================================
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user