* src/ejabberd_c2s.erl: Added forbidden_session_hook

* src/acl.erl: New access types: resource, resource_regexp and resource_glob * doc/guide.tex: Likewise SVN Revision: 1301
2024-11-24 16:23:40 +01:00 · 2008-04-25 09:25:31 +00:00 · 2008-04-25 09:25:31 +00:00 · c88a4650ba
commit c88a4650ba
parent b1756e8e34
4 changed files with 28 additions and 1 deletions
--- a/8
+++ b/8
@ -1,3 +1,11 @@
+2008-04-25  Badlop  <badlop@process-one.net>
+	
+	* src/ejabberd_c2s.erl: Added forbidden_session_hook
+
+	* src/acl.erl: New access types: resource, resource_regexp and
+	resource_glob
+	* doc/guide.tex: Likewise
+
 2008-04-23  Alexey Shchepin  <alexey@process-one.net>

 	* src/treap.erl: Bugfix
--- a/doc/guide.tex
+++ b/doc/guide.tex
@ -1142,6 +1142,11 @@ declarations of ACLs in the configuration file have the following syntax:
 \begin{verbatim}
 {acl, exampleorg, {server, "example.org"}}.
 \end{verbatim}
+\titem{\{resource, <resource>\}} Matches any JID with a resource
+  \term{<resource>}. Example:
+\begin{verbatim}
+{acl, mucklres, {resource, "muckl"}}.
+\end{verbatim}
 \titem{\{user\_regexp, <regexp>\}} Matches any local user with a name that
  matches \term{<regexp>} on local virtual hosts. Example:
 \begin{verbatim}
@ -1158,6 +1163,11 @@ declarations of ACLs in the configuration file have the following syntax:
 \begin{verbatim}
 {acl, icq, {server_regexp, "^icq\\."}}.
 \end{verbatim}
+\titem{\{resource\_regexp, <regexp>\}} Matches any JID with a resource that
+  matches \term{<regexp>}. Example:
+\begin{verbatim}
+{acl, icq, {resource_regexp, "^laptop\\."}}.
+\end{verbatim}
 \titem{\{node\_regexp, <user\_regexp>, <server\_regexp>\}} Matches any user
  with a name that matches \term{<user\_regexp>} at any server that matches
  \term{<server\_regexp>}. Example:
@ -1167,6 +1177,7 @@ declarations of ACLs in the configuration file have the following syntax:
 \titem{\{user\_glob, <glob>\}}
 \titem{\{user\_glob, <glob>, <server>\}}
 \titem{\{server\_glob, <glob>\}}
+\titem{\{resource\_glob, <glob>\}}
 \titem{\{node\_glob, <user\_glob>, <server\_glob>\}} This is the same as
  above. However, it uses shell glob patterns instead of regexp. These patterns
  can have the following special characters:
--- a/src/acl.erl
+++ b/src/acl.erl
@ -158,7 +158,7 @@ match_acl(ACL, JID, Host) ->
 	all -> true;
 	none -> false;
 	_ ->
-	    {User, Server, _Resource} = jlib:jid_tolower(JID),
+	    {User, Server, Resource} = jlib:jid_tolower(JID),
 	    lists:any(fun(#acl{aclspec = Spec}) ->
 			      case Spec of
 				  all ->
@ -173,6 +173,8 @@ match_acl(ACL, JID, Host) ->
 				      (U == User) andalso (S == Server);
 				  {server, S} ->
 				      S == Server;
+				  {resource, R} ->
+				      R == Resource;
 				  {user_regexp, UR} ->
 				      ((Host == Server) orelse
 				       ((Host == global) andalso
@ -183,6 +185,8 @@ match_acl(ACL, JID, Host) ->
 					  is_regexp_match(User, UR);
 				  {server_regexp, SR} ->
 				      is_regexp_match(Server, SR);
+				  {resource_regexp, RR} ->
+				      is_regexp_match(Resource, RR);
 				  {node_regexp, UR, SR} ->
 				      is_regexp_match(Server, SR) andalso
 					  is_regexp_match(User, UR);
@ -197,6 +201,8 @@ match_acl(ACL, JID, Host) ->
 					  is_glob_match(User, UR);
 				  {server_glob, SR} ->
 				      is_glob_match(Server, SR);
+				  {resource_glob, RR} ->
+				      is_glob_match(Resource, RR);
 				  {node_glob, UR, SR} ->
 				      is_glob_match(Server, SR) andalso
 					  is_glob_match(User, UR);
--- a/src/ejabberd_c2s.erl
+++ b/src/ejabberd_c2s.erl
@ -823,6 +823,8 @@ wait_for_session({xmlstreamelement, El}, StateData) ->
 				     pres_t = ?SETS:from_list(Ts1),
 				     privacy_list = PrivList});
 		_ ->
+		    ejabberd_hooks:run(forbidden_session_hook, 
+				       StateData#state.server, [JID]),
 		    ?INFO_MSG("(~w) Forbidden session for ~s",
 			      [StateData#state.socket,
 			       jlib:jid_to_string(JID)]),