Mercurial > prosody-modules
comparison mod_http_upload/mod_http_upload.lua @ 4443:0a56dc6c61af
mod_http_upload: Add access config option
| author | Nicolas Cedilnik <nicoco@nicoco.fr> |
|---|---|
| date | Tue, 16 Feb 2021 21:29:27 +0100 |
| parents | f1f796e551f1 |
| children | 342664061c9b |
comparison
equal
deleted
inserted
replaced
| 4442:74da3643c62d | 4443:0a56dc6c61af |
|---|---|
| 18 local t_insert = table.insert; | 18 local t_insert = table.insert; |
| 19 local s_upper = string.upper; | 19 local s_upper = string.upper; |
| 20 local httpserver = require "net.http.server"; | 20 local httpserver = require "net.http.server"; |
| 21 local have_id, id = pcall(require, "util.id"); -- Only available in 0.10+ | 21 local have_id, id = pcall(require, "util.id"); -- Only available in 0.10+ |
| 22 local uuid = require"util.uuid".generate; | 22 local uuid = require"util.uuid".generate; |
| 23 local jid = require "util.jid"; | |
| 23 if have_id then | 24 if have_id then |
| 24 uuid = id.medium; | 25 uuid = id.medium; |
| 25 end | 26 end |
| 26 | 27 |
| 27 local function join_path(...) -- COMPAT util.path was added in 0.10 | 28 local function join_path(...) -- COMPAT util.path was added in 0.10 |
| 30 | 31 |
| 31 -- config | 32 -- config |
| 32 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 1024 * 1024); -- 1 MB | 33 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 1024 * 1024); -- 1 MB |
| 33 local quota = module:get_option_number(module.name .. "_quota"); | 34 local quota = module:get_option_number(module.name .. "_quota"); |
| 34 local max_age = module:get_option_number(module.name .. "_expire_after"); | 35 local max_age = module:get_option_number(module.name .. "_expire_after"); |
| 36 local access = module:get_option_set(module.name .. "_access", {}); | |
| 35 | 37 |
| 36 --- sanity | 38 --- sanity |
| 37 local parser_body_limit = module:context("*"):get_option_number("http_max_content_size", 10*1024*1024); | 39 local parser_body_limit = module:context("*"):get_option_number("http_max_content_size", 10*1024*1024); |
| 38 if file_size_limit > parser_body_limit then | 40 if file_size_limit > parser_body_limit then |
| 39 module:log("warn", "%s_file_size_limit exceeds HTTP parser limit on body size, capping file size to %d B", | 41 module:log("warn", "%s_file_size_limit exceeds HTTP parser limit on body size, capping file size to %d B", |
| 167 measure_slot = module:measure("slot", "sizes"); | 169 measure_slot = module:measure("slot", "sizes"); |
| 168 end | 170 end |
| 169 | 171 |
| 170 local function handle_request(origin, stanza, xmlns, filename, filesize) | 172 local function handle_request(origin, stanza, xmlns, filename, filesize) |
| 171 local username, host = origin.username, origin.host; | 173 local username, host = origin.username, origin.host; |
| 172 -- local clients only | 174 |
| 173 if origin.type ~= "c2s" then | 175 local user_bare = jid.bare(stanza.attr.from); |
| 176 local user_host = jid.host(user_bare); | |
| 177 | |
| 178 -- local clients or whitelisted jids/hosts only | |
| 179 if not (origin.type == "c2s" or access:contains(user_bare) or access:contains(user_host)) then | |
| 174 module:log("debug", "Request for upload slot from a %s", origin.type); | 180 module:log("debug", "Request for upload slot from a %s", origin.type); |
| 175 return nil, st.error_reply(stanza, "cancel", "not-authorized"); | 181 return nil, st.error_reply(stanza, "cancel", "not-authorized"); |
| 176 end | 182 end |
| 177 -- validate | 183 -- validate |
| 178 if not filename or filename:find("/") then | 184 if not filename or filename:find("/") then |
