Mercurial > prosody-modules
comparison mod_firewall/conditions.lib.lua @ 947:c91cac3b823f
mod_firewall: General stanza filtering plugin with a declarative rule-based syntax
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 03 Apr 2013 16:11:20 +0100 |
| parents | |
| children | bec5b6e2eab8 |
comparison
equal
deleted
inserted
replaced
| 946:2c5430ff1c11 | 947:c91cac3b823f |
|---|---|
| 1 local condition_handlers = {}; | |
| 2 | |
| 3 local jid = require "util.jid"; | |
| 4 | |
| 5 -- Return a code string for a condition that checks whether the contents | |
| 6 -- of variable with the name 'name' matches any of the values in the | |
| 7 -- comma/space/pipe delimited list 'values'. | |
| 8 local function compile_comparison_list(name, values) | |
| 9 local conditions = {}; | |
| 10 for value in values:gmatch("[^%s,|]+") do | |
| 11 table.insert(conditions, ("%s == %q"):format(name, value)); | |
| 12 end | |
| 13 return table.concat(conditions, " or "); | |
| 14 end | |
| 15 | |
| 16 function condition_handlers.KIND(kind) | |
| 17 return compile_comparison_list("name", kind), { "name" }; | |
| 18 end | |
| 19 | |
| 20 local wildcard_equivs = { ["*"] = ".*", ["?"] = "." }; | |
| 21 | |
| 22 local function compile_jid_match_part(part, match) | |
| 23 if not match then | |
| 24 return part.." == nil" | |
| 25 end | |
| 26 local pattern = match:match("<(.*)>"); | |
| 27 -- TODO: Support Lua pattern matching (main issue syntax... << >>?) | |
| 28 if pattern then | |
| 29 if pattern ~= "*" then | |
| 30 return ("%s:match(%q)"):format(part, pattern:gsub(".", wildcard_equivs)); | |
| 31 end | |
| 32 else | |
| 33 return ("%s == %q"):format(part, match); | |
| 34 end | |
| 35 end | |
| 36 | |
| 37 local function compile_jid_match(which, match_jid) | |
| 38 local match_node, match_host, match_resource = jid.split(match_jid); | |
| 39 local conditions = { | |
| 40 compile_jid_match_part(which.."_node", match_node); | |
| 41 compile_jid_match_part(which.."_host", match_host); | |
| 42 match_resource and compile_jid_match_part(which.."_resource", match_resource) or nil; | |
| 43 }; | |
| 44 return table.concat(conditions, " and "); | |
| 45 end | |
| 46 | |
| 47 function condition_handlers.TO(to) | |
| 48 return compile_jid_match("to", to), { "split_to" }; | |
| 49 end | |
| 50 | |
| 51 function condition_handlers.FROM(from) | |
| 52 return compile_jid_match("from", from), { "split_from" }; | |
| 53 end | |
| 54 | |
| 55 function condition_handlers.TYPE(type) | |
| 56 return compile_comparison_list("type", type), { "type" }; | |
| 57 end | |
| 58 | |
| 59 function condition_handlers.ENTERING(zone) | |
| 60 return ("(zones[%q] and (zones[%q][to_host] or " | |
| 61 .."zones[%q][to] or " | |
| 62 .."zones[%q][bare_to]))" | |
| 63 ) | |
| 64 :format(zone, zone, zone, zone), { "split_to", "bare_to" }; | |
| 65 end | |
| 66 | |
| 67 function condition_handlers.LEAVING(zone) | |
| 68 return ("zones[%q] and (zones[%q][from_host] or " | |
| 69 .."(zones[%q][from] or " | |
| 70 .."zones[%q][bare_from]))") | |
| 71 :format(zone, zone, zone, zone), { "split_from", "bare_from" }; | |
| 72 end | |
| 73 | |
| 74 function condition_handlers.PAYLOAD(payload_ns) | |
| 75 return ("stanza:get_child(nil, %q)"):format(payload_ns); | |
| 76 end | |
| 77 | |
| 78 function condition_handlers.FROM_GROUP(group_name) | |
| 79 return ("group_contains(%q, bare_from)"):format(group_name), { "group_contains", "bare_from" }; | |
| 80 end | |
| 81 | |
| 82 function condition_handlers.TO_GROUP(group_name) | |
| 83 return ("group_contains(%q, bare_to)"):format(group_name), { "group_contains", "bare_to" }; | |
| 84 end | |
| 85 | |
| 86 function condition_handlers.FROM_ADMIN_OF(host) | |
| 87 return ("is_admin(bare_from, %s)"):format(host ~= "*" and host or nil), { "is_admin", "bare_from" }; | |
| 88 end | |
| 89 | |
| 90 function condition_handlers.TO_ADMIN_OF(host) | |
| 91 return ("is_admin(bare_to, %s)"):format(host ~= "*" and host or nil), { "is_admin", "bare_to" }; | |
| 92 end | |
| 93 | |
| 94 return condition_handlers; |