# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1454358291 0
# Node ID 7ba6ed553c9334bb6cd4a73a1535b2792cd61f25
# Parent  39774b078dde41b536f27456c01302bb526ef105
mod_firewall/conditions: Add FROM_EXACTLY and TO_EXACTLY

diff -r 39774b078dde -r 7ba6ed553c93 mod_firewall/README.markdown
--- a/mod_firewall/README.markdown	Sun Jan 31 12:38:51 2016 +0100
+++ b/mod_firewall/README.markdown	Mon Feb 01 20:24:51 2016 +0000
@@ -184,6 +184,16 @@
 its own, and does **not** match 'user@example.com'. To perform domain
 whitelists or blacklists, use Zones.
 
+  Condition   Matches
+  ----------- -------------------------------------------------------
+  `FROM_EXACTLY`      The JID in the 'from' attribute exactly matches the given JID
+  `TO_EXACTLY`        The JID in the 'to' attribute exactly matches the given JID
+
+These additional conditions do not support pattern matching, but are
+useful to match the exact to/from address on a stanza. For example, if
+no resource is specified then only bare JIDs will be matched. TO and FROM
+match all resources if no resource is specified to match.
+
 **Note:** Some chains execute before Prosody has performed any
 normalisation or validity checks on the to/from JIDs on an incoming
 stanza. It is not advisable to perform access control or similar rules
diff -r 39774b078dde -r 7ba6ed553c93 mod_firewall/conditions.lib.lua
--- a/mod_firewall/conditions.lib.lua	Sun Jan 31 12:38:51 2016 +0100
+++ b/mod_firewall/conditions.lib.lua	Mon Feb 01 20:24:51 2016 +0000
@@ -58,6 +58,14 @@
 	return compile_jid_match("from", from), { "split_from" };
 end
 
+function condition_handlers.FROM_EXACTLY(from)
+	return ("from == %q"):format(from), { "from" };
+end
+
+function condition_handlers.TO_EXACTLY(to)
+	return ("to == %q"):format(to), { "to" };
+end
+
 function condition_handlers.TYPE(type)
 	return compile_comparison_list("(type or (name == 'message' and 'normal') or (name == 'presence' and 'available'))", type), { "type", "name" };
 end