diff options
author | Kim Alvefur <zash@zash.se> | 2021-01-26 14:39:11 +0100 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2021-01-26 14:39:11 +0100 |
commit | 112b174e2d4449c81ad51acad7db7a8057e95ab9 (patch) | |
tree | 5a9256c8b6d5e5d5d03c02de03b9afe074d383c3 /plugins | |
parent | c26e8b48981a515b9b0b081f37a8412f9558c894 (diff) | |
download | prosody-112b174e2d4449c81ad51acad7db7a8057e95ab9.tar.gz prosody-112b174e2d4449c81ad51acad7db7a8057e95ab9.zip |
mod_http_file_share: Add basic access control
Partly lifted from mod_external_services
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_http_file_share.lua | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/plugins/mod_http_file_share.lua b/plugins/mod_http_file_share.lua index c6091bd0..8f230ef4 100644 --- a/plugins/mod_http_file_share.lua +++ b/plugins/mod_http_file_share.lua @@ -28,12 +28,18 @@ local uploads = module:open_store("uploads", "archive"); local secret = module:get_option_string(module.name.."_secret", require"util.id".long()); local external_base_url = module:get_option_string(module.name .. "_base_url"); +local access = module:get_option_set(module.name .. "_access", {}); + if not external_base_url then module:depends("http"); end function may_upload(uploader, filename, filesize, filetype) -- > boolean, error - -- TODO authz + local uploader_host = jid.host(uploader); + if not ((access:empty() and prosody.hosts[uploader_host]) or access:contains(uploader) or access:contains(uploader_host)) then + return false; + end + return true; end |