Annotate

mod_firewall/marks.lib.lua @ 5841:d3b69859553a

mod_password_policy: Change error type from 'cancel' to 'modify' This makes more sense, as the problem relates to the data that has been entered, and therefore the request could be retried with different data.
author Matthew Wild <mwild1@gmail.com>
date Mon, 08 Jan 2024 17:28:39 +0000
parent 5542:048284447643
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2894
165d2877eeac mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 local mark_storage = module:open_store("firewall_marks");
5536
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
2 local mark_map_storage = module:open_store("firewall_marks", "map");
2894
165d2877eeac mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
165d2877eeac mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4 local user_sessions = prosody.hosts[module.host].sessions;
165d2877eeac mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5
5536
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
6 module:hook("firewall/marked/user", function (event)
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
7 local user = user_sessions[event.username];
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
8 local marks = user and user.firewall_marks;
5541
3804ee5117ca mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents: 5536
diff changeset
9 if user and not marks then
3804ee5117ca mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents: 5536
diff changeset
10 -- Load marks from storage to cache on the user object
3804ee5117ca mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents: 5536
diff changeset
11 marks = mark_storage:get(event.username) or {};
3804ee5117ca mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents: 5536
diff changeset
12 user.firewall_marks = marks; --luacheck: ignore 122
3804ee5117ca mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents: 5536
diff changeset
13 end
5536
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
14 if marks then
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
15 marks[event.mark] = event.timestamp;
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
16 end
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
17 local ok, err = mark_map_storage:set(event.username, event.mark, event.timestamp);
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
18 if not ok then
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
19 module:log("error", "Failed to mark user %q with %q: %s", event.username, event.mark, err);
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
20 end
5542
048284447643 mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents: 5541
diff changeset
21 return true;
048284447643 mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents: 5541
diff changeset
22 end, -1);
2894
165d2877eeac mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23
5536
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
24 module:hook("firewall/unmarked/user", function (event)
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
25 local user = user_sessions[event.username];
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
26 local marks = user and user.firewall_marks;
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
27 if marks then
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
28 marks[event.mark] = nil;
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
29 end
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
30 local ok, err = mark_map_storage:set(event.username, event.mark, nil);
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
31 if not ok then
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
32 module:log("error", "Failed to unmark user %q with %q: %s", event.username, event.mark, err);
96dec7681af8 mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents: 2894
diff changeset
33 end
5542
048284447643 mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents: 5541
diff changeset
34 return true;
048284447643 mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents: 5541
diff changeset
35 end, -1);