Comparison

mod_firewall/conditions.lib.lua @ 2594:1e1c929c1aa5

mod_firewall: Add and document CROSSING GROUPS condition
author Matthew Wild <mwild1@gmail.com>
date Fri, 03 Mar 2017 12:31:15 +0000
parent 2584:d64fc9c3cffd
child 2618:c6652d055ba3
comparison
equal deleted inserted replaced
2593:b61b0ff1c0f9 2594:1e1c929c1aa5
153 return ("group_contains(%q, bare_from)"):format(group_name), { "group_contains", "bare_from" }; 153 return ("group_contains(%q, bare_from)"):format(group_name), { "group_contains", "bare_from" };
154 end 154 end
155 155
156 function condition_handlers.TO_GROUP(group_name) 156 function condition_handlers.TO_GROUP(group_name)
157 return ("group_contains(%q, bare_to)"):format(group_name), { "group_contains", "bare_to" }; 157 return ("group_contains(%q, bare_to)"):format(group_name), { "group_contains", "bare_to" };
158 end
159
160 function condition_handlers.CROSSING_GROUPS(group_names)
161 local code = {};
162 for group_name in group_names:gmatch("([^, ][^,]+)") do
163 group_name = group_name:match("^%s*(.-)%s*$"); -- Trim leading/trailing whitespace
164 -- Just check that's it is crossing from outside group to inside group
165 table.insert(code, ("(group_contains(%q, bare_to) and group_contains(%q, bare_from))"):format(group_name, group_name))
166 end
167 return "not "..table.concat(code, " or "), { "group_contains", "bare_to", "bare_from" };
158 end 168 end
159 169
160 function condition_handlers.FROM_ADMIN_OF(host) 170 function condition_handlers.FROM_ADMIN_OF(host)
161 return ("is_admin(bare_from, %s)"):format(host ~= "*" and metaq(host) or nil), { "is_admin", "bare_from" }; 171 return ("is_admin(bare_from, %s)"):format(host ~= "*" and metaq(host) or nil), { "is_admin", "bare_from" };
162 end 172 end