| author | Matthew Wild <mwild1@gmail.com> |
| Thu, 08 Jun 2023 16:20:42 +0100 | |
| changeset 5540 | 96dec7681af8 |
| parent 2898 | 165d2877eeac |
| child 5545 | 3804ee5117ca |
| permissions | -rw-r--r-- |
|
2898
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
local mark_storage = module:open_store("firewall_marks"); |
|
5540
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
2 |
local mark_map_storage = module:open_store("firewall_marks", "map"); |
|
2898
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
|
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
local user_sessions = prosody.hosts[module.host].sessions; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
module:hook("resource-bind", function (event) |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
local session = event.session; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
local username = session.username; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
local user = user_sessions[username]; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
local marks = user.firewall_marks; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
if not marks then |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
marks = mark_storage:get(username) or {}; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
user.firewall_marks = marks; -- luacheck: ignore 122 |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
end |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
session.firewall_marks = marks; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
end); |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
|
|
5540
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
18 |
module:hook("firewall/marked/user", function (event) |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
19 |
local user = user_sessions[event.username]; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
20 |
local marks = user and user.firewall_marks; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
21 |
if marks then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
22 |
marks[event.mark] = event.timestamp; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
23 |
end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
24 |
local ok, err = mark_map_storage:set(event.username, event.mark, event.timestamp); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
25 |
if not ok then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
26 |
module:log("error", "Failed to mark user %q with %q: %s", event.username, event.mark, err); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
27 |
end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
28 |
end, 1); |
|
2898
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
|
|
5540
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
30 |
module:hook("firewall/unmarked/user", function (event) |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
31 |
local user = user_sessions[event.username]; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
32 |
local marks = user and user.firewall_marks; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
33 |
if marks then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
34 |
marks[event.mark] = nil; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
35 |
end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
36 |
local ok, err = mark_map_storage:set(event.username, event.mark, nil); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
37 |
if not ok then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
38 |
module:log("error", "Failed to unmark user %q with %q: %s", event.username, event.mark, err); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
39 |
end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2898
diff
changeset
|
40 |
end, 1); |