alyxb/mycorrhiza
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement white list

Browse Source
This commit is contained in:
bouncepaw 2021-07-14 21:30:30 +00:00
parent 5e450612a1
commit 7a6808ed1d
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cfg/config.go
View File

@ -30,6 +30,8 @@ var (
AllowRegistration bool AllowRegistration bool
RegistrationLimit uint64 RegistrationLimit uint64
Locked bool Locked bool
UseWhiteList bool
WhiteList []string
CommonScripts []string CommonScripts []string
ViewScripts []string ViewScripts []string
@ -89,6 +91,8 @@ type Authorization struct {
AllowRegistration bool AllowRegistration bool
RegistrationLimit uint64 `comment:"This field controls the maximum amount of allowed registrations."` RegistrationLimit uint64 `comment:"This field controls the maximum amount of allowed registrations."`
Locked bool `comment:"Set if users have to authorize to see anything on the wiki."` Locked bool `comment:"Set if users have to authorize to see anything on the wiki."`
UseWhiteList bool `comment:"If true, WhiteList is used. Else it is not used."`
WhiteList []string `delim:"," comment:"Usernames of people who can log in to your wiki separated by comma."`
} }
// Telegram is the section of Config that sets Telegram authorization. // Telegram is the section of Config that sets Telegram authorization.
@ -117,6 +121,8 @@ func ReadConfigFile(path string) error {
AllowRegistration: false, AllowRegistration: false,
RegistrationLimit: 0, RegistrationLimit: 0,
Locked: false, Locked: false,
UseWhiteList: false,
WhiteList: []string{},
}, },
CustomScripts: CustomScripts{ CustomScripts: CustomScripts{
CommonScripts: []string{}, CommonScripts: []string{},
@ -171,6 +177,8 @@ func ReadConfigFile(path string) error {
AllowRegistration = cfg.AllowRegistration AllowRegistration = cfg.AllowRegistration
RegistrationLimit = cfg.RegistrationLimit RegistrationLimit = cfg.RegistrationLimit
Locked = cfg.Locked && cfg.UseAuth // Makes no sense to have the lock but no auth Locked = cfg.Locked && cfg.UseAuth // Makes no sense to have the lock but no auth
UseWhiteList = cfg.UseWhiteList
WhiteList = cfg.WhiteList
CommonScripts = cfg.CommonScripts CommonScripts = cfg.CommonScripts
ViewScripts = cfg.ViewScripts ViewScripts = cfg.ViewScripts
EditScripts = cfg.EditScripts EditScripts = cfg.EditScripts

14
util/util.go
View File

@ -77,7 +77,19 @@ func IsCanonicalName(name string) bool {
// IsPossibleUsername is true if the given username is ok. Same as IsCanonicalName, but cannot have / in it and cannot be equal to "anon" or "wikimind" // IsPossibleUsername is true if the given username is ok. Same as IsCanonicalName, but cannot have / in it and cannot be equal to "anon" or "wikimind"
func IsPossibleUsername(username string) bool { func IsPossibleUsername(username string) bool {
return username != "anon" && username != "wikimind" && usernamePattern.MatchString(strings.TrimSpace(username)) return username != "anon" && username != "wikimind" && usernameIsWhiteListed(username) && usernamePattern.MatchString(strings.TrimSpace(username))
}
func usernameIsWhiteListed(username string) bool {
if !cfg.UseWhiteList {
return true
}
for _, allowedUsername := range cfg.WhiteList {
if allowedUsername == username {
return true
}
}
return false
} }
// HyphaNameFromRq extracts hypha name from http request. You have to also pass the action which is embedded in the url or several actions. For url /hypha/hypha, the action would be "hypha". // HyphaNameFromRq extracts hypha name from http request. You have to also pass the action which is embedded in the url or several actions. For url /hypha/hypha, the action would be "hypha".