Matrix-Mirrors/mjolnir
1
0
Fork 0
mirror of https://github.com/matrix-org/mjolnir.git synced 2024-07-03 01:51:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

rename test->getAccess

Browse Source
This commit is contained in:
gnuxie 2022-10-17 13:25:46 +01:00
parent 951ee15ae8
commit 1ce45a98ed
2 changed files with 15 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ProtectedRooms.ts
View File

@ -374,7 +374,7 @@ export class ProtectedRooms {
}
// We don't want to ban people based on server ACL as this would flood the room with bans.
const memberAccess = this.accessControlUnit.testUserWithoutServer(member.userId);
const memberAccess = this.accessControlUnit.getAccessForUser(member.userId, "IGNORE_SERVER");
if (memberAccess.outcome === Access.Banned) {
const reason = memberAccess.rule ? memberAccess.rule.reason : '<no reason supplied>';
// We specifically use sendNotice to avoid having to escape HTML

32
src/models/AccessControlUnit.ts
View File

@ -239,35 +239,31 @@ export default class AccessControlUnit {
* @param domain The server name to test.
* @returns A description of the access that the server has.
*/
public testServer(domain: string): EntityAccess {
return this.testEntity(domain, this.serverAllows, this.serverBans);
public getAccessForServer(domain: string): EntityAccess {
return this.getAccessForEntity(domain, this.serverAllows, this.serverBans);
}
/**
* Test whether the user is allowed by the ACL unit.
* Does not test the domain of the user id.
* Get the level of access the user has for the ACL unit.
* @param mxid The user id to test.
* @param policy Whether to check the server part of the user id against server rules.
* @returns A description of the access that the user has.
*/
public testUserWithoutServer(mxid: string): EntityAccess {
return this.testEntity(mxid, this.userAllows, this.userBans);
}
/**
* Test whether the user is allowed by the ACL unit. Does take the user's server into consideration.
* @param mxid The user id to test.
* @returns A description of the access that the user or their server has.
*/
public testUser(mxid: UserID): EntityAccess {
const userAccess = this.testUserWithoutServer(mxid.toString());
public getAccessForUser(mxid: string, policy: "CHECK_SERVER" | "IGNORE_SERVER"): EntityAccess {
const userAccess = this.getAccessForEntity(mxid, this.userAllows, this.userBans);
if (userAccess.outcome === Access.Allowed) {
return this.testServer(mxid.domain);
if (policy === "IGNORE_SERVER") {
return userAccess;
} else {
const userId = new UserID(mxid);
return this.getAccessForServer(userId.domain);
}
} else {
return userAccess;
}
}
private testEntity(entity: string, allowCache: ListRuleCache, bannedCache: ListRuleCache): EntityAccess {
private getAccessForEntity(entity: string, allowCache: ListRuleCache, bannedCache: ListRuleCache): EntityAccess {
// Check if the entity is explicitly allowed.
// We have to infer that a rule exists for '*' if the allowCache is empty, otherwise you brick the ACL.
const allowRule = allowCache.test(entity);
@ -298,7 +294,7 @@ export default class AccessControlUnit {
for (const rule of allowedServers) {
acl.allowServer(rule.entity);
}
if (this.testServer(serverName).outcome === Access.NotAllowed) {
if (this.getAccessForServer(serverName).outcome === Access.NotAllowed) {
acl.allowServer(serverName);
LogService.warn('AccessControlUnit', `The server ${serverName} we are operating from was not on the allowed when constructing the server ACL, so it will be injected it into the server acl. Please check the ACL lists.`)
}