OSDN Git Service

(root) / newslash / newslash.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c1e7235)
add banned check - if user or network is banned, redirect to /banned
authorhylom <hylom@users.sourceforge.jp>
Sat, 6 May 2017 08:03:08 +0000 (17:03 +0900)
committerhylom <hylom@users.sourceforge.jp>
Sat, 6 May 2017 08:03:08 +0000 (17:03 +0900)
src/newslash_web/lib/Newslash/Plugin/AccessControl.pm patch | blob | history
src/newslash_web/lib/Newslash/Plugin/UserAuth.pm patch | blob | history
src/newslash_web/lib/Newslash/Web.pm patch | blob | history
src/newslash_web/lib/Newslash/Web/Controller/Index.pm patch | blob | history
src/newslash_web/templates/index/banned.html.tt2 [new file with mode: 0644] patch | blob

diff --git a/src/newslash_web/lib/Newslash/Plugin/AccessControl.pm b/src/newslash_web/lib/Newslash/Plugin/AccessControl.pm
index 1f4fddb..dfb662d 100644 (file)
--- a/src/newslash_web/lib/Newslash/Plugin/AccessControl.pm
+++ b/src/newslash_web/lib/Newslash/Plugin/AccessControl.pm
@@ -1,7 +1,7 @@
 package Newslash::Plugin::AccessControl;
 use Mojo::Base 'Mojolicious::Plugin';
 use Mojo::Util qw(md5_sum dumper);
-
+use List::Util qw(any);
 use Socket;
 
 sub register {
@@ -9,10 +9,26 @@ sub register {
 
     $app->hook(around_action => sub {
                    my ($next, $c, $action, $last) = @_;
+                   my $user = $c->stash('user');
+                   my $conf = $c->app->config || {};
+                   my $acl_conf = $conf->{ACL} || {};
+                   my $the_url = $c->url_for;
+
+                   if (any { $the_url =~ m/$_/ } @{$acl_conf->{exclude}}) {
+                       return $next->();
+                   }
+
+                   # check banned
+                   if (!$user->{is_admin} && !$user->{permissions}->{access}) {
+                       $c->redirect_to('/banned');
+                       $c->res->code(307);
+                       return;
+                   }
+
+                   # check seclev
                    my $page_seclev = $c->stash('seclev') || 0;
                    return $next->() if $page_seclev == 0;
 
-                   my $user = $c->stash('user');
                    my $user_seclev = $user->{seclev} || 0;
 
                    if ($user_seclev < $page_seclev) {
@@ -24,6 +40,7 @@ sub register {
                        $c->rendered(403);
                        return;
                    }
+
                    return $next->();
                });
 }
diff --git a/src/newslash_web/lib/Newslash/Plugin/UserAuth.pm b/src/newslash_web/lib/Newslash/Plugin/UserAuth.pm
index 8f18dff..6a7a6d2 100644 (file)
--- a/src/newslash_web/lib/Newslash/Plugin/UserAuth.pm
+++ b/src/newslash_web/lib/Newslash/Plugin/UserAuth.pm
@@ -38,6 +38,7 @@ sub register {
                        $user = $c->cache->get('anonymous_user');
                        if (!$user) {
                            $user = $c->model('users')->anonymous_user;
+                           $user->{permissions} = $c->model('users')->get_permissions_of($user) || {};
                            my $expire = 300; # expire time is 300 sec (5 min)
                            $c->cache->set('anonymous_user', $user, $expire);
                        }
@@ -85,6 +86,9 @@ sub do_login {
         $user->{configJSON} = to_json($new_cfg);
     }
 
+    # add permissions
+    $user->{permissions} = $users->get_permissions_of($user) || {};
+
     # set user relations
     $user->{relations} = $c->model('relations')->hash($user->{uid});
 
diff --git a/src/newslash_web/lib/Newslash/Web.pm b/src/newslash_web/lib/Newslash/Web.pm
index fc74c53..80aafe3 100644 (file)
--- a/src/newslash_web/lib/Newslash/Web.pm
+++ b/src/newslash_web/lib/Newslash/Web.pm
@@ -136,6 +136,9 @@ sub startup {
     $r->get('/comments')->to('index#comments');
     $r->get('/submissions')->to('index#submissions');
 
+    # Banned page
+    $r->get('/banned')->to('index#banned', noindex => 1);
+
     # archive page
     $r->get('/story/:year/:month/:day/' => [year => qr/[0-9]{2}/,
                                             month => qr/[0-9]{2}/,
diff --git a/src/newslash_web/lib/Newslash/Web/Controller/Index.pm b/src/newslash_web/lib/Newslash/Web/Controller/Index.pm
index 6889e30..417ae6c 100644 (file)
--- a/src/newslash_web/lib/Newslash/Web/Controller/Index.pm
+++ b/src/newslash_web/lib/Newslash/Web/Controller/Index.pm
@@ -40,5 +40,16 @@ sub story_archive {
     $c->render(template => 'index/root', stories => $stories);
 }
 
+sub banned {
+    my $c = shift;
+    my $user = $c->stash('user');
+    if($user->{permissions}->{access}) {
+        $c->redirect_to('/');
+        $c->res->code(307);
+        return;
+    }
+    $c->render();
+}
+
 1;
 
diff --git a/src/newslash_web/templates/index/banned.html.tt2 b/src/newslash_web/templates/index/banned.html.tt2
new file mode 100644 (file)
index 0000000..215db5f
--- /dev/null
+++ b/src/newslash_web/templates/index/banned.html.tt2
@@ -0,0 +1,11 @@
+[% WRAPPER common/layout enable_sidebar=1 %]
+
+<div class="app-frame sidebar=0 banned">
+  <h3>You are banned.</h3>
+  <div>
+    <p>あなたが使用しているアカウントもしくはネットワークからのアクセスは禁止されています。</p>
+    <p>もしスラドにログインしていない場合、<a href="/login">ログイン</a>することで解決できるかもしれません。</p>
+  </div>
+</div>
+
+[% END %]
newslash
About OSDN
Find Software
Develop Software
Help