alf (red_alf) wrote in changelog,
alf
red_alf
changelog

[ljcom] r9705: LJSUP-7336: Antispam: prono-promotion

Committer: afedorov
LJSUP-7336: Antispam: prono-promotion

U   trunk/htdocs/sup/rpc_interface.bml
Modified: trunk/htdocs/sup/rpc_interface.bml
===================================================================
--- trunk/htdocs/sup/rpc_interface.bml	2010-11-13 10:51:18 UTC (rev 9704)
+++ trunk/htdocs/sup/rpc_interface.bml	2010-11-13 10:56:10 UTC (rev 9705)
@@ -44,6 +44,14 @@
         }
     }
 
+    my $match = sub {
+        my ($action, $tc) = @_;
+        return 1 if $tc eq '*';
+        return 1 if $action eq $tc;
+        return 1 if substr($tc, -3) eq '::*' && substr($tc, 0, length($tc)-1) eq substr($action, 0, length($tc)-1);
+        return 0;
+    };
+    
     # verify access
     if( !$trusted_commands ){
         return "unauthorized request"
@@ -53,11 +61,10 @@
         foreach my $tc (@$trusted_commands) {
             ## $trusted_command is either full command name or template like 'jabber::*'
             ## $action is full command name, e.g. 'jabber::get_roster_by_jid'
-            if ($action eq $tc || 
-                substr($tc, -3) eq '::*' && substr($tc, 0, length($tc)-1) eq substr($action, 0, length($tc)-1) 
-            ){
+            if ( $match->($action, $tc) ) {
                 $is_allowed = 1;
-                last;
+            } elsif ( $tc =~ /^-(.*)$/ && $match->($action, $1) ) {
+                $is_allowed = 0;
             }
         }
         return "command_not_allowed" unless $is_allowed;

Tags: bml, ljcom, red_alf
Subscribe

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments