From 22349a23eccae8fc8e1fb1e4cb0ca6ea84f281de Mon Sep 17 00:00:00 2001 From: Bryan Ashby Date: Thu, 23 Feb 2023 22:20:54 -0700 Subject: [PATCH] New ACS: SE allows checking if various services are enabled --- core/acs_parser.js | 81 +++++++++++++++++++++++++++++++++ core/config_default.js | 4 ++ docs/_docs/configuration/acs.md | 1 + misc/acs_parser.pegjs | 50 ++++++++++++++++++-- 4 files changed, 132 insertions(+), 4 deletions(-) diff --git a/core/acs_parser.js b/core/acs_parser.js index 55e2e820..d203fc0e 100644 --- a/core/acs_parser.js +++ b/core/acs_parser.js @@ -936,6 +936,7 @@ function peg$parse(input, options) { const UserProps = require('./user_property.js'); const Log = require('./logger.js').log; const User = require('./user.js'); + const Config = require('./config.js').get; const _ = require('lodash'); const moment = require('moment'); @@ -946,6 +947,86 @@ function peg$parse(input, options) { function checkAccess(acsCode, value) { try { return { + SE: function servicesEnabled() { + if (!Array.isArray(value)) { + value = [value]; + } + const config = Config(); + const webEnabled = () => { + return ( + true === _.get(config, 'contentServers.web.http.enabled') || + true === _.get(config, 'contentServers.web.https.enabled') + ); + }; + + const allEnabled = value.every(svcName => { + switch (svcName) { + case 'http': + return ( + true === + _.get(config, 'contentServers.web.http.enabled') + ); + + case 'https': + return ( + true === + _.get(config, 'contentServers.web.https.enabled') + ); + + case 'web': + return webEnabled(); + + case 'gopher': + return ( + true === + _.get(config, 'contentServers.gopher.enabled') + ); + + case 'nttp': + return ( + true === + _.get(config, 'contentServers.nntp.nntp.enabled') + ); + + case 'nntps': + return ( + true === + _.get(config, 'contentServers.nntp.nntps.enabled') + ); + + case 'activitypub': + return ( + webEnabled() && + true === + _.get( + config, + 'contentServers.web.handlers.activityPub.enabled' + ) + ); + + case 'nodeinfo2': + return ( + webEnabled() && + true === + _.get( + config, + 'contentServers.web.handlers.nodeInfo2.enabled' + ) + ); + + case 'webfinger': + return ( + webEnabled() && + true === + _.get( + config, + 'contentServers.web.handlers.webFinger.enabled' + ) + ); + } + }); + return allEnabled; + }, LC: function isLocalConnection() { return client && client.isLocal(); }, diff --git a/core/config_default.js b/core/config_default.js index 98ae4257..ce272a19 100644 --- a/core/config_default.js +++ b/core/config_default.js @@ -911,6 +911,10 @@ module.exports = () => { name: 'ActivityPub', desc: 'Public ActivityPub messages', + acs: { + read: 'GM[users]SE[activitypub]', + }, + areas: { activitypub_shared: { name: 'ActivityPub Public', diff --git a/docs/_docs/configuration/acs.md b/docs/_docs/configuration/acs.md index 6338f6f5..4e485770 100644 --- a/docs/_docs/configuration/acs.md +++ b/docs/_docs/configuration/acs.md @@ -50,6 +50,7 @@ The following are ACS codes available as of this writing: | AFauthFactor | User's current *Authentication Factor* is >= _authFactor_. Authentication factor 1 refers to username + password (or PubKey) while factor 2 refers to 2FA such as One-Time-Password authentication. | | ARauthFactorReq | Current user **requires** an Authentication Factor >= _authFactorReq_ | | PV[_name,_value_] | Checks that the property by _name_ for the current user is exactly _value_. This ACS allows arbitrary user property values to be checked. For example, `PV[message_conf,local]` checks that the user is currently in the "local" message conference. +| SE[_service_,_service_,...] | Checks that all services listed by _service_ listed are enabled. Available services: `http`, `https`, `web` (`http` or `https`), `gopher`, `nntp`, `nntps`, `activitypub` (requires `web`), `nodeinfo2` (requires `web`), `webfinger` (requires `web`). Example: `SE[activitypub]`. ## ACS Strings ACS strings are one or more ACS codes in addition to some basic language semantics. diff --git a/misc/acs_parser.pegjs b/misc/acs_parser.pegjs index 5ac55f30..1eecafd7 100644 --- a/misc/acs_parser.pegjs +++ b/misc/acs_parser.pegjs @@ -3,6 +3,7 @@ const UserProps = require('./user_property.js'); const Log = require('./logger.js').log; const User = require('./user.js'); + const Config = require('./config.js').get; const _ = require('lodash'); const moment = require('moment'); @@ -13,6 +14,48 @@ function checkAccess(acsCode, value) { try { return { + SE : function servicesEnabled() { + if (!Array.isArray(value)) { + value = [ value]; + } + const config = Config(); + const webEnabled = () => { + return (true === _.get(config, 'contentServers.web.http.enabled') || + true === _.get(config, 'contentServers.web.https.enabled')); + }; + + const allEnabled = value.every(svcName => { + switch (svcName) { + case 'http': + return true === _.get(config, 'contentServers.web.http.enabled'); + + case 'https': + return true === _.get(config, 'contentServers.web.https.enabled'); + + case 'web': + return webEnabled(); + + case 'gopher': + return true === _.get(config, 'contentServers.gopher.enabled'); + + case 'nttp': + return true === _.get(config, 'contentServers.nntp.nntp.enabled'); + + case 'nntps': + return true === _.get(config, 'contentServers.nntp.nntps.enabled'); + + case 'activitypub': + return webEnabled() && true === _.get(config, 'contentServers.web.handlers.activityPub.enabled'); + + case 'nodeinfo2': + return webEnabled() && true === _.get(config, 'contentServers.web.handlers.nodeInfo2.enabled'); + + case 'webfinger': + return webEnabled() && true === _.get(config, 'contentServers.web.handlers.webFinger.enabled'); + } + }); + return allEnabled; + }, LC : function isLocalConnection() { return client && client.isLocal(); }, @@ -77,8 +120,8 @@ const now = moment(); const daysOld = accountCreated.diff(moment(), 'days'); return !isNaN(value) && - accountCreated.isValid() && - now.isAfter(accountCreated) && + accountCreated.isValid() && + now.isAfter(accountCreated) && daysOld >= value; }, BU : function bytesUploaded() { @@ -270,7 +313,7 @@ atom comma = ',' -ws +ws = ' ' optWs @@ -304,4 +347,3 @@ arg = list / num:number? - \ No newline at end of file