Add 'allowPosting' config
This commit is contained in:
parent
d2dafc4dbc
commit
2cb0970a31
|
@ -121,6 +121,7 @@ const Responses = {
|
||||||
|
|
||||||
SendArticle: '340 send article to be posted',
|
SendArticle: '340 send article to be posted',
|
||||||
|
|
||||||
|
PostingNotAllowed: '440 posting not allowed',
|
||||||
ArticlePostFailed: '441 posting failed',
|
ArticlePostFailed: '441 posting failed',
|
||||||
AuthRequired: '480 authentication required',
|
AuthRequired: '480 authentication required',
|
||||||
};
|
};
|
||||||
|
@ -1258,11 +1259,6 @@ exports.getModule = class NNTPServerModule extends ServerModule {
|
||||||
|
|
||||||
const config = Config();
|
const config = Config();
|
||||||
|
|
||||||
// add in some additional supported commands
|
|
||||||
const commands = Object.assign({}, NNTPServerBase.commands, {
|
|
||||||
POST: PostCommand,
|
|
||||||
});
|
|
||||||
|
|
||||||
// :TODO: nntp-server doesn't currently allow posting in a nice way, so this is kludged in. Fork+MR something cleaner at some point
|
// :TODO: nntp-server doesn't currently allow posting in a nice way, so this is kludged in. Fork+MR something cleaner at some point
|
||||||
class ProxySession extends NNTPServerBase.Session {
|
class ProxySession extends NNTPServerBase.Session {
|
||||||
constructor(server, stream) {
|
constructor(server, stream) {
|
||||||
|
@ -1333,12 +1329,19 @@ exports.getModule = class NNTPServerModule extends ServerModule {
|
||||||
}
|
}
|
||||||
|
|
||||||
const commonOptions = {
|
const commonOptions = {
|
||||||
//requireAuth : true, // :TODO: re-enable!
|
|
||||||
// :TODO: How to hook into debugging?!
|
// :TODO: How to hook into debugging?!
|
||||||
commands,
|
|
||||||
session: ProxySession, // :TODO: only do this is config.postingAllowed is true, else '440 posting not allowed' even if authenticated
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
if (true === _.get(config, 'contentServers.nntp.allowPosts')) {
|
||||||
|
// add in some additional supported commands
|
||||||
|
const commands = Object.assign({}, NNTPServerBase.commands, {
|
||||||
|
POST: PostCommand,
|
||||||
|
});
|
||||||
|
|
||||||
|
commonOptions.commands = commands;
|
||||||
|
commonOptions.session = ProxySession;
|
||||||
|
}
|
||||||
|
|
||||||
if (this.enableNntp) {
|
if (this.enableNntp) {
|
||||||
this.nntpServer = new NNTPServer(
|
this.nntpServer = new NNTPServer(
|
||||||
// :TODO: according to docs: if connection is non-tls, but behind proxy (assuming TLS termination?!!) then set this to true
|
// :TODO: according to docs: if connection is non-tls, but behind proxy (assuming TLS termination?!!) then set this to true
|
||||||
|
|
|
@ -12,6 +12,7 @@ The NNTP *content server* provides access to publicly exposed message conference
|
||||||
| `nntp` | :-1: | Configuration block for non-secure NNTP. See Non-Secure NNTP Configuration below. |
|
| `nntp` | :-1: | Configuration block for non-secure NNTP. See Non-Secure NNTP Configuration below. |
|
||||||
| `nntps` | :-1: | Configuration block for secure NNTP. See Secure NNTPS Configuration below. |
|
| `nntps` | :-1: | Configuration block for secure NNTP. See Secure NNTPS Configuration below. |
|
||||||
| `publicMessageConferences` | :+1: | A map of *conference tags* to *area tags* that are publicly exposed over NNTP. Anonymous users will get read-only access to these areas. |
|
| `publicMessageConferences` | :+1: | A map of *conference tags* to *area tags* that are publicly exposed over NNTP. Anonymous users will get read-only access to these areas. |
|
||||||
|
| `postingAllowed` | :-1: | Allow posting from authenticated users. See [Write Access](#write-access).
|
||||||
|
|
||||||
### See Non-Secure NNTP Configuration
|
### See Non-Secure NNTP Configuration
|
||||||
Under `contentServers.nntp.nntp` the following configuration is allowed:
|
Under `contentServers.nntp.nntp` the following configuration is allowed:
|
||||||
|
@ -40,10 +41,20 @@ An example of generating your own cert/key pair:
|
||||||
openssl req -newkey rsa:2048 -nodes -keyout ./config/nntps_key.pem -x509 -days 3050 -out ./config/nntps_cert.pem
|
openssl req -newkey rsa:2048 -nodes -keyout ./config/nntps_key.pem -x509 -days 3050 -out ./config/nntps_cert.pem
|
||||||
```
|
```
|
||||||
|
|
||||||
### Example Configuration
|
## Write Access
|
||||||
|
Authenticated users may write messages to a group given the following are true:
|
||||||
|
|
||||||
|
1. They are connected security (NNTPS). This is a strict requirement due to how NNTP authenticates in plain-text otherwise.
|
||||||
|
2. The authenticated user has write [ACS](../../configuration/acs.md) to the target message conference and area.
|
||||||
|
|
||||||
|
> :warning: Not all [ACS](../../configuration/acs.md) checks can be made over NNTP. Any ACS requiring a "client" will return false (fail), such as `LC` ("is local?").
|
||||||
|
|
||||||
|
## Example Configuration
|
||||||
```hjson
|
```hjson
|
||||||
contentServers: {
|
contentServers: {
|
||||||
nntp: {
|
nntp: {
|
||||||
|
allowPosting: true
|
||||||
|
|
||||||
publicMessageConferences: {
|
publicMessageConferences: {
|
||||||
fsxnet: [
|
fsxnet: [
|
||||||
// Expose these areas of fsxNet
|
// Expose these areas of fsxNet
|
||||||
|
|
Loading…
Reference in New Issue