feat: added basic ACL functionality

2026-03-29 23:20:23 -04:00 · 2023-12-24 11:03:02 +01:00 · 2023-12-24 11:03:02 +01:00 · 7562925aeb
commit 7562925aeb
parent 6a9f8dfa6f
13 changed files with 183 additions and 4 deletions
--- a/src/database/key_value/acl.rs
+++ b/src/database/key_value/acl.rs
@ -0,0 +1,33 @@
+use tracing::warn;
+
+use crate::{service::acl::{Data, AclDatabaseEntry, AclMode}, KeyValueDatabase};
+
+impl Data for KeyValueDatabase {
+    fn check_acl(&self,host: &url::Host<String> ) -> crate::Result<Option<AclMode>> {
+        let thing = self.acl_list.get(host.to_string().as_bytes())?;
+         if let Some(thing) = thing  {
+               match thing.first() {
+                Some(0x1) => Ok(Some(AclMode::Allow)),
+                Some(0x0) => Ok(Some(AclMode::Block)),
+                Some(invalid) => {
+                    warn!("found invalid value for mode byte in value {}, probably db corruption", invalid);
+                    Ok(None)
+                }
+                None => Ok(None),
+            }
+         }else {
+            Ok(None)
+         }
+    }
+
+    fn add_acl(&self, acl: AclDatabaseEntry) -> crate::Result<()> {
+        self.acl_list.insert(acl.hostname.to_string().as_bytes(), match acl.mode  {
+            AclMode::Block => &[0x0],
+            AclMode::Allow => &[0x1],
+        })
+    }
+
+    fn remove_acl(&self,host: url::Host<String>) -> crate::Result<()> {
+        self.acl_list.remove(host.to_string().as_bytes())
+    }
+}
--- a/src/database/key_value/mod.rs
+++ b/src/database/key_value/mod.rs
@ -11,3 +11,5 @@ mod sending;
 mod transaction_ids;
 mod uiaa;
 mod users;
+
+mod acl;
--- a/src/database/mod.rs
+++ b/src/database/mod.rs
@ -172,6 +172,8 @@ pub struct KeyValueDatabase {
    pub(super) appservice_in_room_cache: RwLock<HashMap<OwnedRoomId, HashMap<String, bool>>>,
    pub(super) lasttimelinecount_cache: Mutex<HashMap<OwnedRoomId, PduCount>>,
    pub(super) presence_timer_sender: Arc<mpsc::UnboundedSender<(OwnedUserId, Duration)>>,
+
+    pub(super) acl_list: Arc<dyn KvTree>
 }

 impl KeyValueDatabase {
@ -281,6 +283,7 @@ impl KeyValueDatabase {

        let db_raw = Box::new(Self {
            _db: builder.clone(),
+            acl_list: builder.open_tree("acl")?,
            userid_password: builder.open_tree("userid_password")?,
            userid_displayname: builder.open_tree("userid_displayname")?,
            userid_avatarurl: builder.open_tree("userid_avatarurl")?,