Expand banned_users; it can now include PageSpecs, which allows banning by IP address.

master
Joey Hess 2009-09-08 15:17:39 -04:00
parent 064b507c53
commit 55474f44d9
4 changed files with 33 additions and 8 deletions

View File

@ -252,16 +252,30 @@ sub check_banned ($$) {
my $q=shift; my $q=shift;
my $session=shift; my $session=shift;
my $banned=0;
my $name=$session->param("name"); my $name=$session->param("name");
if (defined $name) { if (defined $name &&
if (grep { $name eq $_ } @{$config{banned_users}}) { grep { $name eq $_ } @{$config{banned_users}}) {
$session->delete(); $banned=1;
cgi_savesession($session); }
cgi_custom_failure(
$q->header(-status => "403 Forbidden"), foreach my $b (@{$config{banned_users}}) {
gettext("You are banned.")); if (pagespec_match("", $b,
ip => $ENV{REMOTE_ADDR},
name => defined $name ? $name : "",
)) {
$banned=1;
last;
} }
} }
if ($banned) {
$session->delete();
cgi_savesession($session);
cgi_custom_failure(
$q->header(-status => "403 Forbidden"),
gettext("You are banned."));
}
} }
sub cgi_getsession ($) { sub cgi_getsession ($) {

2
debian/changelog vendored
View File

@ -2,6 +2,8 @@ ikiwiki (3.14159265) UNRELEASED; urgency=low
* Add French basewiki translation from the Debian French l10n team, * Add French basewiki translation from the Debian French l10n team,
including Philippe Batailler, Alexandre Dupas, and Steve Petruzzello. including Philippe Batailler, Alexandre Dupas, and Steve Petruzzello.
* Expand banned_users; it can now include PageSpecs, which
allows banning by IP address.
-- Joey Hess <joeyh@debian.org> Wed, 02 Sep 2009 15:01:27 -0400 -- Joey Hess <joeyh@debian.org> Wed, 02 Sep 2009 15:01:27 -0400

View File

@ -1,4 +1,10 @@
Banned users can be configured in the setup file. Banned users can be configured in the setup file via the `banned_users`
setting. This is a list of user names, or [[PageSpecs|ikiwiki/PageSpec]]
to ban. Using a PageSpec is useful to block an IP address.
For example:
banned_users => ['evilspammer', 'ip(192.168.1.1)'],
If a banned user attempts to use the ikiwiki CGI, they will receive a 403 If a banned user attempts to use the ikiwiki CGI, they will receive a 403
Forbidden webpage indicating they are banned. Forbidden webpage indicating they are banned.

View File

@ -2,3 +2,6 @@ Admins need the ability to block IP ranges. They can already ban users.
See [[fileupload]] for a propsal that grew to encompass the potential to do See [[fileupload]] for a propsal that grew to encompass the potential to do
this. this.
[[done]] (well, there is no pagespec for IP ranges yet, but we can block
individual IPs)