-
Notifications
You must be signed in to change notification settings - Fork 71
/
config.lua
119 lines (96 loc) · 4.33 KB
/
config.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
--
-- config.lua
--
-- This file loads the configuration from config files or default values.
--
module('config', package.seeall)
local lfs = require("lfs")
local json = require("json")
local config_attributes = nil
local config_persistent_attributes = nil
local conf = {}
local conf_path = "/etc/ssowat/conf.json"
function file_can_be_opened_for_reading(name)
local f=io.open(name,"r")
if f~=nil then io.close(f) return true else return false end
end
function get_cookie_secret()
local conf_file = assert(io.open(conf_path, "r"), "Configuration file is missing")
local conf_ = json.decode(conf_file:read("*all"))
conf_file:close()
local cookie_secret_path = conf_["cookie_secret_file"] or "/etc/yunohost/.ssowat_cookie_secret"
if file_can_be_opened_for_reading(cookie_secret_path) == false then
ngx.log(ngx.STDERR, "Cookie secret file doesn't exist (yet?) or can't be opened for reading. Authentication will be disabled for now.")
return nil
end
local cookie_secret_file = io.open(cookie_secret_path, "r")
if cookie_secret_file ~= nil then
local cookie_secret = cookie_secret_file:read("*all")
cookie_secret_file:close()
return cookie_secret
else
ngx.log(ngx.STDERR, "Cookie secret file doesn't exist (yet?) or can't be opened for reading. Authentication will be disabled for now.")
return nil
end
end
function compare_attributes(file_attributes1, file_attributes2)
if file_attributes1 == nil and file_attributes2 == nil then
return true
elseif file_attributes1 == nil and file_attributes2 ~= nil or file_attributes1 ~= nil and file_attributes2 == nil then
return false
end
return file_attributes1["modification"] == file_attributes2["modification"] and file_attributes1["size"] == file_attributes2["size"]
end
function get_config()
-- Get config files attributes (timestamp modification and size)
local new_config_attributes = lfs.attributes(conf_path, {"modification", "size"})
local new_config_persistent_attributes = lfs.attributes(conf_path..".persistent", {"modification", "size"})
if compare_attributes(new_config_attributes, config_attributes) and compare_attributes(new_config_persistent_attributes, config_persistent_attributes) then
return conf
-- If the file is being written, its size may be 0 and reloading fails, return the last valid config
elseif new_config_attributes == nil or new_config_attributes["size"] == 0 then
return conf
end
-- If the timestamp of the modification or the size is different, reload the configuration.
config_attributes = new_config_attributes
config_persistent_attributes = new_config_persistent_attributes
local conf_file = assert(io.open(conf_path, "r"), "Configuration file is missing")
conf = json.decode(conf_file:read("*all"))
conf_file:close()
-- Load additional rules from the `.persistent` configuration file.
-- The `.persistent` file contains rules that will overwrite previous rules.
-- It typically enables you to set custom rules.
local persistent_conf_file = io.open(conf_path..".persistent", "r")
if persistent_conf_file ~= nil then
perm_conf = json.decode(persistent_conf_file:read("*all"))
persistent_conf_file:close()
for k, v in pairs(perm_conf) do
-- If the configuration key already exists and is a table, merge it
if conf[k] and type(v) == "table" then
for subk, subv in pairs(v) do
if type(subk) == "number" then
table.insert(conf[k], subv)
else
conf[k][subk] = subv
end
end
-- Else just take the persistent rule's value
else
conf[k] = v
end
end
end
-- Define empty dict if conf file is empty~ish,
-- to at least avoid miserably crashing later
if conf["domain_portal_urls"] == nil then
conf["domain_portal_urls"] = {}
end
if conf["permissions"] == nil then
conf["permissions"] = {}
end
-- Always skip the portal urls to avoid redirection looping.
for domain, portal_url in pairs(conf["domain_portal_urls"]) do
table.insert(conf["permissions"]["core_skipped"]["uris"], portal_url)
end
return conf
end