Option to test entry name against regular expression

oftn-oswg · May 27, 2018 · 7eb3d43 · 7eb3d43
1 parent 2373e8c
commit 7eb3d43
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 4 deletions.
diff --git a/admin.go b/admin.go
@@ -401,6 +401,14 @@ func (a *AdminHandler) ServeNew(w http.ResponseWriter, r *http.Request) {
 			entry.Name = id.String()
 		}
 
+		if a.App.Config.disallowRegexp != nil {
+			// Check entry name against Disallow configuration
+			if a.App.Config.disallowRegexp.MatchString(entry.Name) {
+				http.Error(w, "Entry name has been disallowed", 500)
+				return
+			}
+		}
+
 		// Source information
 		switch form.Source {
 		case EntrySourceURL:
@@ -466,7 +474,7 @@ func (a *AdminHandler) ServeNew(w http.ResponseWriter, r *http.Request) {
 		if err := a.App.DB.Update(entry, claims); err != nil {
 			log.Printf("Error creating entry %s: %s", entry.Name, err)
 		} else {
-			log.Printf("Created entry %s", entry)
+			log.Printf("Created entry %s with %s", entry, RealRemoteIP(r))
 		}
 
 		redirectPage := a.App.Config.Base + "admin/my"
@@ -533,7 +541,7 @@ func (a *AdminHandler) ServeList(w http.ResponseWriter, r *http.Request) {
 				if err != nil {
 					log.Println(err)
 				} else {
-					log.Printf("Removed entry: %s", form.Name)
+					log.Printf("Removed entry %q with IP %s", form.Name, RealRemoteIP(r))
 				}
 			}
 
@@ -542,7 +550,7 @@ func (a *AdminHandler) ServeList(w http.ResponseWriter, r *http.Request) {
 			if err != nil {
 				log.Println(err)
 			} else {
-				log.Printf("Cleared all entries with token %q", form.Token)
+				log.Printf("Cleared all entries with token %q from %s", form.Token, RealRemoteIP(r))
 			}
 
 		}

diff --git a/config.yml b/config.yml
@@ -26,6 +26,8 @@ uploadmaxsize: 1000000
 
 # Boolean value inidicating whether everyone has can manage their own entries
 public: false
+# Regular expression to match entry name against to disallow
+disallow: ^(admin|.well-known|sitemap.xml)
 
 selfdestruct:
     # Whether to allow self-destruct

diff --git a/zerodrop.go b/zerodrop.go
@@ -2,9 +2,11 @@ package main
 
 import (
 	"context"
+	"fmt"
 	"log"
 	"net/http"
 	"os"
+	"regexp"
 
 	"github.com/oftn-oswg/socket"
 )
@@ -25,7 +27,9 @@ type ZerodropConfig struct {
 	UploadPermissions uint32 `default:"0600"`
 	UploadMaxSize     uint64 `default:"1000000"`
 
-	Public bool `default:"false"`
+	Public         bool   `default:"false"`
+	Disallow       string `default:""`
+	disallowRegexp *regexp.Regexp
 
 	SelfDestruct struct {
 		Enable  bool   `default:"false"`
@@ -63,6 +67,14 @@ func NewZerodropApp(config *ZerodropConfig) (app *ZerodropApp, err error) {
 		DB:     &ZerodropDB{},
 	}
 
+	if config.Disallow != "" {
+		disallowRegexp, err := regexp.Compile(config.Disallow)
+		if err != nil {
+			return nil, fmt.Errorf("parsing Disallow field: %s", err)
+		}
+		config.disallowRegexp = disallowRegexp
+	}
+
 	app.AdminHandler, err = NewAdminHandler(app)
 	if err != nil {
 		return nil, err