[SR-Users] Group module

Thu Nov 7 10:56:06 CET 2019

On Wed, Nov 06, 2019 at 07:15:42PM +0100, Igor Olhovskiy wrote:
> 
> Hm... Maybe there is other module to achieve such functions?
> Best if it would be with cache :)
> But if no - regex also fine.

But if it works it works! I don't think there is a specific module to do
this but it is easy to implement yourself. What I don't like personally
about your solution is the use of the permission tables, you need
atleast 1 per user (unless users have the same ip).

Personally I do this by direct database queries in usr_preferences on
INVITEs and REGISTERs. You could use any database (depending on how you
store the ACL) and cache it in a htable.

My solution is mysql specific (inet_aton) and forces users to have
atleast 1 CIDR notated subnet:

if(!avp_db_query("select value from usr_preferences where username='$au' and attribute='acl' and
inet_aton(substring_index(value,'/',1))&(1 << 32) - 1 & ~((1 << (32 -
substring_index(value,'/',-1))) - 1)=inet_aton('$si')&(1 << 32) -
1 & ~((1 << (32 - substring_index(value,'/',-1))) - 1)"))
{
	t_reply("404","Go away");
	exit;
}