[SR-Users] Group module

Daniel-Constantin Mierla miconda at gmail.com
Thu Nov 7 11:37:09 CET 2019 

You can reuse the grp database table (from the group module) but do the
query you need using sql_query() (from sqlops) module. So you don't have
to use the functions of the group module if they do not fit your needs,
anyhow behind is_user_in() is an sql  query.

If you authenticate the user with password before this check, you can
extend subscriber table with another column where you store the
permissions address group and the value can be loaded using
load_credentials parameter of auth_db module.

Cheers,
Daniel

On 07.11.19 11:08, Igor Olhovskiy wrote:
> Thanks!
>
> Looks ok. (Despite the fact it's looking like write-only statement : )
> Idea was, that I want to avoid creating additional tables or schema of
> ACL. Means if I can use already built-in mechanism/tables/schema -
> than why to implement own. Code reuse, all this.
>
> On Nov 7 2019, at 10:56 am, Daniel Tryba <d.tryba at pocos.nl> wrote:
>
>     On Wed, Nov 06, 2019 at 07:15:42PM +0100, Igor Olhovskiy wrote:
>
>
>         Hm... Maybe there is other module to achieve such functions?
>         Best if it would be with cache :)
>         But if no - regex also fine.
>
>
>     But if it works it works! I don't think there is a specific module
>     to do
>     this but it is easy to implement yourself. What I don't like
>     personally
>     about your solution is the use of the permission tables, you need
>     atleast 1 per user (unless users have the same ip).
>
>     Personally I do this by direct database queries in usr_preferences on
>     INVITEs and REGISTERs. You could use any database (depending on
>     how you
>     store the ACL) and cache it in a htable.
>
>     My solution is mysql specific (inet_aton) and forces users to have
>     atleast 1 CIDR notated subnet:
>
>     if(!avp_db_query("select value from usr_preferences where
>     username='$au' and attribute='acl' and
>     inet_aton(substring_index(value,'/',1))&(1 << 32) - 1 & ~((1 << (32 -
>     substring_index(value,'/',-1))) - 1)=inet_aton('$si')&(1 << 32) -
>     1 & ~((1 << (32 - substring_index(value,'/',-1))) - 1)"))
>     {
>     t_reply("404","Go away");
>     exit;
>     }
>
>     _______________________________________________
>     Kamailio (SER) - Users Mailing List
>     sr-users at lists.kamailio.org
>     https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191107/4167637a/attachment.html>

More information about the sr-users mailing list