mirror of
https://github.com/0ceanSlim/grain.git
synced 2024-11-22 08:37:13 +00:00
102 lines
2.6 KiB
Go
102 lines
2.6 KiB
Go
package config
|
|
|
|
import (
|
|
"fmt"
|
|
nostr "grain/server/types"
|
|
"grain/server/utils"
|
|
"log"
|
|
"strconv"
|
|
)
|
|
|
|
// CheckWhitelist checks if an event meets the whitelist criteria.
|
|
func CheckWhitelist(evt nostr.Event) (bool, string) {
|
|
whitelistCfg := GetWhitelistConfig()
|
|
if whitelistCfg == nil {
|
|
return false, "Internal server error: whitelist configuration is missing"
|
|
}
|
|
|
|
// Check if the event's kind is whitelisted
|
|
if whitelistCfg.KindWhitelist.Enabled && !IsKindWhitelisted(evt.Kind) {
|
|
return false, "not allowed: event kind is not whitelisted"
|
|
}
|
|
|
|
// Check if the event's pubkey is whitelisted
|
|
if whitelistCfg.PubkeyWhitelist.Enabled && !IsPubKeyWhitelisted(evt.PubKey, false) {
|
|
return false, "not allowed: pubkey or npub is not whitelisted"
|
|
}
|
|
|
|
return true, ""
|
|
}
|
|
|
|
// IsPubKeyWhitelisted checks if a pubkey or npub is whitelisted, considering pubkeys from domains.
|
|
// The `forPurge` flag indicates if the check is for purging purposes.
|
|
func IsPubKeyWhitelisted(pubKey string, forPurge bool) bool {
|
|
cfg := GetWhitelistConfig()
|
|
if cfg == nil {
|
|
return false // No configuration means no whitelisting.
|
|
}
|
|
|
|
// If the whitelist is disabled but this check is for purging, we still evaluate it.
|
|
if !cfg.PubkeyWhitelist.Enabled && !forPurge {
|
|
return true // Whitelisting is not enforced for posting if disabled.
|
|
}
|
|
|
|
// Check statically defined pubkeys
|
|
for _, whitelistedKey := range cfg.PubkeyWhitelist.Pubkeys {
|
|
if pubKey == whitelistedKey {
|
|
return true
|
|
}
|
|
}
|
|
|
|
// Check statically defined npubs after decoding them to pubkeys
|
|
for _, npub := range cfg.PubkeyWhitelist.Npubs {
|
|
decodedPubKey, err := utils.DecodeNpub(npub)
|
|
if err != nil {
|
|
log.Printf("Error decoding npub: %v", err)
|
|
continue
|
|
}
|
|
if pubKey == decodedPubKey {
|
|
return true
|
|
}
|
|
}
|
|
|
|
// Fetch and check pubkeys from domains if domain whitelisting is enabled
|
|
if cfg.DomainWhitelist.Enabled {
|
|
domains := cfg.DomainWhitelist.Domains
|
|
pubkeys, err := utils.FetchPubkeysFromDomains(domains)
|
|
if err != nil {
|
|
log.Printf("Error fetching pubkeys from domains: %v", err)
|
|
return false // Consider errors as non-whitelisted for purging
|
|
}
|
|
|
|
for _, domainPubKey := range pubkeys {
|
|
if pubKey == domainPubKey {
|
|
return true
|
|
}
|
|
}
|
|
}
|
|
|
|
return false // Not whitelisted
|
|
}
|
|
|
|
// Check if a kind is whitelisted
|
|
func IsKindWhitelisted(kind int) bool {
|
|
cfg := GetWhitelistConfig()
|
|
if !cfg.KindWhitelist.Enabled {
|
|
return true
|
|
}
|
|
|
|
for _, whitelistedKindStr := range cfg.KindWhitelist.Kinds {
|
|
whitelistedKind, err := strconv.Atoi(whitelistedKindStr)
|
|
if err != nil {
|
|
fmt.Println("Error converting whitelisted kind to int:", err)
|
|
continue
|
|
}
|
|
if kind == whitelistedKind {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|