pierre/MatrixGW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce read only clients

Browse Source
This commit is contained in:
Pierre HUBERT 2025-01-30 21:38:23 +01:00
parent 0e8b4751b4
commit 08f535c15c
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/extractors/client_auth.rs
View File

@ -106,8 +106,14 @@ impl APIClientAuth {
return Err(actix_web::error::ErrorBadRequest("Method mismatch!")); return Err(actix_web::error::ErrorBadRequest("Method mismatch!"));
} }
// Check for write access
if client.readonly_client && !req.method().is_safe() {
return Err(actix_web::error::ErrorBadRequest(
"Read only client cannot perform write operations!",
));
}
// TODO : handle payload // TODO : handle payload
// TODO : check read only access
// TODO : update last use (if required) // TODO : update last use (if required)
// TODO : check for IP restriction // TODO : check for IP restriction