Skip to content

Commit

Permalink
Merge pull request #735 from Malefitz/master
Browse files Browse the repository at this point in the history
Enable more than one "Allow from"-rule in Directory/Location
  • Loading branch information
Morgan Haskel committed Jun 5, 2014
2 parents 07afa8c + 88408f1 commit 024d983
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -1175,7 +1175,7 @@ Sets [AddHandler](http://httpd.apache.org/docs/current/mod/mod_mime.html#addhand

######`allow`

Sets an [Allow](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower.
Sets an [Allow](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one.

```puppet
apache::vhost { 'sample.example.net':
Expand Down
13 changes: 12 additions & 1 deletion spec/acceptance/vhost_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,10 @@ class { 'apache': }
if versioncmp($apache::apache_version, '2.4') >= 0 {
$_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' }
} else {
$_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }
$_files_match_directory = [
{ 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' },
{ 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] },
]
}
$_directories = [
Expand All @@ -238,6 +241,13 @@ class { 'apache': }
ensure => file,
content => "Hello World\\n",
}
file { '/var/www/files/bar':
ensure => directory,
}
file { '/var/www/files/bar/bar.html':
ensure => file,
content => "Hello Bar\\n",
}
host { 'files.example.net': ip => '127.0.0.1', }
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -252,6 +262,7 @@ class { 'apache': }
shell("/usr/bin/curl -sSf files.example.net:80/").stdout.should eq("Hello World\n")
shell("/usr/bin/curl -sSf files.example.net:80/foo/").stdout.should eq("Hello Foo\n")
shell("/usr/bin/curl -sSf files.example.net:80/private.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 403/)
shell("/usr/bin/curl -sSf files.example.net:80/bar/bar.html").stdout.should eq("Hello Bar\n")
end
end

Expand Down
6 changes: 6 additions & 0 deletions templates/vhost/_directories.erb
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,13 @@
Deny <%= directory['deny'] %>
<%- end -%>
<%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%>
<%- if directory['allow'].kind_of?(Array) -%>
<%- Array(directory['allow']).each do |access| -%>
Allow <%= access %>
<%- end -%>
<%- else -%>
Allow <%= directory['allow'] %>
<%- end -%>
<%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%>
<%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%>
Deny from all
Expand Down

0 comments on commit 024d983

Please sign in to comment.