Skip to content

Commit 024d983

Browse files
author
Morgan Haskel
committed
Merge pull request #735 from Malefitz/master
Enable more than one "Allow from"-rule in Directory/Location
2 parents 07afa8c + 88408f1 commit 024d983

3 files changed

Lines changed: 19 additions & 2 deletions

File tree

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1175,7 +1175,7 @@ Sets [AddHandler](http://httpd.apache.org/docs/current/mod/mod_mime.html#addhand
11751175

11761176
######`allow`
11771177

1178-
Sets an [Allow](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower.
1178+
Sets an [Allow](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one.
11791179

11801180
```puppet
11811181
apache::vhost { 'sample.example.net':

spec/acceptance/vhost_spec.rb

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -214,7 +214,10 @@ class { 'apache': }
214214
if versioncmp($apache::apache_version, '2.4') >= 0 {
215215
$_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' }
216216
} else {
217-
$_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }
217+
$_files_match_directory = [
218+
{ 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' },
219+
{ 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] },
220+
]
218221
}
219222
220223
$_directories = [
@@ -238,6 +241,13 @@ class { 'apache': }
238241
ensure => file,
239242
content => "Hello World\\n",
240243
}
244+
file { '/var/www/files/bar':
245+
ensure => directory,
246+
}
247+
file { '/var/www/files/bar/bar.html':
248+
ensure => file,
249+
content => "Hello Bar\\n",
250+
}
241251
host { 'files.example.net': ip => '127.0.0.1', }
242252
EOS
243253
apply_manifest(pp, :catch_failures => true)
@@ -252,6 +262,7 @@ class { 'apache': }
252262
shell("/usr/bin/curl -sSf files.example.net:80/").stdout.should eq("Hello World\n")
253263
shell("/usr/bin/curl -sSf files.example.net:80/foo/").stdout.should eq("Hello Foo\n")
254264
shell("/usr/bin/curl -sSf files.example.net:80/private.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 403/)
265+
shell("/usr/bin/curl -sSf files.example.net:80/bar/bar.html").stdout.should eq("Hello Bar\n")
255266
end
256267
end
257268

templates/vhost/_directories.erb

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,13 @@
5050
Deny <%= directory['deny'] %>
5151
<%- end -%>
5252
<%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%>
53+
<%- if directory['allow'].kind_of?(Array) -%>
54+
<%- Array(directory['allow']).each do |access| -%>
55+
Allow <%= access %>
56+
<%- end -%>
57+
<%- else -%>
5358
Allow <%= directory['allow'] %>
59+
<%- end -%>
5460
<%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%>
5561
<%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%>
5662
Deny from all

0 commit comments

Comments
 (0)