Mercurial > prosody-modules
annotate mod_muc_access_control/mod_muc_access_control.lua @ 3656:3e0f4d727825
mod_vcard_muc: Add an alternative method of signaling avatar change
When the avatar has been changed, a signal is sent that the room
configuration has changed. Clients then do a disco#info query to find
the SHA-1 of the new avatar. They can then fetch it as before, or not if
they have it cached already.
This is meant to be less disruptive than signaling via presence, which
caused problems for some clients.
If clients transition to the new method, the old one can eventually be removed.
The namespace is made up while waiting for standardization.
Otherwise it is very close to what's described in
https://xmpp.org/extensions/inbox/muc-avatars.html
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 25 Aug 2019 20:46:43 +0200 |
| parents | f54c80404ad3 |
| children |
| rev | line source |
|---|---|
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local jid = require "util.jid"; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local nodeprep = require "util.encodings".stringprep.nodeprep; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local unprepped_access_lists = module:get_option("muc_access_lists", {}); |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local access_lists = {}; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 -- Make sure all input is prepped |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 for unprepped_room_name, unprepped_list in pairs(unprepped_access_lists) do |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 local prepped_room_name = nodeprep(unprepped_room_name); |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 if not prepped_room_name then |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 module:log("error", "Invalid room name: %s", unprepped_room_name); |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 else |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 local prepped_list = {}; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 for _, unprepped_jid in ipairs(unprepped_list) do |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
16 local prepped_jid = jid.prep(unprepped_jid); |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 if not prepped_jid then |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 module:log("error", "Invalid JID: %s", unprepped_jid); |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 else |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
20 prepped_list[prepped_jid] = true; |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 end |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
23 access_lists[prepped_room_name] = prepped_list; |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 local function is_restricted(room, who) |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 local allowed = access_lists[room]; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 if allowed == nil or allowed[who] or allowed[select(2, jid.split(who))] then |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 return nil; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 return "forbidden"; |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 module:hook("presence/full", function(event) |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
38 local stanza = event.stanza; |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
40 if stanza.name == "presence" and stanza.attr.type == "unavailable" then -- Leaving events get discarded |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
41 return; |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
42 end |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 -- Get the room |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 local room = jid.split(stanza.attr.to); |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 if not room then return; end |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 -- Get who has tried to join it |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 local who = jid.bare(stanza.attr.from) |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 -- Checking whether room is restricted |
|
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 local check_restricted = is_restricted(room, who) |
|
3024
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
53 if check_restricted ~= nil then |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
54 event.allowed = false; |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
55 event.stanza.attr.type = 'error'; |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
56 return event.origin.send(st.error_reply(event.stanza, "cancel", "forbidden", "You're not allowed to enter this room: " .. check_restricted)); |
|
f54c80404ad3
mod_muc_access_control: Multiple fixes to make the module work (fixes #1086)
Frank Doepper <prosody@woffs.de>
parents:
1954
diff
changeset
|
57 end |
|
1954
050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 end, 10); |