annotate mod_muc_local_only/mod_muc_local_only.lua @ 5256:44f7edd4f845

mod_http_oauth2: Reject non-local hosts in more code paths We're not issuing tokens for users on remote hosts, we can't even authenticate them since they're remote. Thus the host is always the local module.host so no need to pass around the host in most cases or use it for anything but enforcing the same host.
author Kim Alvefur <zash@zash.se>
date Thu, 16 Mar 2023 17:52:10 +0100
parents 221b6bee26e2
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4019
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local jid = require "util.jid";
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2 local st = require "util.stanza";
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local local_rooms = module:get_option_inherited_set("muc_local_only", {});
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6 module:hook("muc-occupant-pre-join", function (event)
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local room = event.room;
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 if not local_rooms:contains(room.jid) then
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 return; -- Not a protected room, ignore
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 end
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local user_jid = event.occupant.bare_jid;
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local user_host = jid.host(user_jid);
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 if not prosody.hosts[user_host] then
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local error_reply = st.error_reply(event.stanza, "cancel", "forbidden", "This group is only available to local users", room.jid);
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 event.origin.send(error_reply);
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 return true;
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 end
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 room:set_affiliation(true, user_jid, "member", "Granting access to local user");
221b6bee26e2 mod_muc_local_only: New module to restrict a list of MUCs to local users
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 end);