annotate mod_readonly/mod_readonly.lua @ 5560:697d799fe601

mod_http_oauth2: Strip JWKS metadata since we do not understand that Maybe one day whatever this is will be understood, but not this day!
author Kim Alvefur <zash@zash.se>
date Tue, 20 Jun 2023 01:13:51 +0200
parents 7776c9dc5f37
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
750
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local st = require "util.stanza";
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local stores = module:get_option("readonly_stores", {
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 vcard = { "vcard-temp", "vCard" };
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 });
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local namespaces = {};
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 for name, namespace in pairs(stores) do
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
9 namespaces[table.concat(namespace, ":")] = name;
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10 end
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11
3270
7776c9dc5f37 mod_readonly: Simplify iq handling by hooking on iq-set/ instead of iq/.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 750
diff changeset
12 local function prevent_write(event)
750
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local stanza = event.stanza;
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14 local xmlns_and_tag = stanza.tags[1].attr.xmlns..":"..stanza.tags[1].name;
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local store_name = namespaces[xmlns_and_tag];
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 if store_name then
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 module:log("warn", "Preventing modification of %s store by %s", store_name, stanza.attr.from);
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 event.origin.send(st.error_reply(stanza, "cancel", "not-allowed", store_name.." data is read-only"));
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 return true; -- Block stanza
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 end
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 end
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 for namespace in pairs(namespaces) do
3270
7776c9dc5f37 mod_readonly: Simplify iq handling by hooking on iq-set/ instead of iq/.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 750
diff changeset
24 module:hook("iq-set/bare/"..namespace, prevent_write, 200);
750
8133dd5f266a mod_readonly: Allow preventing direct modification of certain user data via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end