Mercurial > prosody-modules
annotate mod_omemo_all_access/mod_omemo_all_access.lua @ 4260:c539334dd01a
mod_http_oauth2: Rescope oauth client config into users' storage
This produces client_id of the form owner@host/random and prevents
clients from being deleted by registering an account with the same name
and then deleting the account, as well as having the client
automatically be deleted when the owner account is removed.
On one hand, this leaks the bare JID of the creator to users. On the
other hand, it makes it obvious who made the oauth application.
This module is experimental and only for developers, so this can be
changed if a better method comes up.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sat, 21 Nov 2020 23:55:10 +0100 |
| parents | 9505282ad24f |
| children |
| rev | line source |
|---|---|
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
1 -- OMEMO all access module |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
2 -- Copyright (c) 2017 Daniel Gultsch |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
3 -- |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
4 -- This module is MIT/X11 licensed |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
5 -- |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
6 |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
7 local jid_bare = require "util.jid".bare; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
8 local st = require "util.stanza" |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
9 local white_listed_namespace = "eu.siacs.conversations.axolotl." |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
10 local disco_feature_namespace = white_listed_namespace .. "whitelisted" |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
11 |
|
3210
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
12 local mm = require "core.modulemanager"; |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
13 |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
14 |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
15 -- COMPAT w/trunk |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
16 local pep_module_name = "pep"; |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
17 if mm.get_modules_for_host then |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
18 if mm.get_modules_for_host(module.host):contains("pep_simple") then |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
19 pep_module_name = "pep_simple"; |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
20 end |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
21 end |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
22 |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
23 local mod_pep = module:depends(pep_module_name); |
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
24 local pep_data = mod_pep.module.save().data; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
25 |
|
3209
5b02241a254e
mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents:
2858
diff
changeset
|
26 if not pep_data then |
|
5b02241a254e
mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents:
2858
diff
changeset
|
27 module:log("error", "This module is not compatible with your version of mod_pep"); |
|
3210
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
28 if mm.get_modules_for_host then |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
29 module:log("error", "Please use mod_pep_simple instead of mod_pep to continue using this module"); |
|
9505282ad24f
mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents:
3209
diff
changeset
|
30 end |
|
3209
5b02241a254e
mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents:
2858
diff
changeset
|
31 return false; |
|
5b02241a254e
mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents:
2858
diff
changeset
|
32 end |
|
5b02241a254e
mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents:
2858
diff
changeset
|
33 |
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
34 local function on_account_disco_info(event) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
35 (event.reply or event.stanza):tag("feature", {var=disco_feature_namespace}):up(); |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
36 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
37 |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
38 local function on_pep_request(event) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
39 local session, stanza = event.origin, event.stanza |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
40 local payload = stanza.tags[1]; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
41 if stanza.attr.type == 'get' then |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
42 local node, requested_id; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
43 payload = payload.tags[1] |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
44 if payload and payload.name == 'items' then |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
45 node = payload.attr.node |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
46 local item = payload.tags[1]; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
47 if item and item.name == 'item' then |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
48 requested_id = item.attr.id; |
|
2858
150a7bd59043
mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents:
2856
diff
changeset
|
49 end |
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
50 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
51 if node and string.sub(node,1,string.len(white_listed_namespace)) == white_listed_namespace then |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
52 local user = stanza.attr.to and jid_bare(stanza.attr.to) or session.username..'@'..session.host; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
53 local user_data = pep_data[user]; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
54 if user_data and user_data[node] then |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
55 local id, item = unpack(user_data[node]); |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
56 if not requested_id or id == requested_id then |
|
2858
150a7bd59043
mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents:
2856
diff
changeset
|
57 local reply_stanza = st.reply(stanza) |
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
58 :tag('pubsub', {xmlns='http://jabber.org/protocol/pubsub'}) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
59 :tag('items', {node=node}) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
60 :add_child(item) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
61 :up() |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
62 :up(); |
|
2858
150a7bd59043
mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents:
2856
diff
changeset
|
63 session.send(reply_stanza); |
|
2856
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
64 module:log("debug","provided access to omemo node",node) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
65 return true; |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
66 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
67 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
68 module:log("debug","requested node was white listed", node) |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
69 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
70 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
71 end |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
72 |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
73 module:hook("iq/bare/http://jabber.org/protocol/pubsub:pubsub", on_pep_request, 10); |
|
08f6b9d37a49
mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff
changeset
|
74 module:hook("account-disco-info", on_account_disco_info); |