Mercurial > prosody-modules
annotate mod_client_management/mod_client_management.lua @ 5914:d3610fb965d6
mod_muc_restrict_pm: Backport changes from upstream timber patch.
author | Nicholas George <wirlaburla@worlio.com> |
---|---|
date | Fri, 24 May 2024 18:30:47 -0500 |
parents | 13094c707414 |
children |
rev | line source |
---|---|
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local modulemanager = require "core.modulemanager"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local usermanager = require "core.usermanager"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
4 local array = require "util.array"; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
5 local dt = require "util.datetime"; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 local id = require "util.id"; |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
7 local it = require "util.iterators"; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 local jid = require "util.jid"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 local st = require "util.stanza"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 local strict = module:get_option_boolean("enforce_client_ids", false); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
5582
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5516
diff
changeset
|
13 module:default_permission("prosody:registered", ":list-clients"); |
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5516
diff
changeset
|
14 module:default_permission("prosody:registered", ":manage-clients"); |
5312
22e6b9f09439
mod_client_management: Add list-clients + manage-clients permissions to users
Matthew Wild <mwild1@gmail.com>
parents:
5311
diff
changeset
|
15 |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 local tokenauth = module:depends("tokenauth"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 local mod_fast = module:depends("sasl2_fast"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 local client_store = assert(module:open_store("clients", "keyval+")); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 --[[{ |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 id = id; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 first_seen = |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 last_seen = |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 user_agent = { |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 name = |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 os = |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 } |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 --}]] |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 local xmlns_sasl2 = "urn:xmpp:sasl:2"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 local function get_user_agent(sasl_handler, token_info) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 local sasl_agent = sasl_handler and sasl_handler.user_agent; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 local token_agent = token_info and token_info.data and token_info.data.oauth2_client; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 if not (sasl_agent or token_agent) then return; end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 return { |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 software = sasl_agent and sasl_agent.software or token_agent and token_agent.name or nil; |
5516
f25df3af02c1
mod_client_management: Include client software version number in listing
Kim Alvefur <zash@zash.se>
parents:
5374
diff
changeset
|
38 software_id = token_agent and token_agent.id or nil; |
f25df3af02c1
mod_client_management: Include client software version number in listing
Kim Alvefur <zash@zash.se>
parents:
5374
diff
changeset
|
39 software_version = token_agent and token_agent.version or nil; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 uri = token_agent and token_agent.uri or nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 device = sasl_agent and sasl_agent.device or nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 }; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 module:hook("sasl2/c2s/success", function (event) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 local session = event.session; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 local username, client_id = session.username, session.client_id; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 local mechanism = session.sasl_handler.selected; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 local token_info = session.sasl_handler.token_info; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 local token_id = token_info and token_info.id or nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 local now = os.time(); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 if client_id then -- SASL2, have client identifier |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 local is_new_client; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 local client_state = client_store:get_key(username, client_id); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 if not client_state then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 is_new_client = true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 client_state = { |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 id = client_id; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 first_seen = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 user_agent = get_user_agent(session.sasl_handler, token_info); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 full_jid = nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 last_seen = nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 mechanisms = {}; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 }; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 -- Update state |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 client_state.full_jid = session.full_jid; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 client_state.last_seen = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 client_state.mechanisms[mechanism] = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 if session.sasl_handler.fast_auth then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 client_state.fast_auth = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 if token_id then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 client_state.auth_token_id = token_id; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 -- Store updated state |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 client_store:set_key(username, client_id, client_state); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 if is_new_client then |
5753
3730992d0c7c
mod_client_management: Include session in new-client event
Kim Alvefur <zash@zash.se>
parents:
5694
diff
changeset
|
82 module:fire_event("client_management/new-client", { client = client_state; session = session }); |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 end); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 local function find_client_by_resource(username, resource) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 local full_jid = jid.join(username, module.host, resource); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 local clients = client_store:get(username); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 if not clients then return; end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 for _, client_state in pairs(clients) do |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 if client_state.full_jid == full_jid then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 return client_state; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 module:hook("resource-bind", function (event) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 local session = event.session; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 if session.client_id then return; end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 local is_new_client; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 local client_state = find_client_by_resource(event.session.username, event.session.resource); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 local now = os.time(); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 if not client_state then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 is_new_client = true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 client_state = { |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 id = id.short(); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
109 first_seen = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
110 user_agent = nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
111 full_jid = nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 last_seen = nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 mechanisms = {}; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 legacy = true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 }; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 -- Update state |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 client_state.full_jid = session.full_jid; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 client_state.last_seen = now; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 |
5878
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
122 local legacy_info = session.client_management_info; |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
123 if legacy_info then |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
124 client_state.mechanisms[legacy_info.mechanism] = now; |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
125 if legacy_info.fast_auth then |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
126 client_state.fast_auth = now; |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
127 end |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
128 |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
129 local token_id = legacy_info.token_info and legacy_info.token_info.id; |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
130 if token_id then |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
131 client_state.auth_token_id = token_id; |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
132 end |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
133 else |
13094c707414
mod_client_management: Prevent exception on missing client info
Kim Alvefur <zash@zash.se>
parents:
5756
diff
changeset
|
134 session.log("warn", "Missing client management info") |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
137 -- Store updated state |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 client_store:set_key(session.username, client_state.id, client_state); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
139 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 if is_new_client then |
5756
e199f33f7a2e
mod_client_management: Include session in the other new-client event too
Kim Alvefur <zash@zash.se>
parents:
5753
diff
changeset
|
141 module:fire_event("client_management/new-client", { client = client_state; session = session }); |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
142 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
143 end); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
144 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
145 if strict then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
146 module:hook_tag(xmlns_sasl2, "authenticate", function (session, auth) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
147 local user_agent = auth:get_child("user-agent"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
148 if not user_agent or not user_agent.attr.id then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 }) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 :tag("malformed-request", { xmlns = "urn:ietf:params:xml:ns:xmpp-sasl" }):up() |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
151 :text_tag("text", "Client identifier required but not supplied"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
152 session.send(failure); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
153 return true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
154 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
155 end, 500); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
156 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
157 if modulemanager.get_modules_for_host(module.host):contains("saslauth") then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
158 module:log("error", "mod_saslauth is enabled, but enforce_client_ids is enabled and will prevent it from working"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
161 module:hook("stanza/urn:ietf:params:xml:ns:xmpp-sasl:auth", function (event) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
162 -- Block legacy SASL, if for some reason it is being used (either mod_saslauth is loaded, |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
163 -- or clients try it without advertisement) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
164 module:log("warn", "Blocking legacy SASL authentication because enforce_client_ids is enabled"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
165 local failure = st.stanza("failure", { xmlns = xmlns_sasl2 }) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
166 :tag("malformed-request", { xmlns = "urn:ietf:params:xml:ns:xmpp-sasl" }):up() |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
167 :text_tag("text", "Legacy SASL authentication is not available on this server"); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
168 event.session.send(failure); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
169 return true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
170 end); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
171 else |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
172 -- Legacy client compat code |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
173 module:hook("authentication-success", function (event) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
174 local session = event.session; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
175 if session.client_id then return; end -- SASL2 client |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
176 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
177 local sasl_handler = session.sasl_handler; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
178 session.client_management_info = { |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
179 mechanism = sasl_handler.selected; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
180 token_info = sasl_handler.token_info; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
181 fast_auth = sasl_handler.fast_auth; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
182 }; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
183 end); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
184 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
185 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
186 local function is_password_mechanism(mech_name) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
187 if mech_name == "OAUTHBEARER" then return false; end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
188 if mech_name:match("^HT%-") then return false; end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
189 return true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
190 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
191 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
192 local function is_client_active(client) |
5683
c69320fc438b
mod_client_management: Bail out retrieving tokens for user
Kim Alvefur <zash@zash.se>
parents:
5645
diff
changeset
|
193 if not client.full_jid then |
c69320fc438b
mod_client_management: Bail out retrieving tokens for user
Kim Alvefur <zash@zash.se>
parents:
5645
diff
changeset
|
194 return nil; |
c69320fc438b
mod_client_management: Bail out retrieving tokens for user
Kim Alvefur <zash@zash.se>
parents:
5645
diff
changeset
|
195 end |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
196 local username, host = jid.split(client.full_jid); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
197 local account_info = usermanager.get_account_info(username, host); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
198 local last_password_change = account_info and account_info.password_updated; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
199 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
200 local status = {}; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
201 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
202 -- Check for an active token grant that has been previously used by this client |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
203 if client.auth_token_id then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
204 local grant = tokenauth.get_grant_info(client.auth_token_id); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
205 if grant then |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
206 status.grant = grant; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
207 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
208 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
209 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
210 -- Check for active FAST tokens |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
211 if client.fast_auth then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
212 if mod_fast.is_client_fast(username, client.id, last_password_change) then |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
213 status.fast = client.fast_auth; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
214 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
215 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
216 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 -- Client has access if any password-based SASL mechanisms have been used since last password change |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 for mech, mech_last_used in pairs(client.mechanisms) do |
5369
1a58a11407ac
mod_client_management: Fix error when last password change is unknown (or never)
Kim Alvefur <zash@zash.se>
parents:
5343
diff
changeset
|
219 if is_password_mechanism(mech) and (not last_password_change or mech_last_used >= last_password_change) then |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
220 status.password = mech_last_used; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 if prosody.full_sessions[client.full_jid] then |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
225 status.connected = true; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
226 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
227 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
228 if next(status) == nil then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 return nil; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
230 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 return status; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 -- Public API |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 --luacheck: ignore 131 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 function get_active_clients(username) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
237 local clients = client_store:get(username); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 local active_clients = {}; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 local used_grants = {}; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
240 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 -- Go through known clients, check whether they could possibly log in |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
242 for client_id, client in pairs(clients or {}) do --luacheck: ignore 213/client_id |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 local active = is_client_active(client); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 if active then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
245 client.type = "session"; |
5305
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
246 client.id = "client/"..client.id; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
247 client.active = active; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
248 table.insert(active_clients, client); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
249 if active.grant then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
250 used_grants[active.grant.id] = true; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
251 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
252 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
253 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
254 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
255 -- Next, account for any grants that have been issued, but never actually logged in |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
256 for grant_id, grant in pairs(tokenauth.get_user_grants(username) or {}) do |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
257 if not used_grants[grant_id] then -- exclude grants already accounted for |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
258 table.insert(active_clients, { |
5307
2bb27dfd10d5
mod_client_management: Use grant id from key
Matthew Wild <mwild1@gmail.com>
parents:
5306
diff
changeset
|
259 id = "grant/"..grant_id; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
260 type = "access"; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
261 first_seen = grant.created; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
262 last_seen = grant.accessed; |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
263 expires = grant.expires; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
264 active = { |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
265 grant = grant; |
5294
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
266 }; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
267 user_agent = get_user_agent(nil, grant); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
268 }); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
269 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
270 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
271 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
272 table.sort(active_clients, function (a, b) |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
273 if a.last_seen and b.last_seen then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
274 return a.last_seen < b.last_seen; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
275 elseif not (a.last_seen or b.last_seen) then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
276 if a.first_seen and b.first_seen then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
277 return a.first_seen < b.first_seen; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
278 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
279 elseif b.last_seen then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
280 return true; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
281 elseif a.last_seen then |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
282 return false; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
283 end |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
284 return a.id < b.id; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
285 end); |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
286 |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
287 return active_clients; |
385346b6c81d
mod_client_management: New module for users to view/manage permitted clients
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
288 end |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
289 |
5596
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
290 local function user_agent_tostring(user_agent) |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
291 if user_agent then |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
292 if user_agent.software then |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
293 if user_agent.software_version then |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
294 return user_agent.software .. "/" .. user_agent.software_version; |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
295 end |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
296 return user_agent.software; |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
297 end |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
298 end |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
299 end |
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
300 |
5305
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
301 function revoke_client_access(username, client_selector) |
5370
d9d52ad8c1ae
mod_client_management: Fix type confusion
Kim Alvefur <zash@zash.se>
parents:
5369
diff
changeset
|
302 if client_selector then |
d9d52ad8c1ae
mod_client_management: Fix type confusion
Kim Alvefur <zash@zash.se>
parents:
5369
diff
changeset
|
303 local c_type, c_id = client_selector:match("^(%w+)/(.+)$"); |
5305
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
304 if c_type == "client" then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
305 local client = client_store:get_key(username, c_id); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
306 if not client then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
307 return nil, "item-not-found"; |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
308 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
309 local status = is_client_active(client); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
310 if status.connected then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
311 local ok, err = prosody.full_sessions[client.full_jid]:close(); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
312 if not ok then return ok, err; end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
313 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
314 if status.fast then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
315 local ok = mod_fast.revoke_fast_tokens(username, client.id); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
316 if not ok then return nil, "internal-server-error"; end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
317 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
318 if status.grant then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
319 local ok = tokenauth.revoke_grant(username, status.grant.id); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
320 if not ok then return nil, "internal-server-error"; end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
321 end |
5306
210aeb5afe42
mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents:
5305
diff
changeset
|
322 if status.password then |
210aeb5afe42
mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents:
5305
diff
changeset
|
323 return nil, "password-reset-required"; |
210aeb5afe42
mod_client_management: Fail to revoke clients that have used passwords
Matthew Wild <mwild1@gmail.com>
parents:
5305
diff
changeset
|
324 end |
5305
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
325 return true; |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
326 elseif c_type == "grant" then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
327 local grant = tokenauth.get_grant_info(username, c_id); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
328 if not grant then |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
329 return nil, "item-not-found"; |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
330 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
331 local ok = tokenauth.revoke_grant(username, c_id); |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
332 if not ok then return nil, "internal-server-error"; end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
333 return true; |
5595
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
334 elseif c_type == "software" then |
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
335 local active_clients = get_active_clients(username); |
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
336 for _, client in ipairs(active_clients) do |
5597
5ade45d93908
mod_client_management: Fix missing equality check
Kim Alvefur <zash@zash.se>
parents:
5596
diff
changeset
|
337 if client.user_agent and client.user_agent.software == c_id or user_agent_tostring(client.user_agent) == c_id then |
5595
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
338 return revoke_client_access(username, client.id); |
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
339 end |
eae5599bc0b4
mod_client_management: Add way to revoke (one) client by software
Kim Alvefur <zash@zash.se>
parents:
5594
diff
changeset
|
340 end |
5305
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
341 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
342 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
343 |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
344 return nil, "item-not-found"; |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
345 end |
9b9f35aaeb91
mod_client_management: Add support for revocation of clients (when possible)
Matthew Wild <mwild1@gmail.com>
parents:
5304
diff
changeset
|
346 |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
347 -- Protocol |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
348 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
349 local xmlns_manage_clients = "xmpp:prosody.im/protocol/manage-clients"; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
350 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
351 module:hook("iq-get/self/xmpp:prosody.im/protocol/manage-clients:list", function (event) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
352 local origin, stanza = event.origin, event.stanza; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
353 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
354 if not module:may(":list-clients", event) then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
355 origin.send(st.error_reply(stanza, "auth", "forbidden")); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
356 return true; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
357 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
358 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
359 local reply = st.reply(stanza) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
360 :tag("clients", { xmlns = xmlns_manage_clients }); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
361 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
362 local active_clients = get_active_clients(event.origin.username); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
363 for _, client in ipairs(active_clients) do |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
364 local auth_type = st.stanza("auth"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
365 if client.active then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
366 if client.active.password then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
367 auth_type:text_tag("password"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
368 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
369 if client.active.grant then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
370 auth_type:text_tag("bearer-token"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
371 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
372 if client.active.fast then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
373 auth_type:text_tag("fast"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
374 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
375 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
376 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
377 local user_agent = st.stanza("user-agent"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
378 if client.user_agent then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
379 if client.user_agent.software then |
5516
f25df3af02c1
mod_client_management: Include client software version number in listing
Kim Alvefur <zash@zash.se>
parents:
5374
diff
changeset
|
380 user_agent:text_tag("software", client.user_agent.software, { id = client.user_agent.software_id; version = client.user_agent.software_version }); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
381 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
382 if client.user_agent.device then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
383 user_agent:text_tag("device", client.user_agent.device); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
384 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
385 if client.user_agent.uri then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
386 user_agent:text_tag("uri", client.user_agent.uri); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
387 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
388 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
389 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
390 local connected = client.active and client.active.connected; |
5304
717ff9468464
mod_client_management: Include client type in XML response listing
Matthew Wild <mwild1@gmail.com>
parents:
5301
diff
changeset
|
391 reply:tag("client", { id = client.id, connected = connected and "true" or "false", type = client.type }) |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
392 :text_tag("first-seen", dt.datetime(client.first_seen)) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
393 :text_tag("last-seen", dt.datetime(client.last_seen)) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
394 :add_child(auth_type) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
395 :add_child(user_agent) |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
396 :up(); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
397 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
398 reply:up(); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
399 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
400 origin.send(reply); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
401 return true; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
402 end); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
403 |
5343
5c1c70e52635
mod_client_management: Fix import of util.error (not errors)
Kim Alvefur <zash@zash.se>
parents:
5312
diff
changeset
|
404 local revocation_errors = require "util.error".init(module.name, xmlns_manage_clients, { |
5311
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
405 ["item-not-found"] = { "cancel", "item-not-found", "Client not found" }; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
406 ["internal-server-error"] = { "wait", "internal-server-error", "Unable to revoke client access" }; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
407 ["password-reset-required"] = { "cancel", "service-unavailable", "Password reset required", "password-reset-required" }; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
408 }); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
409 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
410 module:hook("iq-set/self/xmpp:prosody.im/protocol/manage-clients:revoke", function (event) |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
411 local origin, stanza = event.origin, event.stanza; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
412 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
413 if not module:may(":manage-clients", event) then |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
414 origin.send(st.error_reply(stanza, "auth", "forbidden")); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
415 return true; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
416 end |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
417 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
418 local client_id = stanza.tags[1].attr.id; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
419 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
420 local ok, err = revocation_errors.coerce(revoke_client_access(origin.username, client_id)); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
421 if not ok then |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
422 origin.send(st.error_reply(stanza, err)); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
423 return true; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
424 end |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
425 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
426 origin.send(st.reply(stanza)); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
427 return true; |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
428 end); |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
429 |
d4a0d2b5343a
mod_client_management: Add support for revoking client access via XMPP
Matthew Wild <mwild1@gmail.com>
parents:
5310
diff
changeset
|
430 |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
431 -- Command |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
432 |
5756
e199f33f7a2e
mod_client_management: Include session in the other new-client event too
Kim Alvefur <zash@zash.se>
parents:
5753
diff
changeset
|
433 module:on_ready(function () |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
434 local console_env = module:shared("/*/admin_shell/env"); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
435 if not console_env.user then return; end -- admin_shell probably not loaded |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
436 |
5308
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
437 function console_env.user:clients(user_jid) |
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
438 local username, host = jid.split(user_jid); |
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
439 local mod = prosody.hosts[host] and prosody.hosts[host].modules.client_management; |
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
440 if not mod then |
5372
2d8076577e14
mod_client_management: Fix error when called against host without this module
Kim Alvefur <zash@zash.se>
parents:
5371
diff
changeset
|
441 return false, ("Host does not exist on this server, or does not have mod_client_management loaded"); |
5308
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
442 end |
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
443 |
f370ccb15f05
mod_client_management: Fix user:clients() shell command to take a JID
Matthew Wild <mwild1@gmail.com>
parents:
5307
diff
changeset
|
444 local clients = mod.get_active_clients(username); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
445 if not clients or #clients == 0 then |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
446 return true, "No clients associated with this account"; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
447 end |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
448 |
5632
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
449 local function date_or_time(last_seen) |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
450 return last_seen and os.date(math.abs(os.difftime(os.time(), last_seen)) >= 86400 and "%Y-%m-%d" or "%H:%M:%S", last_seen); |
5632
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
451 end |
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
452 |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
453 local date_or_time_width = math.max(#os.date("%Y-%m-%d"), #os.date("%H:%M:%S")); |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
454 |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
455 local colspec = { |
5600
c799b460f9f0
mod_client_management: Make ID column dynamically sized
Kim Alvefur <zash@zash.se>
parents:
5599
diff
changeset
|
456 { title = "ID"; key = "id"; width = "1p" }; |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
457 { |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
458 title = "Software"; |
5373
93d6ed7dc779
mod_client_management: Fix changed column cell "key"
Kim Alvefur <zash@zash.se>
parents:
5372
diff
changeset
|
459 key = "user_agent"; |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
460 width = "1p"; |
5596
d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Kim Alvefur <zash@zash.se>
parents:
5595
diff
changeset
|
461 mapper = user_agent_tostring; |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
462 }; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
463 { |
5632
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
464 title = "First seen"; |
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
465 key = "first_seen"; |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
466 width = date_or_time_width; |
5632
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
467 align = "right"; |
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
468 mapper = date_or_time; |
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
469 }; |
1571c280aaef
mod_client_management: Show timestamp of first client appearance
Kim Alvefur <zash@zash.se>
parents:
5600
diff
changeset
|
470 { |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
471 title = "Last seen"; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
472 key = "last_seen"; |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
473 width = date_or_time_width; |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
474 align = "right"; |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
475 mapper = date_or_time; |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
476 }; |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
477 { |
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
478 title = "Expires"; |
5694
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
479 key = "active"; |
5645
f16edebb1305
mod_client_management: Show grant expiry in shell command
Kim Alvefur <zash@zash.se>
parents:
5632
diff
changeset
|
480 width = date_or_time_width; |
5374
d9397d6a5513
mod_client_management: Show time for recent timestamps in shell command
Kim Alvefur <zash@zash.se>
parents:
5373
diff
changeset
|
481 align = "right"; |
5694
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
482 mapper = function(active, client) |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
483 local grant = active and active.grant; |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
484 local expires = client and client.expires; |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
485 local tokens = grant and grant.tokens; |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
486 if expires or not tokens then |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
487 return date_or_time(expires); |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
488 end |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
489 |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
490 for _, token in pairs(tokens) do |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
491 if token.expires and (not expires or token.expires > expires) then |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
492 expires = token.expires; |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
493 end |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
494 end |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
495 return date_or_time(expires); |
8afa0fb8a73e
mod_client_management: Report on longest lived token when grant does not expire
Kim Alvefur <zash@zash.se>
parents:
5683
diff
changeset
|
496 end; |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
497 }; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
498 { |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
499 title = "Authentication"; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
500 key = "active"; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
501 width = "2p"; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
502 mapper = function(active) |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
503 return array.collect(it.keys(active)):sort():concat(", "); |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
504 end; |
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
505 }; |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
506 }; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
507 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
508 local row = require "util.human.io".table(colspec, self.session.width); |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
509 |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
510 local print = self.session.print; |
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
511 print(row()); |
5309
09656e2b4927
mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents:
5308
diff
changeset
|
512 print(string.rep("-", self.session.width)); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
513 for _, client in ipairs(clients) do |
5371
b2d51c6ae89a
mod_client_management: Move table cell formatting into column specification
Kim Alvefur <zash@zash.se>
parents:
5370
diff
changeset
|
514 print(row(client)); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
515 end |
5309
09656e2b4927
mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents:
5308
diff
changeset
|
516 print(string.rep("-", self.session.width)); |
09656e2b4927
mod_client_management: Improve table output
Matthew Wild <mwild1@gmail.com>
parents:
5308
diff
changeset
|
517 return true, ("%d clients"):format(#clients); |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
518 end |
5594
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
519 |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
520 function console_env.user:revoke_client(user_jid, selector) -- luacheck: ignore 212/self |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
521 local username, host = jid.split(user_jid); |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
522 local mod = prosody.hosts[host] and prosody.hosts[host].modules.client_management; |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
523 if not mod then |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
524 return false, ("Host does not exist on this server, or does not have mod_client_management loaded"); |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
525 end |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
526 |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
527 local revoked, err = revocation_errors.coerce(mod.revoke_client_access(username, selector)); |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
528 if not revoked then |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
529 return false, err.text or err; |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
530 end |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
531 return true, "Client access revoked"; |
e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Kim Alvefur <zash@zash.se>
parents:
5593
diff
changeset
|
532 end |
5301
8ef197cccd74
mod_client_management: Add XMPP and shell interfaces to fetch client list
Matthew Wild <mwild1@gmail.com>
parents:
5294
diff
changeset
|
533 end); |