Mercurial > prosody-modules
annotate mod_seclabels/mod_seclabels.lua @ 737:e4ea03b060ed
mod_archive: switch from/to
The XEP-0136 is not very explicit about the meening of <from> and <to>
elements, but the examples are clear: <from> means it comes from the user in
the 'with' attribute of the collection.
That is the opposite of what is currently implemented in that module.
So for better compatibility with complient clients, this switch the 'from' and
'to' fields
| author | Olivier Goffart <ogoffart@woboq.com> |
|---|---|
| date | Wed, 04 Jul 2012 14:08:43 +0200 |
| parents | 48b615229509 |
| children | 5276e1fc26b6 |
| rev | line source |
|---|---|
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 local xmlns_label = "urn:xmpp:sec-label:0"; |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
4 local xmlns_label_catalog = "urn:xmpp:sec-label:catalog:2"; |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
5 local xmlns_label_catalog_old = "urn:xmpp:sec-label:catalog:0"; -- COMPAT |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 module:add_feature(xmlns_label); |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
8 module:add_feature(xmlns_label_catalog); |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
9 module:add_feature(xmlns_label_catalog_old); |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
11 module:hook("account-disco-info", function(event) -- COMPAT |
|
266
e7296274f48c
mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents:
252
diff
changeset
|
12 local stanza = event.stanza; |
|
e7296274f48c
mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents:
252
diff
changeset
|
13 stanza:tag('feature', {var=xmlns_label}):up(); |
|
e7296274f48c
mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents:
252
diff
changeset
|
14 stanza:tag('feature', {var=xmlns_label_catalog}):up(); |
|
e7296274f48c
mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents:
252
diff
changeset
|
15 end); |
|
e7296274f48c
mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents:
252
diff
changeset
|
16 |
|
449
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
17 local default_labels = { |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
18 { |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
19 name = "Unclassified", |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
20 label = true, |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
21 default = true, |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
22 }, |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 Classified = { |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 SECRET = { color = "black", bgcolor = "aqua", label = "THISISSECRET" }; |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 PUBLIC = { label = "THISISPUBLIC" }; |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 }; |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 }; |
|
449
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
28 local catalog_name, catalog_desc, labels; |
|
451
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
29 local function get_conf() |
|
449
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
30 catalog_name = module:get_option_string("security_catalog_name", "Default"); |
|
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
31 catalog_desc = module:get_option_string("security_catalog_desc", "My labels"); |
|
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
32 labels = module:get_option("security_labels", default_labels); |
|
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
33 end |
|
451
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
34 module:hook_global("config-reloaded",get_conf); |
|
449
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
35 get_conf(); |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
37 function handle_catalog_request(request) |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 local catalog_request = request.stanza.tags[1]; |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 local reply = st.reply(request.stanza) |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 :tag("catalog", { |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
41 xmlns = catalog_request.attr.xmlns, |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 to = catalog_request.attr.to, |
|
449
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
43 name = catalog_name, |
|
08ffbbdafeea
mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents:
266
diff
changeset
|
44 desc = catalog_desc |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 }); |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 local function add_labels(catalog, labels, selector) |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
48 local function add_item(item, name) |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
49 local name = name or item.name; |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
50 if item.label then |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
51 if catalog_request.attr.xmlns == xmlns_label_catalog then |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
52 catalog:tag("item", { |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
53 selector = selector..name, |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
54 default = item.default and "true" or nil, |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
55 }):tag("securitylabel", { xmlns = xmlns_label }) |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
56 else -- COMPAT |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
57 catalog:tag("securitylabel", { |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
58 xmlns = xmlns_label, |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
59 selector = selector..name, |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
60 default = item.default and "true" or nil, |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
61 }) |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
62 end |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
63 if item.display or item.color or item.bgcolor then |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
64 catalog:tag("displaymarking", { |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
65 fgcolor = item.color, |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
66 bgcolor = item.bgcolor, |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
67 }):text(item.display or name):up(); |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
68 end |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
69 if type(item.label) == "string" then |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
70 catalog:tag("label"):text(item.label):up(); |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
71 elseif type(item.label) == "table" then |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
72 catalog:tag("label"):add_child(item.label):up(); |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 end |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
74 catalog:up(); |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
75 if catalog_request.attr.xmlns == xmlns_label_catalog then |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
76 catalog:up(); |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
77 end |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 else |
|
452
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
79 add_labels(catalog, item, (selector or "")..name.."|"); |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
80 end |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
81 end |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
82 for i = 1,#labels do |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
83 add_item(labels[i]) |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
84 end |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
85 for name, child in pairs(labels) do |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
86 if type(name) == "string" then |
|
48b615229509
mod_seclabels: Support orderd items
Kim Alvefur <zash@zash.se>
parents:
451
diff
changeset
|
87 add_item(child, name) |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 end |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 end |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 end |
|
451
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
91 -- TODO query remote servers |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
92 --[[ FIXME later |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
93 labels = module:fire_event("sec-label-catalog", { |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
94 to = catalog_request.attr.to, |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
95 request = request; -- or just origin? |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
96 labels = labels; |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
97 }) or labels; |
|
f43d2d26c1c4
mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents:
450
diff
changeset
|
98 --]] |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
99 add_labels(reply, labels, ""); |
|
252
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 request.origin.send(reply); |
|
8eae74a31acb
mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 return true; |
|
450
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
102 end |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
103 module:hook("iq/host/"..xmlns_label_catalog..":catalog", handle_catalog_request); |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
104 module:hook("iq/self/"..xmlns_label_catalog..":catalog", handle_catalog_request); -- COMPAT |
|
fb152d4af082
mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents:
449
diff
changeset
|
105 module:hook("iq/self/"..xmlns_label_catalog_old..":catalog", handle_catalog_request); -- COMPAT |