Mercurial > prosody-modules

annotate mod_seclabels/mod_seclabels.lua @ 451:f43d2d26c1c4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_seclabels: Fix config reloading
author Kim Alvefur <zash@zash.se>
date Wed, 05 Oct 2011 23:54:33 +0200
parents fb152d4af082
children 48b615229509
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1 local st = require "util.stanza";
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
2
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local xmlns_label = "urn:xmpp:sec-label:0";
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
4 local xmlns_label_catalog = "urn:xmpp:sec-label:catalog:2";
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
5 local xmlns_label_catalog_old = "urn:xmpp:sec-label:catalog:0"; -- COMPAT
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 module:add_feature(xmlns_label);
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
8 module:add_feature(xmlns_label_catalog);
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
9 module:add_feature(xmlns_label_catalog_old);
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
11 module:hook("account-disco-info", function(event) -- COMPAT
266
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
12 local stanza = event.stanza;
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
13 stanza:tag('feature', {var=xmlns_label}):up();
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
14 stanza:tag('feature', {var=xmlns_label_catalog}):up();
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
15 end);
e7296274f48c mod_seclabels: Advertise features in account disco#info, fixes interop with Swift
Kim Alvefur <zash@zash.se>
parents: 252
diff changeset
16
449
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
17 local default_labels = {
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 Classified = {
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 SECRET = { color = "black", bgcolor = "aqua", label = "THISISSECRET" };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 PUBLIC = { label = "THISISPUBLIC" };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 };
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 };
449
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
23 local catalog_name, catalog_desc, labels;
451
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
24 local function get_conf()
449
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
25 catalog_name = module:get_option_string("security_catalog_name", "Default");
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
26 catalog_desc = module:get_option_string("security_catalog_desc", "My labels");
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
27 labels = module:get_option("security_labels", default_labels);
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
28 end
451
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
29 module:hook_global("config-reloaded",get_conf);
449
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
30 get_conf();
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
32 function handle_catalog_request(request)
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 local catalog_request = request.stanza.tags[1];
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local reply = st.reply(request.stanza)
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 :tag("catalog", {
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
36 xmlns = catalog_request.attr.xmlns,
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 to = catalog_request.attr.to,
449
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
38 name = catalog_name,
08ffbbdafeea mod_seclabels: Fetch catalog from config.
Kim Alvefur <zash@zash.se>
parents: 266
diff changeset
39 desc = catalog_desc
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 });
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 local function add_labels(catalog, labels, selector)
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 for name, value in pairs(labels) do
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 if value.label then
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
45 if catalog_request.attr.xmlns == xmlns_label_catalog then
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
46 catalog:tag("item", {
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
47 selector = selector..name,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
48 default = value.default and "true" or nil,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
49 }):tag("securitylabel", { xmlns = xmlns_label })
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
50 else -- COMPAT
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
51 catalog:tag("securitylabel", {
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
52 xmlns = xmlns_label,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
53 selector = selector..name,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
54 default = value.default and "true" or nil,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
55 })
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
56 end
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
57 if value.name or value.color or value.bgcolor then
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
58 catalog:tag("displaymarking", {
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
59 fgcolor = value.color,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
60 bgcolor = value.bgcolor,
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
61 }):text(value.name or name):up();
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
62 end
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 if type(value.label) == "string" then
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
64 catalog:tag("label"):text(value.label):up();
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
65 elseif type(value.label) == "table" then
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
66 catalog:tag("label"):add_child(value.label):up();
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 end
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
68 catalog:up();
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
69 if catalog_request.attr.xmlns == xmlns_label_catalog then
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
70 catalog:up();
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
71 end
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 else
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 add_labels(catalog, value, (selector or "")..name.."|");
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 end
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 end
451
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
77 -- TODO query remote servers
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
78 --[[ FIXME later
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
79 labels = module:fire_event("sec-label-catalog", {
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
80 to = catalog_request.attr.to,
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
81 request = request; -- or just origin?
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
82 labels = labels;
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
83 }) or labels;
f43d2d26c1c4 mod_seclabels: Fix config reloading
Kim Alvefur <zash@zash.se>
parents: 450
diff changeset
84 --]]
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
85 add_labels(reply, labels, "");
252
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86 request.origin.send(reply);
8eae74a31acb mod_seclabels: Prototype security labels plugin
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 return true;
450
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
88 end
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
89 module:hook("iq/host/"..xmlns_label_catalog..":catalog", handle_catalog_request);
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
90 module:hook("iq/self/"..xmlns_label_catalog..":catalog", handle_catalog_request); -- COMPAT
fb152d4af082 mod_seclabels: Update to latest catalog schema, while keeping compatibility with the old one.
Kim Alvefur <zash@zash.se>
parents: 449
diff changeset
91 module:hook("iq/self/"..xmlns_label_catalog_old..":catalog", handle_catalog_request); -- COMPAT