Mercurial > prosody-modules
comparison mod_muc_access_control/mod_muc_access_control.lua @ 1954:050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sun, 22 Nov 2015 19:33:09 +0000 |
| parents | |
| children | f54c80404ad3 |
comparison
equal
deleted
inserted
replaced
| 1953:0c3ba5ff7a3b | 1954:050cd7b6fa96 |
|---|---|
| 1 local st = require "util.stanza"; | |
| 2 local jid = require "util.jid"; | |
| 3 local nodeprep = require "util.encodings".stringprep.nodeprep; | |
| 4 | |
| 5 local unprepped_access_lists = module:get_option("muc_access_lists", {}); | |
| 6 local access_lists = {}; | |
| 7 | |
| 8 -- Make sure all input is prepped | |
| 9 for unprepped_room_name, unprepped_list in pairs(unprepped_access_lists) do | |
| 10 local prepped_room_name = nodeprep(unprepped_room_name); | |
| 11 if not prepped_room_name then | |
| 12 module:log("error", "Invalid room name: %s", unprepped_room_name); | |
| 13 else | |
| 14 local prepped_list = {}; | |
| 15 for _, unprepped_jid in ipairs(unprepped_list) do | |
| 16 local prepped_jid = jid.prep(jid); | |
| 17 if not prepped_jid then | |
| 18 module:log("error", "Invalid JID: %s", unprepped_jid); | |
| 19 else | |
| 20 table.insert(prepped_list, jid.pep(jid)); | |
| 21 end | |
| 22 end | |
| 23 end | |
| 24 end | |
| 25 | |
| 26 local function is_restricted(room, who) | |
| 27 local allowed = access_lists[room]; | |
| 28 | |
| 29 if allowed == nil or allowed[who] or allowed[select(2, jid.split(who))] then | |
| 30 return nil; | |
| 31 end | |
| 32 | |
| 33 return "forbidden"; | |
| 34 end | |
| 35 | |
| 36 module:hook("presence/full", function(event) | |
| 37 local stanza = event.stanza; | |
| 38 | |
| 39 if stanza.name == "presence" and stanza.attr.type == "unavailable" then -- Leaving events get discarded | |
| 40 return; | |
| 41 end | |
| 42 | |
| 43 -- Get the room | |
| 44 local room = jid.split(stanza.attr.to); | |
| 45 if not room then return; end | |
| 46 | |
| 47 -- Get who has tried to join it | |
| 48 local who = jid.bare(stanza.attr.from) | |
| 49 | |
| 50 -- Checking whether room is restricted | |
| 51 local check_restricted = is_restricted(room, who) | |
| 52 if check_restricted ~= nil then | |
| 53 event.allowed = false; | |
| 54 event.stanza.attr.type = 'error'; | |
| 55 return event.origin.send(st.error_reply(event.stanza, "cancel", "forbidden", "You're not allowed to enter this room: " .. check_restricted)); | |
| 56 end | |
| 57 end, 10); |