Mercurial > prosody-modules
comparison mod_muc_access_control/mod_muc_access_control.lua @ 1954:050cd7b6fa96
mod_muc_access_control: Module to allow restricting rooms to a list of JIDs, which can include domains
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sun, 22 Nov 2015 19:33:09 +0000 |
parents | |
children | f54c80404ad3 |
comparison
equal
deleted
inserted
replaced
1953:0c3ba5ff7a3b | 1954:050cd7b6fa96 |
---|---|
1 local st = require "util.stanza"; | |
2 local jid = require "util.jid"; | |
3 local nodeprep = require "util.encodings".stringprep.nodeprep; | |
4 | |
5 local unprepped_access_lists = module:get_option("muc_access_lists", {}); | |
6 local access_lists = {}; | |
7 | |
8 -- Make sure all input is prepped | |
9 for unprepped_room_name, unprepped_list in pairs(unprepped_access_lists) do | |
10 local prepped_room_name = nodeprep(unprepped_room_name); | |
11 if not prepped_room_name then | |
12 module:log("error", "Invalid room name: %s", unprepped_room_name); | |
13 else | |
14 local prepped_list = {}; | |
15 for _, unprepped_jid in ipairs(unprepped_list) do | |
16 local prepped_jid = jid.prep(jid); | |
17 if not prepped_jid then | |
18 module:log("error", "Invalid JID: %s", unprepped_jid); | |
19 else | |
20 table.insert(prepped_list, jid.pep(jid)); | |
21 end | |
22 end | |
23 end | |
24 end | |
25 | |
26 local function is_restricted(room, who) | |
27 local allowed = access_lists[room]; | |
28 | |
29 if allowed == nil or allowed[who] or allowed[select(2, jid.split(who))] then | |
30 return nil; | |
31 end | |
32 | |
33 return "forbidden"; | |
34 end | |
35 | |
36 module:hook("presence/full", function(event) | |
37 local stanza = event.stanza; | |
38 | |
39 if stanza.name == "presence" and stanza.attr.type == "unavailable" then -- Leaving events get discarded | |
40 return; | |
41 end | |
42 | |
43 -- Get the room | |
44 local room = jid.split(stanza.attr.to); | |
45 if not room then return; end | |
46 | |
47 -- Get who has tried to join it | |
48 local who = jid.bare(stanza.attr.from) | |
49 | |
50 -- Checking whether room is restricted | |
51 local check_restricted = is_restricted(room, who) | |
52 if check_restricted ~= nil then | |
53 event.allowed = false; | |
54 event.stanza.attr.type = 'error'; | |
55 return event.origin.send(st.error_reply(event.stanza, "cancel", "forbidden", "You're not allowed to enter this room: " .. check_restricted)); | |
56 end | |
57 end, 10); |