Mercurial > prosody-modules
comparison mod_privilege/mod_privilege.lua @ 1666:0b1b4b7d5fe0
mod_privilege: implemented "roster" presence permission
author | Goffi <goffi@goffi.org> |
---|---|
date | Tue, 07 Apr 2015 18:02:54 +0200 |
parents | 746d94f37a4c |
children | c81a981479d4 |
comparison
equal
deleted
inserted
replaced
1665:746d94f37a4c | 1666:0b1b4b7d5fe0 |
---|---|
32 local _PRESENCE_MANAGED = set.new({'managed_entity', 'roster'}) | 32 local _PRESENCE_MANAGED = set.new({'managed_entity', 'roster'}) |
33 local _TO_CHECK = {roster=_ALLOWED_ROSTER, message=_ALLOWED_MESSAGE, presence=_ALLOWED_PRESENCE} | 33 local _TO_CHECK = {roster=_ALLOWED_ROSTER, message=_ALLOWED_MESSAGE, presence=_ALLOWED_PRESENCE} |
34 local _PRIV_ENT_NS = 'urn:xmpp:privilege:1' | 34 local _PRIV_ENT_NS = 'urn:xmpp:privilege:1' |
35 local _FORWARDED_NS = 'urn:xmpp:forward:0' | 35 local _FORWARDED_NS = 'urn:xmpp:forward:0' |
36 | 36 |
37 local last_presence = nil -- cache used to avoid to send several times the same stanza (see § 7 #2) | |
38 | |
37 | 39 |
38 module:log("debug", "Loading privileged entity module "); | 40 module:log("debug", "Loading privileged entity module "); |
39 | 41 |
40 | 42 |
41 --> Permissions management <-- | 43 --> Permissions management <-- |
56 session.send(message) | 58 session.send(message) |
57 end | 59 end |
58 | 60 |
59 function set_presence_perm_set(to_jid, perms) | 61 function set_presence_perm_set(to_jid, perms) |
60 -- fill the global presence sets according to perms | 62 -- fill the global presence sets according to perms |
61 if perms.presence == 'managed_entity' then | 63 if _PRESENCE_MANAGED:contains(perms.presence) then |
62 presence_man_ent:add(to_jid) | 64 presence_man_ent:add(to_jid) |
63 elseif perms.presence == 'roster' then | 65 end |
64 presence_man_ent:add(to_jid) -- roster imply managed_entity | 66 if perms.presence == 'roster' then |
65 presence_roster:add(to_jid) | 67 presence_roster:add(to_jid) |
66 end | 68 end |
67 end | 69 end |
68 | 70 |
69 function advertise_presences(session, to_jid, perms) | 71 function advertise_presences(session, to_jid, perms) |
308 end); | 310 end); |
309 | 311 |
310 | 312 |
311 --> presence permission <-- | 313 --> presence permission <-- |
312 | 314 |
315 function same_tags(tag1, tag2) | |
316 -- check if two tags are equivalent | |
317 | |
318 if tag1.name ~= tag2.name then return false; end | |
319 | |
320 if #tag1 ~= #tag2 then return false; end | |
321 | |
322 for name, value in pairs(tag1.attr) do | |
323 if tag2.attr[name] ~= value then return false; end | |
324 end | |
325 | |
326 for i=1,#tag1 do | |
327 if type(tag1[i]) == "string" then | |
328 if tag1[i] ~= tag2[i] then return false; end | |
329 else | |
330 if not same_tags(tag1[i], tag2[i]) then return false; end | |
331 end | |
332 end | |
333 | |
334 return true | |
335 end | |
336 | |
337 function same_presences(presence1, presence2) | |
338 -- check that 2 <presence/> stanzas are equivalent (except for "to" attribute) | |
339 -- /!\ if the id change but everything else is equivalent, this method return false | |
340 -- this behaviour may change in the future | |
341 if presence1.attr.from ~= presence2.attr.from or presence1.attr.id ~= presence2.attr.id | |
342 or presence1.attr.type ~= presence2.attr.type then | |
343 return false | |
344 end | |
345 | |
346 if presence1.attr.id and presence1.attr.id == presence2.attr.id then return true; end | |
347 | |
348 if #presence1 ~= #presence2 then return false; end | |
349 | |
350 for i=1,#presence1 do | |
351 if type(presence1[i]) == "string" then | |
352 if presence1[i] ~= presence2[i] then return false; end | |
353 else | |
354 if not same_tags(presence1[i], presence2[i]) then return false; end | |
355 end | |
356 end | |
357 | |
358 return true | |
359 end | |
360 | |
361 function forward_presence(presence, to_jid) | |
362 presence_fwd = st.clone(presence) | |
363 presence_fwd.attr.to = to_jid | |
364 module:log("debug", "presence forwarded to "..to_jid..": "..tostring(presence_fwd)) | |
365 module:send(presence_fwd) | |
366 last_presence = presence -- we keep the presence in cache | |
367 end | |
368 | |
313 module:hook("presence/bare", function(event) | 369 module:hook("presence/bare", function(event) |
314 if presence_man_ent:empty() then return; end | 370 if presence_man_ent:empty() and presence_roster:empty() then return; end |
315 local session, stanza = event.origin, event.stanza; | 371 |
316 if stanza.attr.to then return; end | 372 local session, stanza = event.origin, event.stanza; |
317 if stanza.attr.type == nil or stanza.attr.type == "unavailable" then | 373 if stanza.attr.type == nil or stanza.attr.type == "unavailable" then |
318 for entity in presence_man_ent:items() do | 374 if not stanza.attr.to then |
319 if stanza.attr.from ~= entity then | 375 for entity in presence_man_ent:items() do |
320 presence_fwd = st.clone(stanza) | 376 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end |
321 presence_fwd.attr.to = entity | 377 end |
322 module:log("debug", "presence forwarded to "..entity..": "..tostring(presence_fwd)) | 378 else -- directed presence |
323 prosody.core_route_stanza(nil, presence_fwd) | 379 -- we ignore directed presences from our own host, as we already have them |
324 end | 380 _, from_host = jid.split(stanza.attr.from) |
325 end | 381 if hosts[from_host] then return; end |
326 end | 382 |
327 end, 150); | 383 -- we don't send several time the same presence, as recommended in §7 #2 |
384 if last_presence and same_presences(last_presence, stanza) then | |
385 return | |
386 end | |
387 | |
388 for entity in presence_roster:items() do | |
389 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end | |
390 end | |
391 end | |
392 end | |
393 end, 150) |