Mercurial > prosody-modules
comparison mod_privilege/mod_privilege.lua @ 4913:3ddab718f717
mod_privilege: update to v0.4:
- now the namespace "urn:xmpp:privilege:2" is exclusively used
- IQ permission implementation
- README update
roster pushes are not implemented yet
author | Goffi <goffi@goffi.org> |
---|---|
date | Wed, 11 May 2022 12:43:26 +0200 |
parents | 7454274ead2f |
children | cce12a660b98 |
comparison
equal
deleted
inserted
replaced
4912:b45c23ce24ba | 4913:3ddab718f717 |
---|---|
1 -- XEP-0356 (Privileged Entity) | 1 -- XEP-0356 (Privileged Entity) |
2 -- Copyright (C) 2015-2016 Jérôme Poisson | 2 -- Copyright (C) 2015-2022 Jérôme Poisson |
3 -- | 3 -- |
4 -- This module is MIT/X11 licensed. Please see the | 4 -- This module is MIT/X11 licensed. Please see the |
5 -- COPYING file in the source package for more information. | 5 -- COPYING file in the source package for more information. |
6 -- | 6 -- |
7 -- Some parts come from mod_remote_roster (module by Waqas Hussain and Kim Alvefur, see https://code.google.com/p/prosody-modules/) | 7 -- Some parts come from mod_remote_roster (module by Waqas Hussain and Kim Alvefur, see https://code.google.com/p/prosody-modules/) |
10 | 10 |
11 local jid = require("util.jid") | 11 local jid = require("util.jid") |
12 local set = require("util.set") | 12 local set = require("util.set") |
13 local st = require("util.stanza") | 13 local st = require("util.stanza") |
14 local roster_manager = require("core.rostermanager") | 14 local roster_manager = require("core.rostermanager") |
15 local usermanager_user_exists = require "core.usermanager".user_exists; | 15 local usermanager_user_exists = require "core.usermanager".user_exists |
16 local hosts = prosody.hosts | 16 local hosts = prosody.hosts |
17 local full_sessions = prosody.full_sessions; | 17 local full_sessions = prosody.full_sessions |
18 | 18 |
19 local priv_session = module:shared("/*/privilege/session") | 19 local priv_session = module:shared("/*/privilege/session") |
20 | 20 |
21 if priv_session.connected_cb == nil then | 21 if priv_session.connected_cb == nil then |
22 -- set used to have connected event listeners | 22 -- set used to have connected event listeners |
23 -- which allows a host to react on events from | 23 -- which allows a host to react on events from |
24 -- other hosts | 24 -- other hosts |
25 priv_session.connected_cb = set.new() | 25 priv_session.connected_cb = set.new() |
26 end | 26 end |
27 local connected_cb = priv_session.connected_cb | 27 local connected_cb = priv_session.connected_cb |
28 | 28 |
29 -- the folowing sets are used to forward presence stanza | 29 -- the folowing sets are used to forward presence stanza |
30 -- the folowing sets are used to forward presence stanza | 30 -- the folowing sets are used to forward presence stanza |
36 local _ROSTER_SET_PERM = set.new({'set', 'both'}) | 36 local _ROSTER_SET_PERM = set.new({'set', 'both'}) |
37 local _ALLOWED_MESSAGE = set.new({'none', 'outgoing'}) | 37 local _ALLOWED_MESSAGE = set.new({'none', 'outgoing'}) |
38 local _ALLOWED_PRESENCE = set.new({'none', 'managed_entity', 'roster'}) | 38 local _ALLOWED_PRESENCE = set.new({'none', 'managed_entity', 'roster'}) |
39 local _PRESENCE_MANAGED = set.new({'managed_entity', 'roster'}) | 39 local _PRESENCE_MANAGED = set.new({'managed_entity', 'roster'}) |
40 local _TO_CHECK = {roster=_ALLOWED_ROSTER, message=_ALLOWED_MESSAGE, presence=_ALLOWED_PRESENCE} | 40 local _TO_CHECK = {roster=_ALLOWED_ROSTER, message=_ALLOWED_MESSAGE, presence=_ALLOWED_PRESENCE} |
41 local _PRIV_ENT_NS = 'urn:xmpp:privilege:1' | 41 local _PRIV_ENT_NS = 'urn:xmpp:privilege:2' |
42 local _FORWARDED_NS = 'urn:xmpp:forward:0' | 42 local _FORWARDED_NS = 'urn:xmpp:forward:0' |
43 local _MODULE_HOST = module:get_host() | 43 local _MODULE_HOST = module:get_host() |
44 | 44 |
45 | 45 |
46 module:log("debug", "Loading privileged entity module "); | 46 module:log("debug", "Loading privileged entity module ") |
47 | 47 |
48 | 48 |
49 --> Permissions management <-- | 49 --> Permissions management <-- |
50 | 50 |
51 local privileges = module:get_option("privileged_entities", {}) | 51 local config_priv = module:get_option("privileged_entities", {}) |
52 | 52 |
53 local function get_session_privileges(session, host) | 53 local function get_session_privileges(session, host) |
54 if not session.privileges then return nil end | 54 if not session.privileges then return nil end |
55 return session.privileges[host] | 55 return session.privileges[host] |
56 end | 56 end |
57 | 57 |
58 | 58 |
59 local function advertise_perm(session, to_jid, perms) | 59 local function advertise_perm(session, to_jid, perms) |
60 -- send <message/> stanza to advertise permissions | 60 -- send <message/> stanza to advertise permissions |
61 -- as expained in § 4.2 | 61 -- as expained in § 4.2 |
62 local message = st.message({from=module.host, to=to_jid}) | 62 local message = st.message({from=module.host, to=to_jid}) |
63 :tag("privilege", {xmlns=_PRIV_ENT_NS}) | 63 :tag("privilege", {xmlns=_PRIV_ENT_NS}) |
64 | 64 |
65 for _, perm in pairs({'roster', 'message', 'presence'}) do | 65 for _, perm in pairs({'roster', 'message', 'presence'}) do |
66 if perms[perm] then | 66 if perms[perm] then |
67 message:tag("perm", {access=perm, type=perms[perm]}):up() | 67 message:tag("perm", {access=perm, type=perms[perm]}):up() |
68 end | 68 end |
69 end | 69 end |
70 session.send(message) | 70 local iq_perm = perms["iq"] |
71 if iq_perm ~= nil then | |
72 message:tag("perm", {access="iq"}) | |
73 for namespace, ns_perm in pairs(iq_perm) do | |
74 local perm_type | |
75 if ns_perm.set and ns_perm.get then | |
76 perm_type = "both" | |
77 elseif ns_perm.set then | |
78 perm_type = "set" | |
79 elseif ns_perm.get then | |
80 perm_type = "get" | |
81 else | |
82 perm_type = nil | |
83 end | |
84 message:tag("namespace", {ns=namespace, type=perm_type}) | |
85 end | |
86 end | |
87 session.send(message) | |
71 end | 88 end |
72 | 89 |
73 local function set_presence_perm_set(to_jid, perms) | 90 local function set_presence_perm_set(to_jid, perms) |
74 -- fill the presence sets according to perms | 91 -- fill the presence sets according to perms |
75 if _PRESENCE_MANAGED:contains(perms.presence) then | 92 if _PRESENCE_MANAGED:contains(perms.presence) then |
76 presence_man_ent:add(to_jid) | 93 presence_man_ent:add(to_jid) |
77 end | 94 end |
78 if perms.presence == 'roster' then | 95 if perms.presence == 'roster' then |
79 presence_roster:add(to_jid) | 96 presence_roster:add(to_jid) |
80 end | 97 end |
81 end | 98 end |
82 | 99 |
83 local function advertise_presences(session, to_jid, perms) | 100 local function advertise_presences(session, to_jid, perms) |
84 -- send presence status for already conencted entities | 101 -- send presence status for already connected entities |
85 -- as explained in § 7.1 | 102 -- as explained in § 7.1 |
86 -- people in roster are probed only for active sessions | 103 -- people in roster are probed only for active sessions |
87 -- TODO: manage roster load for inactive sessions | 104 -- TODO: manage roster load for inactive sessions |
88 if not perms.presence then return; end | 105 if not perms.presence then return; end |
89 local to_probe = {} | 106 local to_probe = {} |
90 for _, user_session in pairs(full_sessions) do | 107 for _, user_session in pairs(full_sessions) do |
91 if user_session.presence and _PRESENCE_MANAGED:contains(perms.presence) then | 108 if user_session.presence and _PRESENCE_MANAGED:contains(perms.presence) then |
92 local presence = st.clone(user_session.presence) | 109 local presence = st.clone(user_session.presence) |
93 presence.attr.to = to_jid | 110 presence.attr.to = to_jid |
94 module:log("debug", "sending current presence for "..tostring(user_session.full_jid)) | 111 module:log("debug", "sending current presence for "..tostring(user_session.full_jid)) |
95 session.send(presence) | 112 session.send(presence) |
96 end | 113 end |
97 if perms.presence == "roster" then | 114 if perms.presence == "roster" then |
98 -- we reset the cache to avoid to miss a presence that just changed | 115 -- we reset the cache to avoid to miss a presence that just changed |
99 priv_session.last_presence = nil | 116 priv_session.last_presence = nil |
100 | 117 |
101 if user_session.roster then | 118 if user_session.roster then |
102 local bare_jid = jid.bare(user_session.full_jid) | 119 local bare_jid = jid.bare(user_session.full_jid) |
103 for entity, item in pairs(user_session.roster) do | 120 for entity, item in pairs(user_session.roster) do |
104 if entity~=false and entity~="pending" and (item.subscription=="both" or item.subscription=="to") then | 121 if entity~=false and entity~="pending" and (item.subscription=="both" or item.subscription=="to") then |
105 local _, host = jid.split(entity) | 122 local _, host = jid.split(entity) |
106 if not hosts[host] then -- we don't probe jid from hosts we manage | 123 if not hosts[host] then -- we don't probe jid from hosts we manage |
107 -- using a table with entity as key avoid probing several time the same one | 124 -- using a table with entity as key avoid probing several time the same one |
108 to_probe[entity] = bare_jid | 125 to_probe[entity] = bare_jid |
109 end | 126 end |
110 end | 127 end |
111 end | 128 end |
112 end | 129 end |
113 end | 130 end |
114 end | 131 end |
115 | 132 |
116 -- now we probe peoples for "roster" presence permission | 133 -- now we probe peoples for "roster" presence permission |
117 for probe_to, probe_from in pairs(to_probe) do | 134 for probe_to, probe_from in pairs(to_probe) do |
118 module:log("debug", "probing presence for %s (on behalf of %s)", tostring(probe_to), tostring(probe_from)) | 135 module:log("debug", "probing presence for %s (on behalf of %s)", tostring(probe_to), tostring(probe_from)) |
119 local probe = st.presence({from=probe_from, to=probe_to, type="probe"}) | 136 local probe = st.presence({from=probe_from, to=probe_to, type="probe"}) |
120 prosody.core_route_stanza(nil, probe) | 137 prosody.core_route_stanza(nil, probe) |
121 end | 138 end |
122 end | 139 end |
140 | |
123 | 141 |
124 local function on_auth(event) | 142 local function on_auth(event) |
125 -- Check if entity is privileged according to configuration, | 143 -- Check if entity is privileged according to configuration, |
126 -- and set session.privileges accordingly | 144 -- and set session.privileges accordingly |
127 | 145 |
128 local session = event.session | 146 local session = event.session |
129 local bare_jid = jid.join(session.username, session.host) | 147 local bare_jid = jid.join(session.username, session.host) |
130 if not session.privileges then | 148 if not session.privileges then |
131 session.privileges = {} | 149 session.privileges = {} |
132 end | 150 end |
133 | 151 |
134 local ent_priv = privileges[bare_jid] | 152 local conf_ent_priv = config_priv[bare_jid] |
135 if ent_priv ~= nil then | 153 local ent_priv = {} |
136 module:log("debug", "Entity is privileged") | 154 if conf_ent_priv ~= nil then |
137 for perm_type, allowed_values in pairs(_TO_CHECK) do | 155 module:log("debug", "Entity is privileged") |
138 local value = ent_priv[perm_type] | 156 for perm_type, allowed_values in pairs(_TO_CHECK) do |
139 if value ~= nil then | 157 local value = conf_ent_priv[perm_type] |
140 if not allowed_values:contains(value) then | 158 if value ~= nil then |
141 module:log('warn', 'Invalid value for '..perm_type..' privilege: ['..value..']') | 159 if not allowed_values:contains(value) then |
142 module:log('warn', 'Setting '..perm_type..' privilege to none') | 160 module:log('warn', 'Invalid value for '..perm_type..' privilege: ['..value..']') |
143 ent_priv[perm_type] = nil | 161 module:log('warn', 'Setting '..perm_type..' privilege to none') |
144 end | 162 ent_priv[perm_type] = nil |
145 if value == 'none' then | 163 elseif value == 'none' then |
146 ent_priv[perm_type] = nil | 164 ent_priv[perm_type] = nil |
147 end | 165 else |
148 end | 166 ent_priv[perm_type] = value |
149 end | 167 end |
150 -- extra checks for presence permission | 168 else |
151 if ent_priv.presence == 'roster' and not _ROSTER_GET_PERM:contains(ent_priv.roster) then | 169 ent_priv[perm_type] = nil |
152 module:log("warn", "Can't allow roster presence privilege without roster \"get\" privilege") | 170 end |
153 module:log("warn", "Setting presence permission to none") | 171 end |
154 ent_priv.presence = nil | 172 -- extra checks for presence permission |
155 end | 173 if ent_priv.presence == 'roster' and not _ROSTER_GET_PERM:contains(ent_priv.roster) then |
156 | 174 module:log("warn", "Can't allow roster presence privilege without roster \"get\" privilege") |
157 if session.type == "component" then | 175 module:log("warn", "Setting presence permission to none") |
158 -- we send the message stanza only for component | 176 ent_priv.presence = nil |
159 -- it will be sent at first <presence/> for other entities | 177 end |
160 advertise_perm(session, bare_jid, ent_priv) | 178 -- iq permission |
161 set_presence_perm_set(bare_jid, ent_priv) | 179 local iq_perm_config = conf_ent_priv["iq"] |
162 advertise_presences(session, bare_jid, ent_priv) | 180 if iq_perm_config ~= nil then |
163 end | 181 local iq_perm = {} |
164 end | 182 ent_priv["iq"] = iq_perm |
165 | 183 for ns, ns_perm_config in pairs(iq_perm_config) do |
166 session.privileges[_MODULE_HOST] = ent_priv | 184 iq_perm[ns] = { |
185 ["get"] = ns_perm_config == "get" or ns_perm_config == "both", | |
186 ["set"] = ns_perm_config == "set" or ns_perm_config == "both" | |
187 } | |
188 end | |
189 else | |
190 ent_priv["iq"] = nil | |
191 end | |
192 | |
193 if session.type == "component" then | |
194 -- we send the message stanza only for component | |
195 -- it will be sent at first <presence/> for other entities | |
196 advertise_perm(session, bare_jid, ent_priv) | |
197 set_presence_perm_set(bare_jid, ent_priv) | |
198 advertise_presences(session, bare_jid, ent_priv) | |
199 end | |
200 end | |
201 | |
202 session.privileges[_MODULE_HOST] = ent_priv | |
167 end | 203 end |
168 | 204 |
169 local function on_presence(event) | 205 local function on_presence(event) |
170 -- Permission are already checked at this point, | 206 -- Permission are already checked at this point, |
171 -- we only advertise them to the entity | 207 -- we only advertise them to the entity |
172 local session = event.origin | 208 local session = event.origin |
173 local session_privileges = get_session_privileges(session, _MODULE_HOST) | 209 local session_privileges = get_session_privileges(session, _MODULE_HOST) |
174 if session_privileges then | 210 if session_privileges then |
175 advertise_perm(session, session.full_jid, session_privileges) | 211 advertise_perm(session, session.full_jid, session_privileges) |
176 set_presence_perm_set(session.full_jid, session_privileges) | 212 set_presence_perm_set(session.full_jid, session_privileges) |
177 advertise_presences(session, session.full_jid, session_privileges) | 213 advertise_presences(session, session.full_jid, session_privileges) |
178 end | 214 end |
179 end | 215 end |
180 | 216 |
181 local function on_component_auth(event) | 217 local function on_component_auth(event) |
182 -- react to component-authenticated event from this host | 218 -- react to component-authenticated event from this host |
183 -- and call the on_auth methods from all other hosts | 219 -- and call the on_auth methods from all other hosts |
184 -- needed for the component to get delegations advertising | 220 -- needed for the component to get delegations advertising |
185 for callback in connected_cb:items() do | 221 for callback in connected_cb:items() do |
186 callback(event) | 222 callback(event) |
187 end | 223 end |
188 end | 224 end |
189 | 225 |
190 if module:get_host_type() ~= "component" then | 226 if module:get_host_type() ~= "component" then |
191 connected_cb:add(on_auth) | 227 connected_cb:add(on_auth) |
192 end | 228 end |
197 | 233 |
198 --> roster permission <-- | 234 --> roster permission <-- |
199 | 235 |
200 -- get | 236 -- get |
201 module:hook("iq-get/bare/jabber:iq:roster:query", function(event) | 237 module:hook("iq-get/bare/jabber:iq:roster:query", function(event) |
202 local session, stanza = event.origin, event.stanza; | 238 local session, stanza = event.origin, event.stanza |
203 if not stanza.attr.to then | 239 if not stanza.attr.to then |
204 -- we don't want stanzas addressed to /self | 240 -- we don't want stanzas addressed to /self |
205 return; | 241 return |
206 end | 242 end |
207 local node, host = jid.split(stanza.attr.to); | 243 local node, host = jid.split(stanza.attr.to) |
208 local session_privileges = get_session_privileges(session, host) | 244 local session_privileges = get_session_privileges(session, host) |
209 | 245 |
210 if session_privileges and _ROSTER_GET_PERM:contains(session_privileges.roster) then | 246 if session_privileges and _ROSTER_GET_PERM:contains(session_privileges.roster) then |
211 module:log("debug", "Roster get from allowed privileged entity received") | 247 module:log("debug", "Roster get from allowed privileged entity received") |
212 -- following code is adapted from mod_remote_roster | 248 -- following code is adapted from mod_remote_roster |
213 local roster = roster_manager.load_roster(node, host); | 249 local roster = roster_manager.load_roster(node, host) |
214 | 250 |
215 local reply = st.reply(stanza):query("jabber:iq:roster"); | 251 local reply = st.reply(stanza):query("jabber:iq:roster") |
216 for entity_jid, item in pairs(roster) do | 252 for entity_jid, item in pairs(roster) do |
217 if entity_jid and entity_jid ~= "pending" then | 253 if entity_jid and entity_jid ~= "pending" then |
218 reply:tag("item", { | 254 reply:tag("item", { |
219 jid = entity_jid, | 255 jid = entity_jid, |
220 subscription = item.subscription, | 256 subscription = item.subscription, |
221 ask = item.ask, | 257 ask = item.ask, |
222 name = item.name, | 258 name = item.name, |
223 }); | 259 }) |
224 for group in pairs(item.groups) do | 260 for group in pairs(item.groups) do |
225 reply:tag("group"):text(group):up(); | 261 reply:tag("group"):text(group):up() |
226 end | 262 end |
227 reply:up(); -- move out from item | 263 reply:up(); -- move out from item |
228 end | 264 end |
229 end | 265 end |
230 -- end of code adapted from mod_remote_roster | 266 -- end of code adapted from mod_remote_roster |
231 session.send(reply); | 267 session.send(reply) |
232 else | 268 else |
233 module:log("warn", "Entity "..tostring(session.full_jid).." try to get roster without permission") | 269 module:log("warn", "Entity "..tostring(session.full_jid).." try to get roster without permission") |
234 session.send(st.error_reply(stanza, 'auth', 'forbidden')) | 270 session.send(st.error_reply(stanza, 'auth', 'forbidden')) |
235 end | 271 end |
236 | 272 |
237 return true | 273 return true |
238 end); | 274 end) |
239 | 275 |
240 -- set | 276 -- set |
241 module:hook("iq-set/bare/jabber:iq:roster:query", function(event) | 277 module:hook("iq-set/bare/jabber:iq:roster:query", function(event) |
242 local session, stanza = event.origin, event.stanza; | 278 local session, stanza = event.origin, event.stanza |
243 if not stanza.attr.to then | 279 if not stanza.attr.to then |
244 -- we don't want stanzas addressed to /self | 280 -- we don't want stanzas addressed to /self |
245 return; | 281 return |
246 end | 282 end |
247 local from_node, from_host = jid.split(stanza.attr.to); | 283 local from_node, from_host = jid.split(stanza.attr.to) |
248 local session_privileges = get_session_privileges(session, from_host) | 284 local session_privileges = get_session_privileges(session, from_host) |
249 | 285 |
250 if session_privileges and _ROSTER_SET_PERM:contains(session_privileges.roster) then | 286 if session_privileges and _ROSTER_SET_PERM:contains(session_privileges.roster) then |
251 module:log("debug", "Roster set from allowed privileged entity received") | 287 module:log("debug", "Roster set from allowed privileged entity received") |
252 -- following code is adapted from mod_remote_roster | 288 -- following code is adapted from mod_remote_roster |
253 if not(usermanager_user_exists(from_node, from_host)) then return; end | 289 if not(usermanager_user_exists(from_node, from_host)) then return; end |
254 local roster = roster_manager.load_roster(from_node, from_host); | 290 local roster = roster_manager.load_roster(from_node, from_host) |
255 if not(roster) then return; end | 291 if not(roster) then return; end |
256 | 292 |
257 local query = stanza.tags[1]; | 293 local query = stanza.tags[1] |
258 for _, item in ipairs(query.tags) do | 294 for _, item in ipairs(query.tags) do |
259 if item.name == "item" | 295 if item.name == "item" |
260 and item.attr.xmlns == "jabber:iq:roster" and item.attr.jid | 296 and item.attr.xmlns == "jabber:iq:roster" and item.attr.jid |
261 -- Protection against overwriting roster.pending, until we move it | 297 -- Protection against overwriting roster.pending, until we move it |
262 and item.attr.jid ~= "pending" then | 298 and item.attr.jid ~= "pending" then |
263 | 299 |
264 local item_jid = jid.prep(item.attr.jid); | 300 local item_jid = jid.prep(item.attr.jid) |
265 local _, host, resource = jid.split(item_jid); | 301 local _, host, resource = jid.split(item_jid) |
266 if not resource then | 302 if not resource then |
267 if item_jid ~= stanza.attr.to then -- not self-item_jid | 303 if item_jid ~= stanza.attr.to then -- not self-item_jid |
268 if item.attr.subscription == "remove" then | 304 if item.attr.subscription == "remove" then |
269 local r_item = roster[item_jid]; | 305 local r_item = roster[item_jid] |
270 if r_item then | 306 if r_item then |
271 roster[item_jid] = nil; | 307 roster[item_jid] = nil |
272 if roster_manager.save_roster(from_node, from_host, roster) then | 308 if roster_manager.save_roster(from_node, from_host, roster) then |
273 session.send(st.reply(stanza)); | 309 session.send(st.reply(stanza)) |
274 roster_manager.roster_push(from_node, from_host, item_jid); | 310 roster_manager.roster_push(from_node, from_host, item_jid) |
275 else | 311 else |
276 roster[item_jid] = item; | 312 roster[item_jid] = item |
277 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Unable to save roster")); | 313 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Unable to save roster")) |
278 end | 314 end |
279 else | 315 else |
280 session.send(st.error_reply(stanza, "modify", "item-not-found")); | 316 session.send(st.error_reply(stanza, "modify", "item-not-found")) |
281 end | 317 end |
282 else | 318 else |
283 local subscription = item.attr.subscription; | 319 local subscription = item.attr.subscription |
284 if subscription ~= "both" and subscription ~= "to" and subscription ~= "from" and subscription ~= "none" then -- TODO error on invalid | 320 if subscription ~= "both" and subscription ~= "to" and subscription ~= "from" and subscription ~= "none" then -- TODO error on invalid |
285 subscription = roster[item_jid] and roster[item_jid].subscription or "none"; | 321 subscription = roster[item_jid] and roster[item_jid].subscription or "none" |
286 end | 322 end |
287 local r_item = {name = item.attr.name, groups = {}}; | 323 local r_item = {name = item.attr.name, groups = {}} |
288 if r_item.name == "" then r_item.name = nil; end | 324 if r_item.name == "" then r_item.name = nil; end |
289 r_item.subscription = subscription; | 325 r_item.subscription = subscription |
290 if subscription ~= "both" and subscription ~= "to" then | 326 if subscription ~= "both" and subscription ~= "to" then |
291 r_item.ask = roster[item_jid] and roster[item_jid].ask; | 327 r_item.ask = roster[item_jid] and roster[item_jid].ask |
292 end | 328 end |
293 for _, child in ipairs(item) do | 329 for _, child in ipairs(item) do |
294 if child.name == "group" then | 330 if child.name == "group" then |
295 local text = table.concat(child); | 331 local text = table.concat(child) |
296 if text and text ~= "" then | 332 if text and text ~= "" then |
297 r_item.groups[text] = true; | 333 r_item.groups[text] = true |
298 end | 334 end |
299 end | 335 end |
300 end | 336 end |
301 local olditem = roster[item_jid]; | 337 local olditem = roster[item_jid] |
302 roster[item_jid] = r_item; | 338 roster[item_jid] = r_item |
303 if roster_manager.save_roster(from_node, from_host, roster) then -- Ok, send success | 339 if roster_manager.save_roster(from_node, from_host, roster) then -- Ok, send success |
304 session.send(st.reply(stanza)); | 340 session.send(st.reply(stanza)) |
305 -- and push change to all resources | 341 -- and push change to all resources |
306 roster_manager.roster_push(from_node, from_host, item_jid); | 342 roster_manager.roster_push(from_node, from_host, item_jid) |
307 else -- Adding to roster failed | 343 else -- Adding to roster failed |
308 roster[item_jid] = olditem; | 344 roster[item_jid] = olditem |
309 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Unable to save roster")); | 345 session.send(st.error_reply(stanza, "wait", "internal-server-error", "Unable to save roster")) |
310 end | 346 end |
311 end | 347 end |
312 else -- Trying to add self to roster | 348 else -- Trying to add self to roster |
313 session.send(st.error_reply(stanza, "cancel", "not-allowed")); | 349 session.send(st.error_reply(stanza, "cancel", "not-allowed")) |
314 end | 350 end |
315 else -- Invalid JID added to roster | 351 else -- Invalid JID added to roster |
316 module:log("warn", "resource: %s , host: %s", tostring(resource), tostring(host)) | 352 module:log("warn", "resource: %s , host: %s", tostring(resource), tostring(host)) |
317 session.send(st.error_reply(stanza, "modify", "bad-request")); -- FIXME what's the correct error? | 353 session.send(st.error_reply(stanza, "modify", "bad-request")); -- FIXME what's the correct error? |
318 end | 354 end |
319 else -- Roster set didn't include a single item, or its name wasn't 'item' | 355 else -- Roster set didn't include a single item, or its name wasn't 'item' |
320 session.send(st.error_reply(stanza, "modify", "bad-request")); | 356 session.send(st.error_reply(stanza, "modify", "bad-request")) |
321 end | 357 end |
322 end -- for loop end | 358 end -- for loop end |
323 -- end of code adapted from mod_remote_roster | 359 -- end of code adapted from mod_remote_roster |
324 else -- The permission is not granted | 360 else -- The permission is not granted |
325 module:log("warn", "Entity "..tostring(session.full_jid).." try to set roster without permission") | 361 module:log("warn", "Entity "..tostring(session.full_jid).." try to set roster without permission") |
326 session.send(st.error_reply(stanza, 'auth', 'forbidden')) | 362 session.send(st.error_reply(stanza, 'auth', 'forbidden')) |
327 end | 363 end |
328 | 364 |
329 return true | 365 return true |
330 end); | 366 end) |
331 | 367 |
332 | 368 |
333 --> message permission <-- | 369 --> message permission <-- |
334 | 370 |
335 local function clean_xmlns(node) | 371 local function clean_xmlns(node) |
336 -- Recursively remove "jabber:client" attribute from node. | 372 -- Recursively remove "jabber:client" attribute from node. |
337 -- In Prosody internal routing, xmlns should not be set. | 373 -- In Prosody internal routing, xmlns should not be set. |
338 -- Keeping xmlns would lead to issues like mod_smacks ignoring the outgoing stanza, | 374 -- Keeping xmlns would lead to issues like mod_smacks ignoring the outgoing stanza, |
339 -- so we remove all xmlns attributes with a value of "jabber:client" | 375 -- so we remove all xmlns attributes with a value of "jabber:client" |
340 if node.attr.xmlns == 'jabber:client' then | 376 if node.attr.xmlns == 'jabber:client' then |
341 for childnode in node:childtags() do | 377 for childnode in node:childtags() do |
342 clean_xmlns(childnode); | 378 clean_xmlns(childnode) |
343 end | 379 end |
344 node.attr.xmlns = nil; | 380 node.attr.xmlns = nil |
345 end | 381 end |
346 end | 382 end |
347 | 383 |
348 module:hook("message/host", function(event) | 384 module:hook("message/host", function(event) |
349 local session, stanza = event.origin, event.stanza; | 385 local session, stanza = event.origin, event.stanza |
350 local privilege_elt = stanza:get_child('privilege', _PRIV_ENT_NS) | 386 local privilege_elt = stanza:get_child('privilege', _PRIV_ENT_NS) |
351 if privilege_elt==nil then return; end | 387 if privilege_elt==nil then return; end |
352 local _, to_host = jid.split(stanza.attr.to) | 388 local _, to_host = jid.split(stanza.attr.to) |
353 local session_privileges = get_session_privileges(session, to_host) | 389 local session_privileges = get_session_privileges(session, to_host) |
354 | 390 |
355 if session_privileges and session_privileges.message=="outgoing" then | 391 if session_privileges and session_privileges.message=="outgoing" then |
356 if #privilege_elt.tags==1 and privilege_elt.tags[1].name == "forwarded" | 392 if #privilege_elt.tags==1 and privilege_elt.tags[1].name == "forwarded" |
357 and privilege_elt.tags[1].attr.xmlns==_FORWARDED_NS then | 393 and privilege_elt.tags[1].attr.xmlns==_FORWARDED_NS then |
358 local message_elt = privilege_elt.tags[1]:get_child('message', 'jabber:client') | 394 local message_elt = privilege_elt.tags[1]:get_child('message', 'jabber:client') |
359 if message_elt ~= nil then | 395 if message_elt ~= nil then |
360 local _, from_host, from_resource = jid.split(message_elt.attr.from) | 396 local _, from_host, from_resource = jid.split(message_elt.attr.from) |
361 if from_resource == nil and hosts[from_host] then -- we only accept bare jids from one of the server hosts | 397 if from_resource == nil and hosts[from_host] then -- we only accept bare jids from one of the server hosts |
362 clean_xmlns(message_elt); -- needed do to proper routing | 398 clean_xmlns(message_elt); -- needed do to proper routing |
363 -- at this point everything should be alright, we can send the message | 399 -- at this point everything should be alright, we can send the message |
364 prosody.core_route_stanza(nil, message_elt) | 400 prosody.core_route_stanza(nil, message_elt) |
365 else -- trying to send a message from a forbidden entity | 401 else -- trying to send a message from a forbidden entity |
366 module:log("warn", "Entity "..tostring(session.full_jid).." try to send a message from "..tostring(message_elt.attr.from)) | 402 module:log("warn", "Entity "..tostring(session.full_jid).." try to send a message from "..tostring(message_elt.attr.from)) |
367 session.send(st.error_reply(stanza, 'auth', 'forbidden')) | 403 session.send(st.error_reply(stanza, 'auth', 'forbidden')) |
368 end | 404 end |
369 else -- incorrect message child | 405 else -- incorrect message child |
370 session.send(st.error_reply(stanza, "modify", "bad-request", "invalid forwarded <message/> element")); | 406 session.send(st.error_reply(stanza, "modify", "bad-request", "invalid forwarded <message/> element")) |
371 end | 407 end |
372 else -- incorrect forwarded child | 408 else -- incorrect forwarded child |
373 session.send(st.error_reply(stanza, "modify", "bad-request", "invalid <forwarded/> element")); | 409 session.send(st.error_reply(stanza, "modify", "bad-request", "invalid <forwarded/> element")) |
374 end; | 410 end |
375 else -- The permission is not granted | 411 else -- The permission is not granted |
376 module:log("warn", "Entity "..tostring(session.full_jid).." try to send message without permission") | 412 module:log("warn", "Entity "..tostring(session.full_jid).." try to send message without permission") |
377 session.send(st.error_reply(stanza, 'auth', 'forbidden')) | 413 session.send(st.error_reply(stanza, 'auth', 'forbidden')) |
378 end | 414 end |
379 | 415 |
380 return true | 416 return true |
381 end); | 417 end) |
382 | 418 |
383 | 419 |
384 --> presence permission <-- | 420 --> presence permission <-- |
385 | 421 |
386 local function same_tags(tag1, tag2) | 422 local function same_tags(tag1, tag2) |
387 -- check if two tags are equivalent | 423 -- check if two tags are equivalent |
388 | 424 |
389 if tag1.name ~= tag2.name then return false; end | 425 if tag1.name ~= tag2.name then return false; end |
390 | 426 |
391 if #tag1 ~= #tag2 then return false; end | 427 if #tag1 ~= #tag2 then return false; end |
392 | 428 |
393 for name, value in pairs(tag1.attr) do | 429 for name, value in pairs(tag1.attr) do |
394 if tag2.attr[name] ~= value then return false; end | 430 if tag2.attr[name] ~= value then return false; end |
395 end | 431 end |
396 | 432 |
397 for i=1,#tag1 do | 433 for i=1,#tag1 do |
398 if type(tag1[i]) == "string" then | 434 if type(tag1[i]) == "string" then |
399 if tag1[i] ~= tag2[i] then return false; end | 435 if tag1[i] ~= tag2[i] then return false; end |
400 else | 436 else |
401 if not same_tags(tag1[i], tag2[i]) then return false; end | 437 if not same_tags(tag1[i], tag2[i]) then return false; end |
402 end | 438 end |
403 end | 439 end |
404 | 440 |
405 return true | 441 return true |
406 end | 442 end |
407 | 443 |
408 local function same_presences(presence1, presence2) | 444 local function same_presences(presence1, presence2) |
409 -- check that 2 <presence/> stanzas are equivalent (except for "to" attribute) | 445 -- check that 2 <presence/> stanzas are equivalent (except for "to" attribute) |
410 -- /!\ if the id change but everything else is equivalent, this method return false | 446 -- /!\ if the id change but everything else is equivalent, this method return false |
411 -- this behaviour may change in the future | 447 -- this behaviour may change in the future |
412 if presence1.attr.from ~= presence2.attr.from or presence1.attr.id ~= presence2.attr.id | 448 if presence1.attr.from ~= presence2.attr.from or presence1.attr.id ~= presence2.attr.id |
413 or presence1.attr.type ~= presence2.attr.type then | 449 or presence1.attr.type ~= presence2.attr.type then |
414 return false | 450 return false |
415 end | 451 end |
416 | 452 |
417 if presence1.attr.id and presence1.attr.id == presence2.attr.id then return true; end | 453 if presence1.attr.id and presence1.attr.id == presence2.attr.id then return true; end |
418 | 454 |
419 if #presence1 ~= #presence2 then return false; end | 455 if #presence1 ~= #presence2 then return false; end |
420 | 456 |
421 for i=1,#presence1 do | 457 for i=1,#presence1 do |
422 if type(presence1[i]) == "string" then | 458 if type(presence1[i]) == "string" then |
423 if presence1[i] ~= presence2[i] then return false; end | 459 if presence1[i] ~= presence2[i] then return false; end |
424 else | 460 else |
425 if not same_tags(presence1[i], presence2[i]) then return false; end | 461 if not same_tags(presence1[i], presence2[i]) then return false; end |
426 end | 462 end |
427 end | 463 end |
428 | 464 |
429 return true | 465 return true |
430 end | 466 end |
431 | 467 |
432 local function forward_presence(presence, to_jid) | 468 local function forward_presence(presence, to_jid) |
433 local presence_fwd = st.clone(presence) | 469 local presence_fwd = st.clone(presence) |
434 presence_fwd.attr.to = to_jid | 470 presence_fwd.attr.to = to_jid |
435 module:log("debug", "presence forwarded to "..to_jid..": "..tostring(presence_fwd)) | 471 module:log("debug", "presence forwarded to "..to_jid..": "..tostring(presence_fwd)) |
436 module:send(presence_fwd) | 472 module:send(presence_fwd) |
437 -- cache used to avoid to send several times the same stanza | 473 -- cache used to avoid to send several times the same stanza |
438 priv_session.last_presence = presence | 474 priv_session.last_presence = presence |
439 end | 475 end |
440 | 476 |
441 module:hook("presence/bare", function(event) | 477 module:hook("presence/bare", function(event) |
442 if presence_man_ent:empty() and presence_roster:empty() then return; end | 478 if presence_man_ent:empty() and presence_roster:empty() then return; end |
443 | 479 |
444 local stanza = event.stanza | 480 local stanza = event.stanza |
445 if stanza.attr.type == nil or stanza.attr.type == "unavailable" then | 481 if stanza.attr.type == nil or stanza.attr.type == "unavailable" then |
446 if not stanza.attr.to then | 482 if not stanza.attr.to then |
447 for entity in presence_man_ent:items() do | 483 for entity in presence_man_ent:items() do |
448 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end | 484 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end |
449 end | 485 end |
450 else -- directed presence | 486 else -- directed presence |
451 -- we ignore directed presences from our own host, as we already have them | 487 -- we ignore directed presences from our own host, as we already have them |
452 local _, from_host = jid.split(stanza.attr.from) | 488 local _, from_host = jid.split(stanza.attr.from) |
453 if hosts[from_host] then return; end | 489 if hosts[from_host] then return; end |
454 | 490 |
455 -- we don't send several time the same presence, as recommended in §7 #2 | 491 -- we don't send several time the same presence, as recommended in §7 #2 |
456 if priv_session.last_presence and same_presences(priv_session.last_presence, stanza) then | 492 if priv_session.last_presence and same_presences(priv_session.last_presence, stanza) then |
457 return | 493 return |
458 end | 494 end |
459 | 495 |
460 for entity in presence_roster:items() do | 496 for entity in presence_roster:items() do |
461 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end | 497 if stanza.attr.from ~= entity then forward_presence(stanza, entity); end |
462 end | 498 end |
463 end | 499 end |
464 end | 500 end |
465 end, 150) | 501 end, 150) |
502 | |
503 --> IQ permission <-- | |
504 | |
505 module:hook("iq/bare/".._PRIV_ENT_NS..":privileged_iq", function(event) | |
506 local session, stanza = event.origin, event.stanza | |
507 if not stanza.attr.to then | |
508 -- we don't want stanzas addressed to /self | |
509 return | |
510 end | |
511 local from_node, from_host, from_resource = jid.split(stanza.attr.to) | |
512 | |
513 if from_resource ~= nil or not usermanager_user_exists(from_node, from_host) then | |
514 session.send( | |
515 st.error_reply( | |
516 stanza, | |
517 "auth", | |
518 "forbidden", | |
519 "wrapping <IQ> stanza recipient must be a bare JID of a local user" | |
520 ) | |
521 ) | |
522 return true | |
523 end | |
524 | |
525 local session_privileges = get_session_privileges(session, from_host) | |
526 | |
527 if session_privileges == nil then | |
528 session.send( | |
529 st.error_reply( | |
530 stanza, | |
531 "auth", | |
532 "forbidden", | |
533 "no privilege granted" | |
534 ) | |
535 ) | |
536 return true | |
537 end | |
538 | |
539 local iq_privileges = session_privileges["iq"] | |
540 if iq_privileges == nil then | |
541 session.send( | |
542 session.send(st.error_reply(stanza, "auth", "forbidden", "you are not allowed to send privileged <IQ> stanzas")) | |
543 ) | |
544 return true | |
545 end | |
546 | |
547 local privileged_iq = stanza:get_child("privileged_iq", _PRIV_ENT_NS) | |
548 | |
549 local wrapped_iq = privileged_iq.tags[1] | |
550 if wrapped_iq == nil then | |
551 session.send( | |
552 st.error_reply(stanza, "auth", "forbidden", "missing <IQ> stanza to send") | |
553 ) | |
554 return true | |
555 end | |
556 | |
557 if wrapped_iq.attr.xmlns ~= "jabber:client" then | |
558 session.send( | |
559 st.error_reply( | |
560 stanza, | |
561 "auth", | |
562 "forbidden", | |
563 'wrapped <IQ> must have a xmlns of "jabber:client"' | |
564 ) | |
565 ) | |
566 return true | |
567 end | |
568 | |
569 clean_xmlns(wrapped_iq) | |
570 | |
571 if #wrapped_iq.tags ~= 1 then | |
572 session.send( | |
573 st.error_reply( | |
574 stanza, | |
575 "auth", | |
576 "forbidden", | |
577 'invalid payload in wrapped <IQ>' | |
578 ) | |
579 ) | |
580 return true | |
581 end | |
582 | |
583 local payload = wrapped_iq.tags[1] | |
584 | |
585 local priv_ns = payload.attr.xmlns | |
586 if priv_ns == nil then | |
587 session.send( | |
588 st.error_reply(stanza, "auth", "forbidden", "xmlns not set in privileged <IQ>") | |
589 ) | |
590 return true | |
591 end | |
592 | |
593 local ns_perms = iq_privileges[priv_ns] | |
594 local iq_type = stanza.attr.type | |
595 if ns_perms == nil or iq_type == nil or not ns_perms[iq_type] then | |
596 session.send( | |
597 session.send(st.error_reply( | |
598 stanza, | |
599 "auth", | |
600 "forbidden", | |
601 "you are not allowed to send privileged <IQ> stanzas of this type and namespace") | |
602 ) | |
603 ) | |
604 return true | |
605 end | |
606 | |
607 if wrapped_iq.attr.from ~= nil and wrapped_iq.attr.from ~= stanza.attr.to then | |
608 session.send( | |
609 st.error_reply( | |
610 stanza, | |
611 "auth", | |
612 "forbidden", | |
613 'wrapped <IQ> "from" attribute is inconsistent with main <IQ> "to" attribute' | |
614 ) | |
615 ) | |
616 return true | |
617 end | |
618 | |
619 wrapped_iq.attr.from = stanza.attr.to | |
620 | |
621 if wrapped_iq.attr.to == nil then | |
622 session.send( | |
623 st.error_reply( | |
624 stanza, | |
625 "auth", | |
626 "forbidden", | |
627 'wrapped <IQ> "to" attribute is missing' | |
628 ) | |
629 ) | |
630 return true | |
631 end | |
632 | |
633 if wrapped_iq.attr.type ~= iq_type then | |
634 session.send( | |
635 st.error_reply( | |
636 stanza, | |
637 "auth", | |
638 "forbidden", | |
639 'invalid wrapped <IQ>: type mismatch' | |
640 ) | |
641 ) | |
642 return true | |
643 end | |
644 | |
645 if wrapped_iq.attr.id == nil then | |
646 session.send( | |
647 st.error_reply( | |
648 stanza, | |
649 "auth", | |
650 "forbidden", | |
651 'invalid wrapped <IQ>: missing "id" attribute' | |
652 ) | |
653 ) | |
654 return true | |
655 end | |
656 | |
657 -- at this point, wrapped_iq is considered valid, and privileged entity is allowed to send it | |
658 | |
659 module:send_iq(wrapped_iq) | |
660 :next(function (response) | |
661 local reply = st.reply(stanza); | |
662 response.stanza.attr.xmlns = 'jabber:client' | |
663 reply:tag("privilege", {xmlns = _PRIV_ENT_NS}) | |
664 :tag("forwarded", {xmlns = _FORWARDED_NS}) | |
665 :add_child(response.stanza) | |
666 session.send(reply) | |
667 end, | |
668 function(response) | |
669 module:log("error", "Error while sending privileged <IQ>: %s", response); | |
670 session.send( | |
671 st.error_reply( | |
672 stanza, | |
673 "cancel", | |
674 "internal-server-error" | |
675 ) | |
676 ) | |
677 end) | |
678 | |
679 return true | |
680 end) |