Mercurial > prosody-modules
comparison mod_http_admin_api/mod_http_admin_api.lua @ 4516:5bc706c2db8f
mod_http_admin_api: allow updating the user nickname via API
| author | Jonas Schäfer <jonas@wielicki.name> |
|---|---|
| date | Mon, 22 Mar 2021 17:52:28 +0100 |
| parents | de55e1475808 |
| children | d6a3201a65c0 |
comparison
equal
deleted
inserted
replaced
| 4515:2e33eeafe962 | 4516:5bc706c2db8f |
|---|---|
| 1 local usermanager = require "core.usermanager"; | 1 local usermanager = require "core.usermanager"; |
| 2 | 2 |
| 3 local json = require "util.json"; | 3 local json = require "util.json"; |
| 4 local st = require "util.stanza"; | |
| 4 | 5 |
| 5 module:depends("http"); | 6 module:depends("http"); |
| 6 | 7 |
| 7 local invites = module:depends("invites"); | 8 local invites = module:depends("invites"); |
| 8 local tokens = module:depends("tokenauth"); | 9 local tokens = module:depends("tokenauth"); |
| 14 local site_name = module:get_option_string("site_name", module.host); | 15 local site_name = module:get_option_string("site_name", module.host); |
| 15 | 16 |
| 16 local json_content_type = "application/json"; | 17 local json_content_type = "application/json"; |
| 17 | 18 |
| 18 local www_authenticate_header = ("Bearer realm=%q"):format(module.host.."/"..module.name); | 19 local www_authenticate_header = ("Bearer realm=%q"):format(module.host.."/"..module.name); |
| 20 | |
| 21 local xmlns_pubsub = "http://jabber.org/protocol/pubsub"; | |
| 22 local xmlns_nick = "http://jabber.org/protocol/nick"; | |
| 19 | 23 |
| 20 local function check_credentials(request) | 24 local function check_credentials(request) |
| 21 local auth_type, auth_data = string.match(request.headers.authorization or "", "^(%S+)%s(.+)$"); | 25 local auth_type, auth_data = string.match(request.headers.authorization or "", "^(%S+)%s(.+)$"); |
| 22 if not (auth_type and auth_data) then | 26 if not (auth_type and auth_data) then |
| 23 return false; | 27 return false; |
| 162 return nil; | 166 return nil; |
| 163 end | 167 end |
| 164 local display_name; | 168 local display_name; |
| 165 do | 169 do |
| 166 local pep_service = mod_pep.get_pep_service(username); | 170 local pep_service = mod_pep.get_pep_service(username); |
| 167 local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true); | 171 local ok, _, nick_item = pep_service:get_last_item(xmlns_nick, true); |
| 168 if ok and nick_item then | 172 if ok and nick_item then |
| 169 display_name = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick"); | 173 display_name = nick_item:get_child_text("nick", xmlns_nick); |
| 170 end | 174 end |
| 171 end | 175 end |
| 172 | 176 |
| 173 return { | 177 return { |
| 174 username = username; | 178 username = username; |
| 355 | 359 |
| 356 event.response.headers["Content-Type"] = json_content_type; | 360 event.response.headers["Content-Type"] = json_content_type; |
| 357 return json.encode(user_info); | 361 return json.encode(user_info); |
| 358 end | 362 end |
| 359 | 363 |
| 364 function update_user(event, username) | |
| 365 local current_user = get_user_info(username); | |
| 366 | |
| 367 local request = event.request; | |
| 368 if request.headers.content_type ~= json_content_type | |
| 369 or (not request.body or #request.body == 0) then | |
| 370 return 400; | |
| 371 end | |
| 372 local new_user = json.decode(event.request.body); | |
| 373 if not new_user then | |
| 374 return 400; | |
| 375 end | |
| 376 | |
| 377 if new_user.username and new_user.username ~= username then | |
| 378 return 400; | |
| 379 end | |
| 380 | |
| 381 local final_user = {}; | |
| 382 | |
| 383 if new_user.display_name then | |
| 384 local pep_service = mod_pep.get_pep_service(username); | |
| 385 -- TODO: publish | |
| 386 local nick_item = st.stanza("item", { xmlns = xmlns_pubsub, id = "current" }) | |
| 387 :text_tag("nick", new_user.display_name, { xmlns = xmlns_nick }); | |
| 388 if pep_service:publish(xmlns_nick, true, "current", nick_item, { | |
| 389 access_model = "open"; | |
| 390 _defaults_only = true; | |
| 391 }) then | |
| 392 final_user.display_name = new_user.display_name; | |
| 393 end | |
| 394 end | |
| 395 return 200; | |
| 396 end | |
| 397 | |
| 360 function delete_user(event, username) --luacheck: ignore 212/event | 398 function delete_user(event, username) --luacheck: ignore 212/event |
| 361 if not usermanager.delete_user(username, module.host) then | 399 if not usermanager.delete_user(username, module.host) then |
| 362 return 404; | 400 return 404; |
| 363 end | 401 end |
| 364 return 200; | 402 return 200; |
| 517 ["POST /invites/*"] = create_invite_type; | 555 ["POST /invites/*"] = create_invite_type; |
| 518 ["DELETE /invites/*"] = delete_invite; | 556 ["DELETE /invites/*"] = delete_invite; |
| 519 | 557 |
| 520 ["GET /users"] = list_users; | 558 ["GET /users"] = list_users; |
| 521 ["GET /users/*"] = get_user_by_name; | 559 ["GET /users/*"] = get_user_by_name; |
| 560 ["PUT /users/*"] = update_user; | |
| 522 ["DELETE /users/*"] = delete_user; | 561 ["DELETE /users/*"] = delete_user; |
| 523 | 562 |
| 524 ["GET /groups"] = list_groups; | 563 ["GET /groups"] = list_groups; |
| 525 ["GET /groups/*"] = get_group_by_id; | 564 ["GET /groups/*"] = get_group_by_id; |
| 526 ["POST /groups"] = create_group; | 565 ["POST /groups"] = create_group; |