Mercurial > prosody-modules
comparison mod_privacy/mod_privacy.lua @ 27:d91cb13ef0ee
mod_privacy: make the block function work; retrieve the roster groups correctly
author | Thilo Cestonaro <thilo@cestona.ro> |
---|---|
date | Fri, 09 Oct 2009 23:23:12 +0200 |
parents | 2675dc25445b |
children | b84b2b026eb4 |
comparison
equal
deleted
inserted
replaced
26:1fb5b8c20004 | 27:d91cb13ef0ee |
---|---|
18 local to_number = _G.tonumber; | 18 local to_number = _G.tonumber; |
19 | 19 |
20 function findNamedList (privacy_lists, name) | 20 function findNamedList (privacy_lists, name) |
21 local ret = nil | 21 local ret = nil |
22 if privacy_lists.lists == nil then | 22 if privacy_lists.lists == nil then |
23 module:log("debug", "no lists loaded.") | 23 module:log("debug", "privacy_lists.list is nil. no lists loaded.") |
24 return nil; | 24 return nil; |
25 end | 25 end |
26 | 26 |
27 module:log("debug", "searching for list: %s", name); | 27 module:log("debug", "searching for list: %s", name); |
28 for i=1, #privacy_lists.lists do | 28 for i=1, #privacy_lists.lists do |
115 | 115 |
116 if idx ~= nil then | 116 if idx ~= nil then |
117 if isListUsed(origin, name, privacy_lists) then | 117 if isListUsed(origin, name, privacy_lists) then |
118 return {"cancel", "conflict", "Another session is online and using the list which should be deleted."}; | 118 return {"cancel", "conflict", "Another session is online and using the list which should be deleted."}; |
119 end | 119 end |
120 if privacy_lists.default == name then | |
121 privacy_lists.default = ""; | |
122 end | |
123 if origin.activePrivacyList == name then | |
124 origin.activePrivacyList = ""; | |
125 end | |
120 table.remove(privacy_lists.lists, idx); | 126 table.remove(privacy_lists.lists, idx); |
121 origin.send(st.reply(stanza)); | 127 origin.send(st.reply(stanza)); |
122 return true; | 128 return true; |
123 end | 129 end |
124 return {"modify", "bad-request", "Not existing list specifed to be deleted."}; | 130 return {"modify", "bad-request", "Not existing list specifed to be deleted."}; |
177 end | 183 end |
178 | 184 |
179 if tmp.type == "group" then | 185 if tmp.type == "group" then |
180 local found = false; | 186 local found = false; |
181 local roster = load_roster(origin.username, origin.host); | 187 local roster = load_roster(origin.username, origin.host); |
182 local groups = roster.groups; | 188 for jid,item in pairs(roster) do |
183 if groups == nil then | 189 if item.groups ~= nil then |
184 return {"cancel", "item-not-found", "Specifed roster group not existing."}; | 190 for group in pairs(item.groups) do |
185 end | 191 if group == tmp.value then |
186 for _,group in ipairs(groups) do | 192 found = true; |
187 if group == tmp.value then | 193 break; |
188 found = true; | 194 end |
195 end | |
196 if found == true then | |
197 break; | |
198 end | |
189 end | 199 end |
190 end | 200 end |
191 if found == false then | 201 if found == false then |
192 return {"cancel", "item-not-found", "Specifed roster group not existing."}; | 202 return {"cancel", "item-not-found", "Specifed roster group not existing."}; |
193 end | 203 end |
319 end | 329 end |
320 return false; | 330 return false; |
321 end, 500); | 331 end, 500); |
322 | 332 |
323 function checkIfNeedToBeBlocked(e, session) | 333 function checkIfNeedToBeBlocked(e, session) |
334 | |
324 local origin, stanza = e.origin, e.stanza; | 335 local origin, stanza = e.origin, e.stanza; |
325 local privacy_lists = datamanager.load(session.username, session.host, "privacy") or {}; | 336 local privacy_lists = datamanager.load(session.username, session.host, "privacy") or {}; |
326 local bare_jid = session.username.."@"..session.host; | 337 local bare_jid = session.username.."@"..session.host; |
327 | 338 |
339 -- module:log("debug", "Where are we from: %s", debug.traceback()) | |
328 module:log("debug", "checkIfNeedToBeBlocked: username: %s, host: %s", session.username, session.host); | 340 module:log("debug", "checkIfNeedToBeBlocked: username: %s, host: %s", session.username, session.host); |
329 module:log("debug", "stanza: %s, to: %s, form: %s", stanza.name, stanza.attr.to or "nil", stanza.attr.from or "nil"); | 341 module:log("debug", "stanza: %s, to: %s, form: %s", stanza.name, stanza.attr.to or "nil", stanza.attr.from or "nil"); |
330 | 342 |
331 if privacy_lists.lists ~= nil and stanza.attr.to ~= nil and stanza.attr.from ~= nil then | 343 if stanza.attr.to ~= nil and stanza.attr.from ~= nil then |
332 if session.activePrivacyList == nil and privacy_lists.default == nil then | 344 module:log("debug", "privacy_lists.lists: %s", tostring(privacy_lists.lists)); |
345 module:log("debug", "session.activePrivacyList: %s", tostring(session.activePrivacyList)); | |
346 module:log("debug", "privacy_lists.default: %s", tostring(privacy_lists.default)); | |
347 if privacy_lists.lists == nil or | |
348 (session.activePrivacyList == nil or session.activePrivacyList == "") and | |
349 (privacy_lists.default == nil or privacy_lists.default == "") | |
350 then | |
351 module:log("debug", "neither active nor default list set (both are nil) or privacy_lists totally nil. So nothing to do => default is Allow All."); | |
333 return; -- Nothing to block, default is Allow all | 352 return; -- Nothing to block, default is Allow all |
334 end | 353 end |
335 | 354 |
336 local idx; | 355 local idx; |
337 local list; | 356 local list; |
338 local item; | 357 local item; |
339 local listname = session.activePrivacyList; | 358 local listname = session.activePrivacyList; |
340 if listname == nil then | 359 if listname == nil or listname == "" then |
341 listname = privacy_lists.default; -- no active list selected, use default list | 360 listname = privacy_lists.default; -- no active list selected, use default list |
342 end | 361 end |
343 idx = findNamedList(privacy_lists, listname); | 362 idx = findNamedList(privacy_lists, listname); |
344 if idx == nil then | 363 if idx == nil then |
345 module:log("info", "given privacy listname not found."); | 364 module:log("error", "given privacy listname not found. name: %s", listname); |
346 return; | 365 return; |
347 end | 366 end |
348 list = privacy_lists.lists[idx]; | 367 list = privacy_lists.lists[idx]; |
349 if list == nil then | 368 if list == nil then |
350 module:log("info", "privacy list index wrong."); | 369 module:log("info", "privacy list index wrong. index: %d", idx); |
351 return; | 370 return; |
352 end | 371 end |
353 for _,item in ipairs(list.items) do | 372 for _,item in ipairs(list.items) do |
354 local apply = false; | 373 local apply = false; |
355 local block = false; | 374 local block = false; |
356 if (stanza.name == "message" and item.message) or | 375 if (stanza.name == "message" and item.message) then |
357 (stanza.name == "iq" and item.iq) or | 376 module:log("debug", "message stanza match."); |
358 (stanza.name == "presence" and jid_bare(stanza.attr.to) == bare_jid and item["presence-in"]) or | 377 apply = true; |
359 (stanza.name == "presence" and jid_bare(stanza.attr.from) == bare_jid and item["presence-out"]) or | 378 elseif (stanza.name == "iq" and item.iq) then |
360 (item.message == false and item.iq == false and item["presence-in"] == false and item["presence-in"] == false) then | 379 module:log("debug", "iq stanza match!"); |
361 module:log("debug", "stanza type matched."); | 380 apply = true; |
381 elseif (stanza.name == "presence" and jid_bare(stanza.attr.to) == bare_jid and item["presence-in"]) then | |
382 module:log("debug", "presence-in stanza match."); | |
383 apply = true; | |
384 elseif (stanza.name == "presence" and jid_bare(stanza.attr.from) == bare_jid and item["presence-out"]) then | |
385 module:log("debug", "presence-out stanza match"); | |
386 apply = true; | |
387 elseif (item.message == false and item.iq == false and item["presence-in"] == false and item["presence-in"] == false) then | |
388 module:log("debug", "all is false, so apply."); | |
362 apply = true; | 389 apply = true; |
363 end | 390 end |
364 if apply then | 391 if apply then |
365 local evilJid = {}; | 392 local evilJid = {}; |
366 apply = false; | 393 apply = false; |
367 if jid_bare(stanza.attr.to) == bare_jid then | 394 if jid_bare(stanza.attr.to) == bare_jid then |
395 module:log("debug", "evil jid is (from): %s", stanza.attr.from); | |
368 evilJid.node, evilJid.host, evilJid.resource = jid_split(stanza.attr.from); | 396 evilJid.node, evilJid.host, evilJid.resource = jid_split(stanza.attr.from); |
369 else | 397 else |
398 module:log("debug", "evil jid is (to): %s", stanza.attr.to); | |
370 evilJid.node, evilJid.host, evilJid.resource = jid_split(stanza.attr.to); | 399 evilJid.node, evilJid.host, evilJid.resource = jid_split(stanza.attr.to); |
371 end | 400 end |
401 module:log("debug", "Item Type: %s", tostring(item.type)); | |
402 module:log("debug", "Item Action: %s", item.action); | |
372 if item.type == "jid" and | 403 if item.type == "jid" and |
373 (evilJid.node and evilJid.host and evilJid.resource and item.value == evilJid.node.."@"..evilJid.host.."/"..evilJid.resource) or | 404 (evilJid.node and evilJid.host and evilJid.resource and item.value == evilJid.node.."@"..evilJid.host.."/"..evilJid.resource) or |
374 (evilJid.node and evilJid.host and item.value == evilJid.node.."@"..evilJid.host) or | 405 (evilJid.node and evilJid.host and item.value == evilJid.node.."@"..evilJid.host) or |
375 (evilJid.host and evilJid.resource and item.value == evilJid.host.."/"..evilJid.resource) or | 406 (evilJid.host and evilJid.resource and item.value == evilJid.host.."/"..evilJid.resource) or |
376 (evilJid.host and item.value == evilJid.host) then | 407 (evilJid.host and item.value == evilJid.host) then |
377 module:log("debug", "jid matched."); | 408 module:log("debug", "jid matched."); |
378 apply = true; | 409 apply = true; |
379 block = (item.action == "deny"); | 410 block = (item.action == "deny"); |
380 elseif item.type == "group" then | 411 elseif item.type == "group" then |
381 local roster = load_roster(session.username, session.host); | 412 local roster = load_roster(session.username, session.host); |
382 local groups = roster.groups; | 413 local groups = roster[evilJid.node .. "@" .. evilJid.host].groups; |
383 for _,group in ipairs(groups) do | 414 for group in pairs(groups) do |
384 if group == item.value then | 415 if group == item.value then |
385 module:log("debug", "group matched."); | 416 module:log("debug", "group matched."); |
386 apply = true; | 417 apply = true; |
387 block = (item.action == "deny"); | 418 block = (item.action == "deny"); |
388 break; | 419 break; |
389 end | 420 end |
390 end | 421 end |
391 elseif item.type == "subscription" then | 422 elseif item.type == "subscription" and evilJid.node ~= nil and evilJid.host ~= nil then -- we need a valid bare evil jid |
392 if origin.roster[jid_bare(stanza.from)].subscription == item.value then | 423 local roster = load_roster(session.username, session.host); |
424 if roster[evilJid.node .. "@" .. evilJid.host].subscription == item.value then | |
393 module:log("debug", "subscription matched."); | 425 module:log("debug", "subscription matched."); |
394 apply = true; | 426 apply = true; |
395 block = (item.action == "deny"); | 427 block = (item.action == "deny"); |
396 end | 428 end |
397 elseif item.type == nil then | 429 elseif item.type == nil then |
409 origin.send(st.error_reply(stanza, "cancel", "service-unavailable")); | 441 origin.send(st.error_reply(stanza, "cancel", "service-unavailable")); |
410 end | 442 end |
411 return true; -- stanza blocked ! | 443 return true; -- stanza blocked ! |
412 else | 444 else |
413 module:log("info", "stanza explicit allowed!") | 445 module:log("info", "stanza explicit allowed!") |
446 return; | |
414 end | 447 end |
415 end | 448 end |
416 end | 449 end |
417 end | 450 end |
418 return; | 451 return; |