diff mod_privilege/mod_privilege.lua @ 1708:ad7afcf86131

mod_privilege: fixed bad handling of presence permissions / component authentication between different hosts
author Goffi <goffi@goffi.org>
date Fri, 17 Apr 2015 21:00:34 +0200
parents 64b3d1eb0cfe
children 0d78bb31348e
line wrap: on
line diff
--- a/mod_privilege/mod_privilege.lua	Fri Apr 10 15:55:44 2015 +0200
+++ b/mod_privilege/mod_privilege.lua	Fri Apr 17 21:00:34 2015 +0200
@@ -18,15 +18,18 @@
 
 local priv_session = module:shared("/*/privilege/session")
 
--- the folowing sets are used to forward presence stanza
-if not priv_session.presence_man_ent  then
-	priv_session.presence_man_ent = set.new()
+if priv_session.connected_cb == nil then
+	-- set used to have connected event listeners
+	-- which allows a host to react on events from
+	-- other hosts
+	priv_session.connected_cb = set.new()
 end
-local presence_man_ent = priv_session.presence_man_ent
-if not priv_session.presence_roster then
-	priv_session.presence_roster = set.new()
-end
-local presence_roster = priv_session.presence_roster
+local connected_cb = priv_session.connected_cb
+
+-- the folowing sets are used to forward presence stanza
+-- the folowing sets are used to forward presence stanza
+local presence_man_ent = set.new()
+local presence_roster = set.new()
 
 local _ALLOWED_ROSTER = set.new({'none', 'get', 'set', 'both'})
 local _ROSTER_GET_PERM = set.new({'get', 'both'})
@@ -49,7 +52,7 @@
 local function advertise_perm(session, to_jid, perms)
 	-- send <message/> stanza to advertise permissions
 	-- as expained in ยง 4.2
-	local message = st.message({to=to_jid})
+	local message = st.message({from=module.host, to=to_jid})
 					  :tag("privilege", {xmlns=_PRIV_ENT_NS})
 
 	for _, perm in pairs({'roster', 'message', 'presence'}) do
@@ -61,7 +64,7 @@
 end
 
 local function set_presence_perm_set(to_jid, perms)
-	-- fill the global presence sets according to perms
+	-- fill the presence sets according to perms
 	if _PRESENCE_MANAGED:contains(perms.presence) then
 		presence_man_ent:add(to_jid)
 	end
@@ -164,8 +167,18 @@
 	end
 end
 
+local function on_component_auth(event)
+	-- react to component-authenticated event from this host
+	-- and call the on_auth methods from all other hosts
+	-- needed for the component to get delegations advertising
+	for callback in connected_cb:items() do
+		callback(event)
+	end
+end
+
+connected_cb:add(on_auth)
 module:hook('authentication-success', on_auth)
-module:hook('component-authenticated', on_auth)
+module:hook('component-authenticated', on_component_auth)
 module:hook('presence/initial', on_presence)