Mercurial > prosody-modules

view mod_seclabels/README.markdown @ 5511:0860497152af

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Record hash of client_id to allow future verification RFC 6819 section 5.2.2.2 states that refresh tokens MUST be bound to the client. In order to do that, we must record something that can definitely tie the client to the grant. Since the full client_id is so large (why we have this client_subset function), a hash is stored instead.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:14:16 +0200
parents a1d641e88918
children
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Security Labels
...

Introduction
============

This module implements [XEP-0258: Security Labels in XMPP], but not
actual policy enforcement. See for example [mod_firewall] for that.

Configuration
=============

As with all modules, you enable it by adding it to the modules\_enabled
list.

These options exist:

  Name                      Description             Default
  ------------------------- ----------------------- -------------
  security\_catalog\_name   Catalouge name          "Default"
  security\_catalog\_desc   Catalouge description   "My labels"

You can then add your labels in a table called security\_labels. They
can be both orderd and unorderd, but ordered comes first.

``` {.lua}
security_labels = {
  { -- This label will come first
    name = "Public",
    label = true, -- This is a label, but without the actual label.
      default = true -- This is the default label.
  },
  {
    name = "Private",
    label = "PRIVATE",
    color = "white",
    bgcolor = "blue"
  },
  Sensitive = { -- A Sub-selector
    SECRET = { -- The index is used as name
      label = true
    },
    TOPSECRET = { -- The order of this and the above is not guaranteed.
      color = "red",
      bgcolor = "black",
    }
  }
}
```

Each label can have the following properties:

  Name             Description                                               Default
  ---------------- --------------------------------------------------------- ----------------------------------------------------------
  name             The name of the label. Used for selector.                 Required.
  label            The actual label, ie `<esssecuritylabel/>`                Required, can be boolean for a empty label, or a string.
  display          The text shown as display marking.                        Defaults to the name
  color, bgcolor   The fore- and background color of the display marking     None
  default          Boolean, true for the default. Only one may be default.   false