Mercurial > prosody-modules

view mod_readonly/mod_readonly.lua @ 5512:1fbc8718bed6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Bind refresh tokens to client Prevent one OAuth client from using the refresh tokens issued to another client as required by RFC 6819 section 5.2.2.2 See also draft-ietf-oauth-security-topics-22 section 2.2.2 Thanks to OAuch for pointing out this issue
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 10:40:48 +0200
parents 7776c9dc5f37
children
line wrap: on
line source

local st = require "util.stanza";

local stores = module:get_option("readonly_stores", {
	vcard = { "vcard-temp", "vCard" };
});

local namespaces = {};
for name, namespace in pairs(stores) do
	namespaces[table.concat(namespace, ":")] = name;
end

local function prevent_write(event)
	local stanza = event.stanza;
	local xmlns_and_tag = stanza.tags[1].attr.xmlns..":"..stanza.tags[1].name;
	local store_name = namespaces[xmlns_and_tag];
	if store_name then
		module:log("warn", "Preventing modification of %s store by %s", store_name, stanza.attr.from);
		event.origin.send(st.error_reply(stanza, "cancel", "not-allowed", store_name.." data is read-only"));
		return true; -- Block stanza
	end
end

for namespace in pairs(namespaces) do
	module:hook("iq-set/bare/"..namespace, prevent_write, 200);
end