Mercurial > prosody-modules

view mod_readonly/mod_readonly.lua @ 5367:93d445b26063

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Validate redirect URI depending on application type Per https://openid.net/specs/openid-connect-registration-1_0.html require that web applications use https:// and native applications must use either http://localhost or a custom (non-https) URI. Previous requirement that hostname matches that of client_uri is kept for web applications.
author Kim Alvefur <zash@zash.se>
date Tue, 25 Apr 2023 19:49:41 +0200
parents 7776c9dc5f37
children
line wrap: on
line source

local st = require "util.stanza";

local stores = module:get_option("readonly_stores", {
	vcard = { "vcard-temp", "vCard" };
});

local namespaces = {};
for name, namespace in pairs(stores) do
	namespaces[table.concat(namespace, ":")] = name;
end

local function prevent_write(event)
	local stanza = event.stanza;
	local xmlns_and_tag = stanza.tags[1].attr.xmlns..":"..stanza.tags[1].name;
	local store_name = namespaces[xmlns_and_tag];
	if store_name then
		module:log("warn", "Preventing modification of %s store by %s", store_name, stanza.attr.from);
		event.origin.send(st.error_reply(stanza, "cancel", "not-allowed", store_name.." data is read-only"));
		return true; -- Block stanza
	end
end

for namespace in pairs(namespaces) do
	module:hook("iq-set/bare/"..namespace, prevent_write, 200);
end