view mod_http_user_count/mod_http_user_count.lua @ 5447:aa4828f040c5

mod_http_oauth2: Enforce client scope restrictions in authorization When registering a client, a scope field can be included as a promise to only ever use those. Here we enforce that promise, if given, ensuring a client can't request or be granted a scope it didn't provide in its registration. While currently there is no restrictions at registration time, this could be changed in the future in various ways.
author Kim Alvefur <zash@zash.se>
date Thu, 11 May 2023 19:33:44 +0200
parents a45f2f79e99b
children
line wrap: on
line source

local it = require "util.iterators";
local jid_split = require "util.jid".prepped_split;

module:depends("http");

local function check_muc(jid)
	local room_name, host = jid_split(jid);
	if not hosts[host] then
		return nil, "No such host: "..host;
	elseif not hosts[host].modules.muc then
		return nil, "Host '"..host.."' is not a MUC service";
	end
	return room_name, host;
end

module:provides("http", {
    route = {
        ["GET /sessions"] = function () return tostring(it.count(it.keys(prosody.full_sessions))); end;
        ["GET /users"] = function () return tostring(it.count(it.keys(prosody.bare_sessions))); end;
        ["GET /host"] = function () return tostring(it.count(it.keys(prosody.hosts[module.host].sessions))); end;
        ["GET /room/*"] = function (request, room_jid)
        	local name, host = check_muc(room_jid);
        	if not name then
        		return "0";
        	end
       		local room = prosody.hosts[host].modules.muc.rooms[name.."@"..host];
       		if not room then
       			return "0";
       		end
        	return tostring(it.count(it.keys(room._occupants)));
        end;
    };
});