# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1680793796 -3600
# Node ID d4a0d2b5343a34d3bb3f6485db6889878bd7fe39
# Parent  5806e05346b82ff5309ddd91fe18d123772cfaa0
mod_client_management: Add support for revoking client access via XMPP

diff -r 5806e05346b8 -r d4a0d2b5343a mod_client_management/mod_client_management.lua
--- a/mod_client_management/mod_client_management.lua	Thu Apr 06 15:24:49 2023 +0100
+++ b/mod_client_management/mod_client_management.lua	Thu Apr 06 16:09:56 2023 +0100
@@ -369,6 +369,33 @@
 	return true;
 end);
 
+local revocation_errors = require "util.errors".init(module.name, xmlns_manage_clients, {
+	["item-not-found"] = { "cancel", "item-not-found", "Client not found" };
+	["internal-server-error"] = { "wait", "internal-server-error", "Unable to revoke client access" };
+	["password-reset-required"] = { "cancel", "service-unavailable", "Password reset required", "password-reset-required" };
+});
+
+module:hook("iq-set/self/xmpp:prosody.im/protocol/manage-clients:revoke", function (event)
+	local origin, stanza = event.origin, event.stanza;
+
+	if not module:may(":manage-clients", event) then
+		origin.send(st.error_reply(stanza, "auth", "forbidden"));
+		return true;
+	end
+
+	local client_id = stanza.tags[1].attr.id;
+
+	local ok, err = revocation_errors.coerce(revoke_client_access(origin.username, client_id));
+	if not ok then
+		origin.send(st.error_reply(stanza, err));
+		return true;
+	end
+
+	origin.send(st.reply(stanza));
+	return true;
+end);
+
+
 -- Command
 
 module:once(function ()