Mercurial > prosody-modules
changeset 43:adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
| author | Florian Zeitz <florob@babelmonkeys.de> |
|---|---|
| date | Fri, 16 Oct 2009 01:36:04 +0200 |
| parents | bbb3d3a90a70 |
| children | 00f96207693a |
| files | mod_adhoc/adhoc/adhoc.lib.lua mod_adhoc/adhoc/mod_adhoc.lua mod_adhoc_cmd_admin/mod_adhoc_cmd_admin.lua |
| diffstat | 3 files changed, 11 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_adhoc/adhoc/adhoc.lib.lua Thu Oct 15 11:38:57 2009 +0200 +++ b/mod_adhoc/adhoc/adhoc.lib.lua Fri Oct 16 01:36:04 2009 +0200 @@ -12,8 +12,8 @@ return cmd; end -function _M.new(name, node, handler) - return { name = name, node = node, handler = handler, cmdtag = _cmdtag }; +function _M.new(name, node, handler, permission) + return { name = name, node = node, handler = handler, cmdtag = _cmdtag, permission = (permission or "user") }; end return _M;
--- a/mod_adhoc/adhoc/mod_adhoc.lua Thu Oct 15 11:38:57 2009 +0200 +++ b/mod_adhoc/adhoc/mod_adhoc.lua Fri Oct 16 01:36:04 2009 +0200 @@ -5,19 +5,23 @@ -- local st = require "util.stanza"; +local is_admin = require "core.usermanager".is_admin; local commands = {}; module:add_feature("http://jabber.org/protocol/commands"); module:hook("iq/host/http://jabber.org/protocol/disco#items:query", function (event) local origin, stanza = event.origin, event.stanza; + local privileged = is_admin(event.stanza.attr.from); if stanza.attr.type == "get" and stanza.tags[1].attr.node and stanza.tags[1].attr.node == "http://jabber.org/protocol/commands" then reply = st.reply(stanza); reply:tag("query", {xmlns="http://jabber.org/protocol/disco#items", node="http://jabber.org/protocol/commands"}) for i = 1, #commands do -- module:log("info", "adding command %s", commands[i].name); - reply:tag("item", {name=commands[i].name, node=commands[i].node, jid=module:get_host()}); - reply:up(); + if (commands[i].permission == "admin" and privileged) or (commands[i].permission == "user") then + reply:tag("item", {name=commands[i].name, node=commands[i].node, jid=module:get_host()}); + reply:up(); + end end origin.send(reply); return true;
--- a/mod_adhoc_cmd_admin/mod_adhoc_cmd_admin.lua Thu Oct 15 11:38:57 2009 +0200 +++ b/mod_adhoc_cmd_admin/mod_adhoc_cmd_admin.lua Fri Oct 16 01:36:04 2009 +0200 @@ -20,7 +20,7 @@ local sessions = {}; local add_user_layout = dataforms_new{ - title= "Adding a User"; + title = "Adding a User"; instructions = "Fill out this form to add a user."; { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" }; @@ -106,8 +106,8 @@ return true; end -local add_user_desc = adhoc_new("Add User", "http://jabber.org/protocol/admin#add-user", add_user_command_handler); -local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users", get_online_users_command_handler); +local add_user_desc = adhoc_new("Add User", "http://jabber.org/protocol/admin#add-user", add_user_command_handler, "admin"); +local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users", get_online_users_command_handler, "admin"); function module.unload() module:remove_item("adhoc", add_user_desc);