Mercurial > prosody-modules
changeset 5594:e9af6abf2b1e
mod_client_management: Add shell command to revoke client access
Could be used if an operator detects a compromised client.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 14 Jul 2023 13:25:30 +0200 |
| parents | 6d0574bfbf5d |
| children | eae5599bc0b4 |
| files | mod_client_management/README.md mod_client_management/mod_client_management.lua |
| diffstat | 2 files changed, 20 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_client_management/README.md Thu Jul 13 23:26:02 2023 +0200 +++ b/mod_client_management/README.md Fri Jul 14 13:25:30 2023 +0200 @@ -35,6 +35,12 @@ prosodyctl shell user clients user@example.com ``` +To revoke access from particular client: + +```shell +prosodyctl shell user revoke_client user@example.com grant/xxxxx +``` + ## Compatibility Requires Prosody trunk (as of 2023-03-29). Not compatible with Prosody 0.12
--- a/mod_client_management/mod_client_management.lua Thu Jul 13 23:26:02 2023 +0200 +++ b/mod_client_management/mod_client_management.lua Fri Jul 14 13:25:30 2023 +0200 @@ -465,4 +465,18 @@ print(string.rep("-", self.session.width)); return true, ("%d clients"):format(#clients); end + + function console_env.user:revoke_client(user_jid, selector) -- luacheck: ignore 212/self + local username, host = jid.split(user_jid); + local mod = prosody.hosts[host] and prosody.hosts[host].modules.client_management; + if not mod then + return false, ("Host does not exist on this server, or does not have mod_client_management loaded"); + end + + local revoked, err = revocation_errors.coerce(mod.revoke_client_access(username, selector)); + if not revoked then + return false, err.text or err; + end + return true, "Client access revoked"; + end end);