Mercurial > prosody-modules
changeset 5099:f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Tue, 29 Nov 2022 11:43:59 +0000 |
parents | 817bc9873fc2 |
children | e55d1f7a570a |
files | mod_compat_roles/mod_compat_roles.lua |
diffstat | 1 files changed, 8 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_compat_roles/mod_compat_roles.lua Tue Nov 29 11:38:28 2022 +0000 +++ b/mod_compat_roles/mod_compat_roles.lua Tue Nov 29 11:43:59 2022 +0000 @@ -31,6 +31,12 @@ -- permissions[host][role_name][permission_name] = is_permitted local permissions = {}; +local role_inheritance = { + ["prosody:operator"] = "prosody:admin"; + ["prosody:admin"] = "prosody:user"; + ["prosody:user"] = "prosody:restricted"; +}; + local function role_may(host, role_name, permission) local host_roles = permissions[host]; if not host_roles then @@ -40,7 +46,8 @@ if not role_permissions then return false; end - return not not permissions[role_name][permission]; + local next_role = role_inheritance[role_name]; + return not not permissions[role_name][permission] or (next_role and role_may(host, next_role, permission)); end function moduleapi.may(self, action, context)