Software /
code /
prosody-modules
Annotate
mod_adhoc/adhoc/mod_adhoc.lua @ 93:611d16867410
mod_adhoc: Check for global and host admins
author | Florian Zeitz <florob@babelmonkeys.de> |
---|---|
date | Sat, 14 Nov 2009 18:44:54 +0100 |
parent | 49:59f490390528 |
child | 109:9b63fd1196c0 |
rev | line source |
---|---|
6 | 1 -- Copyright (C) 2009 Thilo Cestonaro |
2 -- | |
3 -- This file is MIT/X11 licensed. Please see the | |
4 -- COPYING file in the source package for more information. | |
5 -- | |
6 | |
7 local st = require "util.stanza"; | |
43
adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
Florian Zeitz <florob@babelmonkeys.de>
parents:
36
diff
changeset
|
8 local is_admin = require "core.usermanager".is_admin; |
6 | 9 local commands = {}; |
10 | |
11 module:add_feature("http://jabber.org/protocol/commands"); | |
12 | |
13 module:hook("iq/host/http://jabber.org/protocol/disco#items:query", function (event) | |
14 local origin, stanza = event.origin, event.stanza; | |
93
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
15 local privileged = is_admin(event.stanza.attr.from) or is_admin(stanza.attr.from, stanza.attr.to); -- TODO: Is this correct, or should is_admin be changed? |
6 | 16 if stanza.attr.type == "get" and stanza.tags[1].attr.node and stanza.tags[1].attr.node == "http://jabber.org/protocol/commands" then |
17 reply = st.reply(stanza); | |
18 reply:tag("query", {xmlns="http://jabber.org/protocol/disco#items", node="http://jabber.org/protocol/commands"}) | |
19 for i = 1, #commands do | |
20 -- module:log("info", "adding command %s", commands[i].name); | |
43
adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
Florian Zeitz <florob@babelmonkeys.de>
parents:
36
diff
changeset
|
21 if (commands[i].permission == "admin" and privileged) or (commands[i].permission == "user") then |
adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
Florian Zeitz <florob@babelmonkeys.de>
parents:
36
diff
changeset
|
22 reply:tag("item", {name=commands[i].name, node=commands[i].node, jid=module:get_host()}); |
adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
Florian Zeitz <florob@babelmonkeys.de>
parents:
36
diff
changeset
|
23 reply:up(); |
adc9eff8adb2
mod_adhoc, mod_adhoc_cmd_admin: Show only commands they may execute to the user
Florian Zeitz <florob@babelmonkeys.de>
parents:
36
diff
changeset
|
24 end |
6 | 25 end |
26 origin.send(reply); | |
27 return true; | |
28 end | |
29 end, 500); | |
30 | |
31 module:hook("iq/host", function (event) | |
32 local origin, stanza = event.origin, event.stanza; | |
33 if stanza.attr.type == "set" and stanza.tags[1] and stanza.tags[1].name == "command" then | |
34 local node = stanza.tags[1].attr.node | |
93
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
35 local privileged = is_admin(event.stanza.attr.from) or is_admin(stanza.attr.from, stanza.attr.to); -- TODO: Is this correct, or should is_admin be changed? |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
36 for i = 1, #commands do |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
37 if commands[i].node == node then |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
38 -- check whether user has permission to execute this command first |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
39 if commands[i].permission == "admin" and not privileged then |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
40 origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up() |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
41 :add_child(commands[i]:cmdtag("canceled") |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
42 :tag("note", {type="error"}):text("You don't have permission to execute this command"))); |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
43 return true |
6 | 44 end |
93
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
45 -- User has permission now execute the command |
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
46 return commands[i].handler(commands[i], origin, stanza); |
6 | 47 end |
93
611d16867410
mod_adhoc: Check for global and host admins
Florian Zeitz <florob@babelmonkeys.de>
parents:
49
diff
changeset
|
48 end |
6 | 49 end |
50 end, 500); | |
51 | |
52 module:hook("item-added/adhoc", function (event) | |
53 commands[ # commands + 1] = event.item; | |
54 end, 500); | |
9 | 55 |
56 local _G = _G; | |
57 local t_remove = _G.table.remove; | |
58 module:hook("item-removed/adhoc", function (event) | |
59 for i = 1, #commands do | |
60 if commands[i].node == event.item.node then | |
61 t_remove(commands, i); | |
28
b9d063dd16d5
mod_adhoc, mod_adhoc_cmd_ping: Code cleanup
Florian Zeitz <florob@babelmonkeys.de>
parents:
9
diff
changeset
|
62 break; |
9 | 63 end |
64 end | |
65 end, 500); |