Annotate

mod_omemo_all_access/mod_omemo_all_access.lua @ 5071:bc983da908e6

mod_sasl2_fast: Take username from SASL exchange rather than stream@from
author Matthew Wild <mwild1@gmail.com>
date Sat, 15 Oct 2022 19:42:55 +0100
parent 3210:9505282ad24f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
1 -- OMEMO all access module
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
2 -- Copyright (c) 2017 Daniel Gultsch
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
3 --
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
4 -- This module is MIT/X11 licensed
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
5 --
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
6
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
7 local jid_bare = require "util.jid".bare;
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
8 local st = require "util.stanza"
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
9 local white_listed_namespace = "eu.siacs.conversations.axolotl."
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
10 local disco_feature_namespace = white_listed_namespace .. "whitelisted"
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
11
3210
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
12 local mm = require "core.modulemanager";
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
13
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
14
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
15 -- COMPAT w/trunk
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
16 local pep_module_name = "pep";
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
17 if mm.get_modules_for_host then
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
18 if mm.get_modules_for_host(module.host):contains("pep_simple") then
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
19 pep_module_name = "pep_simple";
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
20 end
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
21 end
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
22
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
23 local mod_pep = module:depends(pep_module_name);
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
24 local pep_data = mod_pep.module.save().data;
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
25
3209
5b02241a254e mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents: 2858
diff changeset
26 if not pep_data then
5b02241a254e mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents: 2858
diff changeset
27 module:log("error", "This module is not compatible with your version of mod_pep");
3210
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
28 if mm.get_modules_for_host then
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
29 module:log("error", "Please use mod_pep_simple instead of mod_pep to continue using this module");
9505282ad24f mod_omemo_all_access: Add compatibility with mod_pep_simple
Matthew Wild <mwild1@gmail.com>
parents: 3209
diff changeset
30 end
3209
5b02241a254e mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents: 2858
diff changeset
31 return false;
5b02241a254e mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents: 2858
diff changeset
32 end
5b02241a254e mod_omemo_all_access: Log error when used with incompatible mod_pep
Matthew Wild <mwild1@gmail.com>
parents: 2858
diff changeset
33
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
34 local function on_account_disco_info(event)
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
35 (event.reply or event.stanza):tag("feature", {var=disco_feature_namespace}):up();
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
36 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
37
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
38 local function on_pep_request(event)
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
39 local session, stanza = event.origin, event.stanza
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
40 local payload = stanza.tags[1];
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
41 if stanza.attr.type == 'get' then
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
42 local node, requested_id;
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
43 payload = payload.tags[1]
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
44 if payload and payload.name == 'items' then
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
45 node = payload.attr.node
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
46 local item = payload.tags[1];
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
47 if item and item.name == 'item' then
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
48 requested_id = item.attr.id;
2858
150a7bd59043 mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents: 2856
diff changeset
49 end
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
50 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
51 if node and string.sub(node,1,string.len(white_listed_namespace)) == white_listed_namespace then
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
52 local user = stanza.attr.to and jid_bare(stanza.attr.to) or session.username..'@'..session.host;
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
53 local user_data = pep_data[user];
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
54 if user_data and user_data[node] then
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
55 local id, item = unpack(user_data[node]);
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
56 if not requested_id or id == requested_id then
2858
150a7bd59043 mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents: 2856
diff changeset
57 local reply_stanza = st.reply(stanza)
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
58 :tag('pubsub', {xmlns='http://jabber.org/protocol/pubsub'})
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
59 :tag('items', {node=node})
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
60 :add_child(item)
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
61 :up()
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
62 :up();
2858
150a7bd59043 mod_omemo_all_access: fixed some linter warnings
Daniel Gultsch <daniel@gultsch.de>
parents: 2856
diff changeset
63 session.send(reply_stanza);
2856
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
64 module:log("debug","provided access to omemo node",node)
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
65 return true;
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
66 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
67 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
68 module:log("debug","requested node was white listed", node)
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
69 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
70 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
71 end
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
72
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
73 module:hook("iq/bare/http://jabber.org/protocol/pubsub:pubsub", on_pep_request, 10);
08f6b9d37a49 mod_omemo_all_access: initial commit. disable access control for all omemo related PEP nodes
Daniel Gultsch <daniel@gultsch.de>
parents:
diff changeset
74 module:hook("account-disco-info", on_account_disco_info);