prosody-modules
bc75fc9400ae
mod_isolate_host/mod_isolate_host.lua
Software / code / prosody-modules
Comparison
mod_isolate_host/mod_isolate_host.lua @ 5004:bc75fc9400ae
mod_isolate_host: Switch to module:may() (back compatible via compat_roles)
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 15 Aug 2022 14:18:07 +0100 |
| parent | 1792:8e19b943c2cd |
| child | 5096:16db0a6e868c |
comparison
equal
deleted
inserted
replaced
| 5003:e840aadebb61 | 5004:bc75fc9400ae |
|---|---|
| 1 local jid = require "util.jid"; | 1 local jid = require "util.jid"; |
| 2 local jid_bare, jid_split = jid.bare, jid.split; | 2 local jid_bare, jid_host = jid.bare, jid.host; |
| 3 local is_admin = require "core.usermanager".is_admin; | |
| 4 local set = require "util.set"; | 3 local set = require "util.set"; |
| 5 local st = require "util.stanza"; | 4 local st = require "util.stanza"; |
| 6 | 5 |
| 7 local stanza_types = set.new{"message", "presence", "iq"}; | 6 local stanza_types = set.new{"message", "presence", "iq"}; |
| 8 local jid_types = set.new{"bare", "full", "host"}; | 7 local jid_types = set.new{"bare", "full", "host"}; |
| 9 | 8 |
| 10 local except_domains = module:get_option_inherited_set("isolate_except_domains", {}); | 9 local except_domains = module:get_option_inherited_set("isolate_except_domains", {}); |
| 11 local except_users = module:get_option_inherited_set("isolate_except_users", {}); | 10 local except_users = module:get_option_inherited_set("isolate_except_users", {}); |
| 12 | 11 |
| 12 if not module.may then | |
| 13 module:depends("compat_roles"); | |
| 14 end | |
| 15 | |
| 13 function check_stanza(event) | 16 function check_stanza(event) |
| 14 local origin, stanza = event.origin, event.stanza; | 17 local origin, stanza = event.origin, event.stanza; |
| 15 if origin.no_host_isolation then return; end | 18 if origin.no_host_isolation then return; end |
| 16 local to_user, to_host = jid_split(event.stanza.attr.to); | 19 local to_host = jid_host(event.stanza.attr.to); |
| 17 if to_host and to_host ~= origin.host and not except_domains:contains(to_host) then | 20 if to_host and to_host ~= origin.host and not except_domains:contains(to_host) then |
| 18 if to_host:match("^[^.]+%.(.+)$") == origin.host then -- Permit subdomains | 21 if to_host:match("^[^.]+%.(.+)$") == origin.host then -- Permit subdomains |
| 19 except_domains:add(to_host); | 22 except_domains:add(to_host); |
| 20 return; | 23 return; |
| 21 end | 24 end |
| 29 for jid_type in jid_types do | 32 for jid_type in jid_types do |
| 30 module:hook("pre-"..stanza_type.."/"..jid_type, check_stanza, 1); | 33 module:hook("pre-"..stanza_type.."/"..jid_type, check_stanza, 1); |
| 31 end | 34 end |
| 32 end | 35 end |
| 33 | 36 |
| 37 module:default_permission("prosody:admin", "xmpp:federate"); | |
| 38 | |
| 34 function check_user_isolated(event) | 39 function check_user_isolated(event) |
| 35 local session = event.session; | 40 local session = event.session; |
| 36 local bare_jid = jid_bare(session.full_jid); | 41 local bare_jid = jid_bare(session.full_jid); |
| 37 if is_admin(bare_jid, module.host) or except_users:contains(bare_jid) then | 42 if module:may("xmpp:federate") or except_users:contains(bare_jid) then |
| 38 session.no_host_isolation = true; | 43 session.no_host_isolation = true; |
| 39 end | 44 end |
| 40 module:log("debug", "%s is %sisolated", session.full_jid or "[?]", session.no_host_isolation and "" or "not "); | 45 module:log("debug", "%s is %sisolated", session.full_jid or "[?]", session.no_host_isolation and "" or "not "); |
| 41 end | 46 end |
| 42 | 47 |
