prosody-modules
d2561c1d26f5
mod_client_management/mod_client_management.lua
Software / code / prosody-modules
Comparison
mod_client_management/mod_client_management.lua @ 5603:d2561c1d26f5
mod_client_management: Allow revoking a specific client version
Could be useful in case of a security issue affecting a particular
version. Even if in that case, the more likely use case is revoking all
older versions except the fixed one(s), this can be done with a loop or
improved later.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 14 Jul 2023 15:16:06 +0200 |
| parent | 5602:eae5599bc0b4 |
| child | 5604:5ade45d93908 |
comparison
equal
deleted
inserted
replaced
| 5602:eae5599bc0b4 | 5603:d2561c1d26f5 |
|---|---|
| 276 end); | 276 end); |
| 277 | 277 |
| 278 return active_clients; | 278 return active_clients; |
| 279 end | 279 end |
| 280 | 280 |
| 281 local function user_agent_tostring(user_agent) | |
| 282 if user_agent then | |
| 283 if user_agent.software then | |
| 284 if user_agent.software_version then | |
| 285 return user_agent.software .. "/" .. user_agent.software_version; | |
| 286 end | |
| 287 return user_agent.software; | |
| 288 end | |
| 289 end | |
| 290 end | |
| 291 | |
| 281 function revoke_client_access(username, client_selector) | 292 function revoke_client_access(username, client_selector) |
| 282 if client_selector then | 293 if client_selector then |
| 283 local c_type, c_id = client_selector:match("^(%w+)/(.+)$"); | 294 local c_type, c_id = client_selector:match("^(%w+)/(.+)$"); |
| 284 if c_type == "client" then | 295 if c_type == "client" then |
| 285 local client = client_store:get_key(username, c_id); | 296 local client = client_store:get_key(username, c_id); |
| 312 if not ok then return nil, "internal-server-error"; end | 323 if not ok then return nil, "internal-server-error"; end |
| 313 return true; | 324 return true; |
| 314 elseif c_type == "software" then | 325 elseif c_type == "software" then |
| 315 local active_clients = get_active_clients(username); | 326 local active_clients = get_active_clients(username); |
| 316 for _, client in ipairs(active_clients) do | 327 for _, client in ipairs(active_clients) do |
| 317 if client.user_agent and client.user_agent.software == c_id then | 328 if client.user_agent and client.user_agent.software == c_id or user_agent_tostring(client.user_agent) then |
| 318 return revoke_client_access(username, client.id); | 329 return revoke_client_access(username, client.id); |
| 319 end | 330 end |
| 320 end | 331 end |
| 321 end | 332 end |
| 322 end | 333 end |
| 430 { title = "ID"; key = "id"; width = math.max(#"client/", #"grant/") + #id.short() }; | 441 { title = "ID"; key = "id"; width = math.max(#"client/", #"grant/") + #id.short() }; |
| 431 { | 442 { |
| 432 title = "Software"; | 443 title = "Software"; |
| 433 key = "user_agent"; | 444 key = "user_agent"; |
| 434 width = "1p"; | 445 width = "1p"; |
| 435 mapper = function(user_agent) | 446 mapper = user_agent_tostring; |
| 436 if user_agent and user_agent.software then | |
| 437 if user_agent.software_version then | |
| 438 return user_agent.software .. "/" .. user_agent.software_version; | |
| 439 else | |
| 440 return user_agent.software; | |
| 441 end | |
| 442 end | |
| 443 end; | |
| 444 }; | 447 }; |
| 445 { | 448 { |
| 446 title = "Last seen"; | 449 title = "Last seen"; |
| 447 key = "last_seen"; | 450 key = "last_seen"; |
| 448 width = math.max(#os.date("%Y-%m-%d"), #os.date("%H:%M:%S")); | 451 width = math.max(#os.date("%Y-%m-%d"), #os.date("%H:%M:%S")); |
