prosody-modules
06fbbd45ba75
mod_authz_delegate/mod_authz_delegate.lua
Software / code / prosody-modules
File
mod_authz_delegate/mod_authz_delegate.lua @ 6302:06fbbd45ba75
mod_cloud_notify: Readme: fix links and labels that were removed in the last commit
diff --git a/mod_cloud_notify/README.md b/mod_cloud_notify/README.md
--- a/mod_cloud_notify/README.md
+++ b/mod_cloud_notify/README.md
@@ -1,3 +1,9 @@
+----
+-labels:
+-- 'Stage-Beta'
+-summary: 'XEP-0357: Cloud push notifications'
+----
+
# Introduction
This module enables support for sending "push notifications" to clients
@@ -32,15 +38,15 @@ notification to your device. When your d
it will display it or wake up the app so it can connect to XMPP and
receive any pending messages.
-This protocol is described for developers in \[XEP-0357: Push
-Notifications\].
+This protocol is described for developers in [XEP-0357: Push
+Notifications].
-For this module to work reliably, you must have \[mod_smacks\],
-\[mod_mam\] and \[mod_carbons\] also enabled on your server.
+For this module to work reliably, you must have [mod_smacks],
+[mod_mam] and [mod_carbons] also enabled on your server.
Some clients, notably Siskin and Snikket iOS need some additional
extensions that are not currently defined in a standard XEP. To support
-these clients, see \[mod_cloud_notify_extensions\].
+these clients, see [mod_cloud_notify_extensions].
# Configuration
@@ -58,18 +64,18 @@ these clients, see \[mod_cloud_notify_ex
# Internal design notes
App servers are notified about offline messages, messages stored by
-\[mod_mam\] or messages waiting in the smacks queue. The business rules
+[mod_mam] or messages waiting in the smacks queue. The business rules
outlined
[here](//mail.jabber.org/pipermail/standards/2016-February/030925.html)
are all honored[^2].
-To cooperate with \[mod_smacks\] this module consumes some events:
+To cooperate with [mod_smacks] this module consumes some events:
`smacks-ack-delayed`, `smacks-hibernation-start` and
`smacks-hibernation-end`. These events allow this module to send out
notifications for messages received while the session is hibernated by
-\[mod_smacks\] or even when smacks acknowledgements for messages are
+[mod_smacks] or even when smacks acknowledgements for messages are
delayed by a certain amount of seconds configurable with the
-\[mod_smacks\] setting `smacks_max_ack_delay`.
+[mod_smacks] setting `smacks_max_ack_delay`.
The `smacks_max_ack_delay` setting allows to send out notifications to
clients which aren't already in smacks hibernation state (because the
| author | Menel <menel@snikket.de> |
|---|---|
| date | Fri, 13 Jun 2025 10:44:37 +0200 |
| parent | 5295:98d5acb93439 |
line wrap: on
line source
local target_host = assert(module:get_option("authz_delegate_to")); local this_host = module:get_host(); local array = require"util.array"; local jid_split = import("prosody.util.jid", "split"); local hosts = prosody.hosts; function get_jids_with_role(role) --luacheck: ignore 212/role return nil end function get_user_role(user) -- this is called where the JID belongs to the host this module is loaded on -- that means we have to delegate that to get_jid_role with an appropriately composed JID return hosts[target_host].authz.get_jid_role(user .. "@" .. this_host) end function set_user_role(user, role_name) --luacheck: ignore 212/user 212/role_name -- no roles for entities on this host. return false, "cannot set user role on delegation target" end function get_user_secondary_roles(user) --luacheck: ignore 212/user -- no roles for entities on this host. return {} end function add_user_secondary_role(user, role_name) --luacheck: ignore 212/user 212/role_name -- no roles for entities on this host. return nil, "cannot set user role on delegation target" end function remove_user_secondary_role(user, role_name) --luacheck: ignore 212/user 212/role_name -- no roles for entities on this host. return nil, "cannot set user role on delegation target" end function user_can_assume_role(user, role_name) --luacheck: ignore 212/user 212/role_name -- no roles for entities on this host. return false end function get_jid_role(jid) local user, host = jid_split(jid); if host == target_host then return hosts[target_host].authz.get_user_role(user); end return hosts[target_host].authz.get_jid_role(jid); end function set_jid_role(jid) --luacheck: ignore 212/jid -- TODO: figure out if there are actually legitimate uses for this... return nil, "cannot set jid role on delegation target" end local default_permission_queue = array{}; function add_default_permission(role_name, action, policy) -- NOTE: we always record default permissions, because the delegated-to -- host may be re-activated. default_permission_queue:push({ role_name = role_name, action = action, policy = policy, }); local target_host_object = hosts[target_host]; local authz = target_host_object and target_host_object.authz; if not authz then module:log("debug", "queueing add_default_permission call for later, %s is not active yet", target_host); return; end return authz.add_default_permission(role_name, action, policy) end function get_role_by_name(role_name) return hosts[target_host].authz.get_role_by_name(role_name) end function get_all_roles() return hosts[target_host].authz.get_all_roles() end module:hook_global("host-activated", function(host) if host == target_host then local authz = hosts[target_host].authz; module:log("debug", "replaying %d queued permission changes", #default_permission_queue); assert(authz); -- replay default permission changes, if any for i, item in ipairs(default_permission_queue) do authz.add_default_permission(item.role_name, item.action, item.policy); end -- NOTE: we do not clear that array here -- in case the target_host is -- re-activated end end, -10000)
