prosody-modules
9b03238d4e0e
mod_readonly/mod_readonly.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_readonly/mod_readonly.lua @ 6334:9b03238d4e0e

mod_http_oauth2: Only issue id_token when granted openid scope OpenID Connect Core 1.0 states that OIDC is only being done if the "openid" scope is included. https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.1 Less details given out by default is good for privacy and byte count.
author Kim Alvefur <zash@zash.se>
date Tue, 15 Jul 2025 01:46:38 +0200
parent 3270:7776c9dc5f37
line wrap: on
line source

local st = require "util.stanza";

local stores = module:get_option("readonly_stores", {
	vcard = { "vcard-temp", "vCard" };
});

local namespaces = {};
for name, namespace in pairs(stores) do
	namespaces[table.concat(namespace, ":")] = name;
end

local function prevent_write(event)
	local stanza = event.stanza;
	local xmlns_and_tag = stanza.tags[1].attr.xmlns..":"..stanza.tags[1].name;
	local store_name = namespaces[xmlns_and_tag];
	if store_name then
		module:log("warn", "Preventing modification of %s store by %s", store_name, stanza.attr.from);
		event.origin.send(st.error_reply(stanza, "cancel", "not-allowed", store_name.." data is read-only"));
		return true; -- Block stanza
	end
end

for namespace in pairs(namespaces) do
	module:hook("iq-set/bare/"..namespace, prevent_write, 200);
end