Software /
code /
prosody-modules
File
mod_admin_blocklist/mod_admin_blocklist.lua @ 4917:9d0ec61c70a1
mod_rest: Catch and coerce errors in echo endpoint
This should ensure problems in encode() are reported back
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Thu, 07 Apr 2022 17:48:08 +0200 |
parent | 4805:683d1ad16b56 |
child | 5016:964de9997552 |
line wrap: on
line source
-- mod_admin_blocklist -- -- If a local admin has blocked a domain, don't allow s2s to that domain -- -- Copyright (C) 2015-2021 Kim Alvefur -- -- This file is MIT/X11 licensed. -- module:depends("blocklist"); local st = require"util.stanza"; local jid_split = require"util.jid".split; local usermanager = require "core.usermanager"; local admins; if usermanager.get_jids_with_role then local set = require "util.set"; admins = set.new(usermanager.get_jids_with_role("prosody:admin"), module.host); else -- COMPAT w/pre-0.12 admins = module:get_option_inherited_set("admins", {}); end admins = admins / function (admin) -- Filter out non-local admins local user, host = jid_split(admin); if host == module.host then return user; end end local blocklists = module:open_store("blocklist"); local function is_blocked(host) for admin in admins do local blocklist = blocklists:get(admin); if blocklist and blocklist[host] then return true; end end end module:hook("route/remote", function (event) local origin, stanza = event.origin, event.stanza; if is_blocked(event.to_host) then if origin and stanza then origin.send(st.error_reply(stanza, "cancel", "not-allowed", "Communication with this domain is not allowed")); return true; end return false; end end, -9); module:hook("s2s-stream-features", function (event) local session = event.origin; if is_blocked(session.from_host) then session:close("policy-violation"); return false; end end, 1000); module:hook("stanza/http://etherx.jabber.org/streams:features", function (event) local session = event.origin; if is_blocked(session.to_host) then session:close("policy-violation"); return true; end end, 1000);