# HG changeset patch # User Florian Zeitz # Date 1258220694 -3600 # Node ID 611d16867410659f3c05c2209b4d0981f5e8f717 # Parent 7dad958aad15261d3e05aaf2e84b1073c96d936d mod_adhoc: Check for global and host admins diff -r 7dad958aad15 -r 611d16867410 mod_adhoc/adhoc/mod_adhoc.lua --- a/mod_adhoc/adhoc/mod_adhoc.lua Fri Nov 13 21:01:24 2009 +0100 +++ b/mod_adhoc/adhoc/mod_adhoc.lua Sat Nov 14 18:44:54 2009 +0100 @@ -12,7 +12,7 @@ module:hook("iq/host/http://jabber.org/protocol/disco#items:query", function (event) local origin, stanza = event.origin, event.stanza; - local privileged = is_admin(event.stanza.attr.from); + local privileged = is_admin(event.stanza.attr.from) or is_admin(stanza.attr.from, stanza.attr.to); -- TODO: Is this correct, or should is_admin be changed? if stanza.attr.type == "get" and stanza.tags[1].attr.node and stanza.tags[1].attr.node == "http://jabber.org/protocol/commands" then reply = st.reply(stanza); reply:tag("query", {xmlns="http://jabber.org/protocol/disco#items", node="http://jabber.org/protocol/commands"}) @@ -32,19 +32,20 @@ local origin, stanza = event.origin, event.stanza; if stanza.attr.type == "set" and stanza.tags[1] and stanza.tags[1].name == "command" then local node = stanza.tags[1].attr.node - for i = 1, #commands do - if commands[i].node == node then - -- check whether user has permission to execute this command first - if commands[i].permission == "admin" and not is_admin(stanza.attr.from) then - origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up() - :add_child(commands[i]:cmdtag("canceled") - :tag("note", {type="error"}):text("You don't have permission to execute this command"))); - return true - end - -- User has permission now execute the command - return commands[i].handler(commands[i], origin, stanza); + local privileged = is_admin(event.stanza.attr.from) or is_admin(stanza.attr.from, stanza.attr.to); -- TODO: Is this correct, or should is_admin be changed? + for i = 1, #commands do + if commands[i].node == node then + -- check whether user has permission to execute this command first + if commands[i].permission == "admin" and not privileged then + origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up() + :add_child(commands[i]:cmdtag("canceled") + :tag("note", {type="error"}):text("You don't have permission to execute this command"))); + return true end + -- User has permission now execute the command + return commands[i].handler(commands[i], origin, stanza); end + end end end, 500);