Software /
code /
prosody
Annotate
core/usermanager.lua @ 10688:83668e16b9a3
MUC: Switch to new storage format by default
Changing the default setting of `new_muc_storage_format` from false to true.
The code supports reading both formats since 0.11, but servers with MUCs stored
using the new format will not be able to downgrade to 0.10 or earlier.
The new format is clearer (less nesting for the most commonly-accessed data),
and combined with the new map-store methods, allows for some operations to become
more efficient (such as finding out which MUCs on a service a given user is affiliated
with).
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Thu, 12 Mar 2020 16:10:44 +0000 |
parent | 10659:8f95308c3c45 |
child | 10695:52886aad9ee1 |
rev | line source |
---|---|
1523
841d61be198f
Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents:
896
diff
changeset
|
1 -- Prosody IM |
2923
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2032
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2032
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
4 -- |
758 | 5 -- This project is MIT/X11 licensed. Please see the |
6 -- COPYING file in the source package for more information. | |
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
7 -- |
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
8 |
3180
99be525bcfb4
Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name.
Matthew Wild <mwild1@gmail.com>
parents:
3177
diff
changeset
|
9 local modulemanager = require "core.modulemanager"; |
53
14ea0fe6ca86
Session destruction fixes, some debugging code while we fix the rest. Also change logger to be more useful.
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
10 local log = require "util.logger".init("usermanager"); |
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
11 local type = type; |
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
12 local jid_bare = require "util.jid".bare; |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
13 local jid_split = require "util.jid".split; |
4459
2ccc386b9913
usermanager: Prep admin JIDs (fixes issue#276).
Waqas Hussain <waqas20@gmail.com>
parents:
4237
diff
changeset
|
14 local jid_prep = require "util.jid".prep; |
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
15 local config = require "core.configmanager"; |
3362
90bf162303f3
usermanager: Return a non-nil SASL handler from the null auth provider (fixes a traceback).
Waqas Hussain <waqas20@gmail.com>
parents:
3336
diff
changeset
|
16 local sasl_new = require "util.sasl".new; |
5042
ce823b32225e
usermanager: Add method for deleting a user
Kim Alvefur <zash@zash.se>
parents:
4943
diff
changeset
|
17 local storagemanager = require "core.storagemanager"; |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
18 local set = require "util.set"; |
0 | 19 |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
20 local prosody = _G.prosody; |
8717
9ddd0fbbe53a
core: Use prosody.hosts instead of _G.hosts for consistency
Kim Alvefur <zash@zash.se>
parents:
8555
diff
changeset
|
21 local hosts = prosody.hosts; |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
22 |
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
23 local setmetatable = setmetatable; |
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
24 |
3336
3a8ce659edfc
mod_auth_internal, usermanager: Rename to mod_auth_internal_plain, and update usermanager to still use it as the default
Matthew Wild <mwild1@gmail.com>
parents:
3293
diff
changeset
|
25 local default_provider = "internal_plain"; |
3180
99be525bcfb4
Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name.
Matthew Wild <mwild1@gmail.com>
parents:
3177
diff
changeset
|
26 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
27 local _ENV = nil; |
8555
4f0f5b49bb03
vairious: Add annotation when an empty environment is set [luacheck]
Kim Alvefur <zash@zash.se>
parents:
8192
diff
changeset
|
28 -- luacheck: std none |
0 | 29 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
30 local function new_null_provider() |
3991
2b86d7705f4e
usermanager: Change dummy provider method to return an error string also (method not implemented)
Matthew Wild <mwild1@gmail.com>
parents:
3982
diff
changeset
|
31 local function dummy() return nil, "method not implemented"; end; |
3362
90bf162303f3
usermanager: Return a non-nil SASL handler from the null auth provider (fixes a traceback).
Waqas Hussain <waqas20@gmail.com>
parents:
3336
diff
changeset
|
32 local function dummy_get_sasl_handler() return sasl_new(nil, {}); end |
3991
2b86d7705f4e
usermanager: Change dummy provider method to return an error string also (method not implemented)
Matthew Wild <mwild1@gmail.com>
parents:
3982
diff
changeset
|
33 return setmetatable({name = "null", get_sasl_handler = dummy_get_sasl_handler}, { |
6663
d3023dd07cb6
portmanager, s2smanager, sessionmanager, stanza_router, storagemanager, usermanager, util.xml: Add luacheck annotations
Matthew Wild <mwild1@gmail.com>
parents:
6628
diff
changeset
|
34 __index = function(self, method) return dummy; end --luacheck: ignore 212 |
3991
2b86d7705f4e
usermanager: Change dummy provider method to return an error string also (method not implemented)
Matthew Wild <mwild1@gmail.com>
parents:
3982
diff
changeset
|
35 }); |
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
36 end |
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
37 |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
38 local global_admins_config = config.get("*", "admins"); |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
39 if type(global_admins_config) ~= "table" then |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
40 global_admins_config = nil; -- TODO: factor out moduleapi magic config handling and use it here |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
41 end |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
42 local global_admins = set.new(global_admins_config) / jid_prep; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
43 |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
44 local admin_role = { ["prosody:admin"] = true }; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
45 local global_authz_provider = { |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
46 get_user_roles = function (user) end; --luacheck: ignore 212/user |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
47 get_jid_roles = function (jid) |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
48 if global_admins:contains(jid) then |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
49 return admin_role; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
50 end |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
51 end; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
52 }; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
53 |
3992
73075b004e77
usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers)
Matthew Wild <mwild1@gmail.com>
parents:
3991
diff
changeset
|
54 local provider_mt = { __index = new_null_provider() }; |
73075b004e77
usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers)
Matthew Wild <mwild1@gmail.com>
parents:
3991
diff
changeset
|
55 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
56 local function initialize_host(host) |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
57 local host_session = hosts[host]; |
10634
c9e1cb7a38b8
usermanager: Load authz providers on components also
Matthew Wild <mwild1@gmail.com>
parents:
10633
diff
changeset
|
58 |
10659
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
10640
diff
changeset
|
59 local authz_provider_name = config.get(host, "authorization") or "internal"; |
10634
c9e1cb7a38b8
usermanager: Load authz providers on components also
Matthew Wild <mwild1@gmail.com>
parents:
10633
diff
changeset
|
60 |
c9e1cb7a38b8
usermanager: Load authz providers on components also
Matthew Wild <mwild1@gmail.com>
parents:
10633
diff
changeset
|
61 local authz_mod = modulemanager.load(host, "authz_"..authz_provider_name); |
c9e1cb7a38b8
usermanager: Load authz providers on components also
Matthew Wild <mwild1@gmail.com>
parents:
10633
diff
changeset
|
62 host_session.authz = authz_mod or global_authz_provider; |
c9e1cb7a38b8
usermanager: Load authz providers on components also
Matthew Wild <mwild1@gmail.com>
parents:
10633
diff
changeset
|
63 |
3612
5547acd18a9f
usermanager: Don't load auth modules for components.
Waqas Hussain <waqas20@gmail.com>
parents:
3608
diff
changeset
|
64 if host_session.type ~= "local" then return; end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5377
diff
changeset
|
65 |
3163 | 66 host_session.events.add_handler("item-added/auth-provider", function (event) |
67 local provider = event.item; | |
5377
898454038524
core.*: Complete removal of all traces of the "core" section and section-related code.
Kim Alvefur <zash@zash.se>
parents:
5157
diff
changeset
|
68 local auth_provider = config.get(host, "authentication") or default_provider; |
898454038524
core.*: Complete removal of all traces of the "core" section and section-related code.
Kim Alvefur <zash@zash.se>
parents:
5157
diff
changeset
|
69 if config.get(host, "anonymous_login") then |
4773
ee55956597f4
usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version.
Matthew Wild <mwild1@gmail.com>
parents:
4459
diff
changeset
|
70 log("error", "Deprecated config option 'anonymous_login'. Use authentication = 'anonymous' instead."); |
ee55956597f4
usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version.
Matthew Wild <mwild1@gmail.com>
parents:
4459
diff
changeset
|
71 auth_provider = "anonymous"; |
ee55956597f4
usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version.
Matthew Wild <mwild1@gmail.com>
parents:
4459
diff
changeset
|
72 end -- COMPAT 0.7 |
3180
99be525bcfb4
Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name.
Matthew Wild <mwild1@gmail.com>
parents:
3177
diff
changeset
|
73 if provider.name == auth_provider then |
3992
73075b004e77
usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers)
Matthew Wild <mwild1@gmail.com>
parents:
3991
diff
changeset
|
74 host_session.users = setmetatable(provider, provider_mt); |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
75 end |
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
3163
diff
changeset
|
76 if host_session.users ~= nil and host_session.users.name ~= nil then |
6628
8495734da243
usermanager: Capitalize log message
Kim Alvefur <zash@zash.se>
parents:
5795
diff
changeset
|
77 log("debug", "Host '%s' now set to use user provider '%s'", host, host_session.users.name); |
3163 | 78 end |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
79 end); |
3163 | 80 host_session.events.add_handler("item-removed/auth-provider", function (event) |
81 local provider = event.item; | |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
82 if host_session.users == provider then |
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
83 host_session.users = new_null_provider(); |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
84 end |
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
85 end); |
3540
bc139431830b
Monster whitespace commit (beware the whitespace monster).
Waqas Hussain <waqas20@gmail.com>
parents:
3466
diff
changeset
|
86 host_session.users = new_null_provider(); -- Start with the default usermanager provider |
5377
898454038524
core.*: Complete removal of all traces of the "core" section and section-related code.
Kim Alvefur <zash@zash.se>
parents:
5157
diff
changeset
|
87 local auth_provider = config.get(host, "authentication") or default_provider; |
898454038524
core.*: Complete removal of all traces of the "core" section and section-related code.
Kim Alvefur <zash@zash.se>
parents:
5157
diff
changeset
|
88 if config.get(host, "anonymous_login") then auth_provider = "anonymous"; end -- COMPAT 0.7 |
3540
bc139431830b
Monster whitespace commit (beware the whitespace monster).
Waqas Hussain <waqas20@gmail.com>
parents:
3466
diff
changeset
|
89 if auth_provider ~= "null" then |
bc139431830b
Monster whitespace commit (beware the whitespace monster).
Waqas Hussain <waqas20@gmail.com>
parents:
3466
diff
changeset
|
90 modulemanager.load(host, "auth_"..auth_provider); |
bc139431830b
Monster whitespace commit (beware the whitespace monster).
Waqas Hussain <waqas20@gmail.com>
parents:
3466
diff
changeset
|
91 end |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
92 |
3176
f77759710324
usermanager: Add hunk that got missed in a merge
Matthew Wild <mwild1@gmail.com>
parents:
3167
diff
changeset
|
93 end; |
3293
4ce9d569a99c
usermanager: Expose host_handler() as initialize_host()
Matthew Wild <mwild1@gmail.com>
parents:
3285
diff
changeset
|
94 prosody.events.add_handler("host-activated", initialize_host, 100); |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
95 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
96 local function test_password(username, host, password) |
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
97 return hosts[host].users.test_password(username, password); |
0 | 98 end |
38 | 99 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
100 local function get_password(username, host) |
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
101 return hosts[host].users.get_password(username); |
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
102 end |
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
103 |
8192
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
104 local function set_password(username, password, host, resource) |
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
105 local ok, err = hosts[host].users.set_password(username, password); |
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
106 if ok then |
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
107 prosody.events.fire_event("user-password-changed", { username = username, host = host, resource = resource }); |
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
108 end |
4354f556c5db
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Kim Alvefur <zash@zash.se>
parents:
7177
diff
changeset
|
109 return ok, err; |
2934
060bb8217fea
usermanager: Added function set_password.
Waqas Hussain <waqas20@gmail.com>
parents:
2929
diff
changeset
|
110 end |
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
111 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
112 local function user_exists(username, host) |
7177
1295e14614f4
usermanager: Shortcircuit user existence check if they have existing sessions
Kim Alvefur <zash@zash.se>
parents:
6979
diff
changeset
|
113 if hosts[host].sessions[username] then return true; end |
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
114 return hosts[host].users.user_exists(username); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
115 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
116 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
117 local function create_user(username, password, host) |
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
118 return hosts[host].users.create_user(username, password); |
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
119 end |
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
120 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
121 local function delete_user(username, host) |
5042
ce823b32225e
usermanager: Add method for deleting a user
Kim Alvefur <zash@zash.se>
parents:
4943
diff
changeset
|
122 local ok, err = hosts[host].users.delete_user(username); |
ce823b32225e
usermanager: Add method for deleting a user
Kim Alvefur <zash@zash.se>
parents:
4943
diff
changeset
|
123 if not ok then return nil, err; end |
5094
e646c849d72f
core.usermanager: Don't close sessions ourselves when deleting users. Instead, fire an event that modules can hook.
Kim Alvefur <zash@zash.se>
parents:
5042
diff
changeset
|
124 prosody.events.fire_event("user-deleted", { username = username, host = host }); |
5129
e8253c931166
storagemanager: Add purge() for purging user data from all backends in use
Kim Alvefur <zash@zash.se>
parents:
5094
diff
changeset
|
125 return storagemanager.purge(username, host); |
3993
b71e5ecc694b
usermanager: Add delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3992
diff
changeset
|
126 end |
b71e5ecc694b
usermanager: Add delete_user method
Matthew Wild <mwild1@gmail.com>
parents:
3992
diff
changeset
|
127 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
128 local function users(host) |
5157
0e1686f334b8
usermanager: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents:
5129
diff
changeset
|
129 return hosts[host].users.users(); |
0e1686f334b8
usermanager: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents:
5129
diff
changeset
|
130 end |
0e1686f334b8
usermanager: Add support for iterating over accounts
Kim Alvefur <zash@zash.se>
parents:
5129
diff
changeset
|
131 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
132 local function get_sasl_handler(host, session) |
4943
50f63f07245f
usermanager: Pass session on to auth provider (missing half of commit 0545a574667b) (thanks Zash)
Matthew Wild <mwild1@gmail.com>
parents:
4773
diff
changeset
|
133 return hosts[host].users.get_sasl_handler(session); |
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
134 end |
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
135 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
136 local function get_provider(host) |
3167
546695e80e0a
Correct out of order logic in mod_hashpassauth
Jeff Mitchell <jeff@jefferai.org>
parents:
3166
diff
changeset
|
137 return hosts[host].users; |
546695e80e0a
Correct out of order logic in mod_hashpassauth
Jeff Mitchell <jeff@jefferai.org>
parents:
3166
diff
changeset
|
138 end |
546695e80e0a
Correct out of order logic in mod_hashpassauth
Jeff Mitchell <jeff@jefferai.org>
parents:
3166
diff
changeset
|
139 |
10640
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
140 local function get_roles(jid, host) |
4237
6b0d7d94eb7f
usermanager: Check host exists before trying to look up admins for it
Matthew Wild <mwild1@gmail.com>
parents:
3993
diff
changeset
|
141 if host and not hosts[host] then return false; end |
4459
2ccc386b9913
usermanager: Prep admin JIDs (fixes issue#276).
Waqas Hussain <waqas20@gmail.com>
parents:
4237
diff
changeset
|
142 if type(jid) ~= "string" then return false; end |
4237
6b0d7d94eb7f
usermanager: Check host exists before trying to look up admins for it
Matthew Wild <mwild1@gmail.com>
parents:
3993
diff
changeset
|
143 |
3285
c116c4b2db5a
usermanager: is_admin: Resume the old role of determining precisely whether a user is an admin for a given host (or a global admin) - auth providers checked for JIDs not listed in the config if they support it
Matthew Wild <mwild1@gmail.com>
parents:
3218
diff
changeset
|
144 jid = jid_bare(jid); |
c116c4b2db5a
usermanager: is_admin: Resume the old role of determining precisely whether a user is an admin for a given host (or a global admin) - auth providers checked for JIDs not listed in the config if they support it
Matthew Wild <mwild1@gmail.com>
parents:
3218
diff
changeset
|
145 host = host or "*"; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5377
diff
changeset
|
146 |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
147 local actor_user, actor_host = jid_split(jid); |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
148 local roles; |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
149 |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
150 local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5377
diff
changeset
|
151 |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
152 if actor_host == host then -- Local user |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
153 roles = authz_provider.get_user_roles(actor_user); |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
154 else -- Remote user/JID |
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
155 roles = authz_provider.get_jid_roles(jid); |
3030
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
156 end |
5776
bd0ff8ae98a8
Remove all trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
5377
diff
changeset
|
157 |
10640
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
158 return roles; |
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
159 end |
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
160 |
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
161 local function is_admin(jid, host) |
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
162 local roles = get_roles(jid, host); |
10633
d1cc6af0fb97
usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).
Matthew Wild <mwild1@gmail.com>
parents:
8717
diff
changeset
|
163 return roles and roles["prosody:admin"]; |
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
164 end |
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
165 |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
166 return { |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
167 new_null_provider = new_null_provider; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
168 initialize_host = initialize_host; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
169 test_password = test_password; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
170 get_password = get_password; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
171 set_password = set_password; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
172 user_exists = user_exists; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
173 create_user = create_user; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
174 delete_user = delete_user; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
175 users = users; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
176 get_sasl_handler = get_sasl_handler; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
177 get_provider = get_provider; |
10640
5622eda7c5c5
usermanager: Add get_roles() function
Matthew Wild <mwild1@gmail.com>
parents:
10635
diff
changeset
|
178 get_roles = get_roles; |
6779
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
179 is_admin = is_admin; |
6236668da30a
core.*: Remove use of module() function
Kim Alvefur <zash@zash.se>
parents:
6663
diff
changeset
|
180 }; |