Software / code / prosody
Annotate
util/presence.lua @ 13843:87dd8639f08f 13.0
mod_invites_register: Stricter validation of registration events
This fixes two problems:
1) Account invites that were created with a specific username were not
in fact restricted to that username.
2) Password reset invites were not restricted to resetting passwords,
but could be used to create an arbitrary new account if the client
or registration frontend (e.g. mod_invites_register_web) doesn't
handle/enforce the username.
This new validation ensures that registrations and resets are always for the
username specified in the invitation.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 10 Apr 2025 16:07:32 +0100 |
| parent | 8885:d4f5d47f874d |
| rev | line source |
|---|---|
|
7279
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- Prosody IM |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- This project is MIT/X11 licensed. Please see the |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- COPYING file in the source package for more information. |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 local t_insert = table.insert; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 local function select_top_resources(user) |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 local priority = 0; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 local recipients = {}; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 for _, session in pairs(user.sessions) do -- find resource with greatest priority |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 if session.presence then |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local p = session.priority; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 if p > priority then |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 priority = p; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 recipients = {session}; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 elseif p == priority then |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
21 t_insert(recipients, session); |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 return recipients; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 local function recalc_resource_map(user) |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 if user then |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 user.top_resources = select_top_resources(user); |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 if #user.top_resources == 0 then user.top_resources = nil; end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 end |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 return { |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 select_top_resources = select_top_resources; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 recalc_resource_map = recalc_resource_map; |
|
051279755cad
mod_presence: Move function for selecting "top resources" into a new util.presence
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 } |
