Annotate
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
| author |
Matthew Wild <mwild1@gmail.com> |
| date |
Mon, 15 Aug 2022 15:25:07 +0100 |
| parent |
5403:d7ecf6cd584e |
| rev |
line source |
|
5403
|
1
|
|
|
2 The Prosody project is open to contributions (see HACKERS file), but is
|
|
|
3 maintained daily by:
|
|
94
|
4
|
|
5403
|
5 - Matthew Wild (mail: matthew [at] prosody.im)
|
|
|
6 - Waqas Hussain (mail: waqas [at] prosody.im)
|
|
|
7 - Kim Alvefur (mail: zash [at] prosody.im)
|
|
|
8
|
|
|
9 You can reach us collectively by email: developers [at] prosody.im
|
|
|
10 or in realtime in the Prosody chatroom: prosody@conference.prosody.im
|
