Software / code / prosody
Annotate
plugins/muc/presence_broadcast.lib.lua @ 12659:c0eea4f6c739
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 15 Aug 2022 15:25:07 +0100 |
| parent | 10687:8c2c5b4fde32 |
| child | 12977:74b9e05af71e |
| rev | line source |
|---|---|
|
10353
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
1 -- Prosody IM |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
4 -- Copyright (C) 2014 Daurnimator |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
5 -- |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
6 -- This project is MIT/X11 licensed. Please see the |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
7 -- COPYING file in the source package for more information. |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
8 -- |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
9 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
10 local st = require "util.stanza"; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
11 |
|
10687
8c2c5b4fde32
MUC: Support for broadcasting unavailable presence for affiliated offline users
Matthew Wild <mwild1@gmail.com>
parents:
10685
diff
changeset
|
12 local valid_roles = { "none", "visitor", "participant", "moderator" }; |
|
10353
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
13 local default_broadcast = { |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
14 visitor = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
15 participant = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
16 moderator = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
17 }; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
18 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
19 local function get_presence_broadcast(room) |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
20 return room._data.presence_broadcast or default_broadcast; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
21 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
22 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
23 local function set_presence_broadcast(room, broadcast_roles) |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
24 broadcast_roles = broadcast_roles or default_broadcast; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
25 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
26 local changed = false; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
27 local old_broadcast_roles = get_presence_broadcast(room); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
28 for _, role in ipairs(valid_roles) do |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
29 if old_broadcast_roles[role] ~= broadcast_roles[role] then |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
30 changed = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
31 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
32 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
33 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
34 if not changed then return false; end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
35 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
36 room._data.presence_broadcast = broadcast_roles; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
37 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
38 for _, occupant in room:each_occupant() do |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
39 local x = st.stanza("x", {xmlns = "http://jabber.org/protocol/muc#user";}); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
40 local role = occupant.role or "none"; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
41 if broadcast_roles[role] and not old_broadcast_roles[role] then |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
42 -- Presence broadcast is now enabled, so announce existing user |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
43 room:publicise_occupant_status(occupant, x); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
44 elseif old_broadcast_roles[role] and not broadcast_roles[role] then |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
45 -- Presence broadcast is now disabled, so mark existing user as unavailable |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
46 room:publicise_occupant_status(occupant, x, nil, nil, nil, nil, true); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
47 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
48 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
49 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
50 return true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
51 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
52 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
53 module:hook("muc-config-form", function(event) |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
54 local values = {}; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
55 for role, value in pairs(get_presence_broadcast(event.room)) do |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
56 if value then |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
57 values[#values + 1] = role; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
58 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
59 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
60 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
61 table.insert(event.form, { |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
62 name = "muc#roomconfig_presencebroadcast"; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
63 type = "list-multi"; |
|
10516
d3e6941546a8
MUC: Improve presence broadcast form field label
Matthew Wild <mwild1@gmail.com>
parents:
10353
diff
changeset
|
64 label = "Only show participants with roles:"; |
|
10353
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
65 value = values; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
66 options = valid_roles; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
67 }); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
68 end, 70-7); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
69 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
70 module:hook("muc-config-submitted/muc#roomconfig_presencebroadcast", function(event) |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
71 local broadcast_roles = {}; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
72 for _, role in ipairs(event.value) do |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
73 broadcast_roles[role] = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
74 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
75 if set_presence_broadcast(event.room, broadcast_roles) then |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
76 event.status_codes["104"] = true; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
77 end |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
78 end); |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
79 |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
80 return { |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
81 get = get_presence_broadcast; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
82 set = set_presence_broadcast; |
|
7b602e13c3b6
MUC: Add controls for whose presence is broadcast (closes #1335)
Lance Stout <lancestout@gmail.com>
parents:
diff
changeset
|
83 }; |
