Annotate

plugins/muc/lock.lib.lua @ 12995:e385f3a06673

moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
author Matthew Wild <mwild1@gmail.com>
date Sun, 26 Mar 2023 14:06:04 +0100
parent 12977:74b9e05af71e
child 13209:c8d949cf6b09
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
1 -- Prosody IM
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
2 -- Copyright (C) 2008-2010 Matthew Wild
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
3 -- Copyright (C) 2008-2010 Waqas Hussain
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
4 -- Copyright (C) 2014 Daurnimator
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
5 --
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
6 -- This project is MIT/X11 licensed. Please see the
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
7 -- COPYING file in the source package for more information.
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
8 --
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
9
12977
74b9e05af71e plugins: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 10450
diff changeset
10 local st = require "prosody.util.stanza";
6329
6b3eb1611587 mod_muc: Import util.stanza into the config handler modules that need it. Fixes #432.
Matthew Wild <mwild1@gmail.com>
parents: 6242
diff changeset
11
8866
2c60ae791bdc MUC: Enable room locking by default to gather feedback (#328)
Kim Alvefur <zash@zash.se>
parents: 8566
diff changeset
12 local lock_rooms = module:get_option_boolean("muc_room_locking", true);
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
13 local lock_room_timeout = module:get_option_number("muc_room_lock_timeout", 300);
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
14
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
15 local function lock(room)
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
16 module:fire_event("muc-room-locked", {room = room;});
7408
cf53081ce767 MUC: Use a timestamp to keep track of when to unlock room instead of a timer (so timer does not unlock an evicted room)
Kim Alvefur <zash@zash.se>
parents: 7407
diff changeset
17 room._data.locked = os.time() + lock_room_timeout;
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
18 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
19 local function unlock(room)
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
20 module:fire_event("muc-room-unlocked", {room = room;});
7407
e465b584547b MUC: Move the locked flag into persisted data (so not to lose it on eviction)
Kim Alvefur <zash@zash.se>
parents: 6329
diff changeset
21 room._data.locked = nil;
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
22 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
23 local function is_locked(room)
8565
301e5b82b4d8 MUC/lock: Remove redundant fallback value
Kim Alvefur <zash@zash.se>
parents: 7999
diff changeset
24 local ts = room._data.locked;
7408
cf53081ce767 MUC: Use a timestamp to keep track of when to unlock room instead of a timer (so timer does not unlock an evicted room)
Kim Alvefur <zash@zash.se>
parents: 7407
diff changeset
25 if ts then
8566
8ea66e42a27b MUC/lock: Fix locking timeout to account for the direction of time
Kim Alvefur <zash@zash.se>
parents: 8565
diff changeset
26 if os.time() < ts then return true; end
7408
cf53081ce767 MUC: Use a timestamp to keep track of when to unlock room instead of a timer (so timer does not unlock an evicted room)
Kim Alvefur <zash@zash.se>
parents: 7407
diff changeset
27 unlock(room);
cf53081ce767 MUC: Use a timestamp to keep track of when to unlock room instead of a timer (so timer does not unlock an evicted room)
Kim Alvefur <zash@zash.se>
parents: 7407
diff changeset
28 end
cf53081ce767 MUC: Use a timestamp to keep track of when to unlock room instead of a timer (so timer does not unlock an evicted room)
Kim Alvefur <zash@zash.se>
parents: 7407
diff changeset
29 return false;
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
30 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
31
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
32 if lock_rooms then
6242
67efeadd9e77 plugins/muc/lock.lib: lock inside of pre-create instead of 'created'
daurnimator <quae@daurnimator.com>
parents: 6207
diff changeset
33 module:hook("muc-room-pre-create", function(event)
67efeadd9e77 plugins/muc/lock.lib: lock inside of pre-create instead of 'created'
daurnimator <quae@daurnimator.com>
parents: 6207
diff changeset
34 -- Older groupchat protocol doesn't lock
67efeadd9e77 plugins/muc/lock.lib: lock inside of pre-create instead of 'created'
daurnimator <quae@daurnimator.com>
parents: 6207
diff changeset
35 if not event.stanza:get_child("x", "http://jabber.org/protocol/muc") then return end
67efeadd9e77 plugins/muc/lock.lib: lock inside of pre-create instead of 'created'
daurnimator <quae@daurnimator.com>
parents: 6207
diff changeset
36 -- Lock room at creation
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
37 local room = event.room;
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
38 lock(room);
6242
67efeadd9e77 plugins/muc/lock.lib: lock inside of pre-create instead of 'created'
daurnimator <quae@daurnimator.com>
parents: 6207
diff changeset
39 end, 10);
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
40 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
41
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
42 -- Don't let users into room while it is locked
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
43 module:hook("muc-occupant-pre-join", function(event)
6207
a5928fdeaf97 plugins/muc/lock.lib: Need to let creator into the locked room :)
daurnimator <quae@daurnimator.com>
parents: 6206
diff changeset
44 if not event.is_new_room and is_locked(event.room) then -- Deny entry
7999
980606856882 Merge 0.10->trunk
Kim Alvefur <zash@zash.se>
parents: 7408
diff changeset
45 module:log("debug", "Room is locked, denying entry");
10450
c1edeb9fe337 MUC: Indicate the component as origin of various errors where there's no room
Kim Alvefur <zash@zash.se>
parents: 8866
diff changeset
46 event.origin.send(st.error_reply(event.stanza, "cancel", "item-not-found", nil, module.host));
6206
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
47 return true;
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
48 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
49 end, -30);
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
50
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
51 -- When config is submitted; unlock the room
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
52 module:hook("muc-config-submitted", function(event)
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
53 if is_locked(event.room) then
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
54 unlock(event.room);
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
55 end
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
56 end, -1);
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
57
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
58 return {
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
59 lock = lock;
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
60 unlock = unlock;
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
61 is_locked = is_locked;
f937bb5c83c3 plugins/muc: Move locking to seperate module
daurnimator <quae@daurnimator.com>
parents:
diff changeset
62 };