prosody
210a785dfa8a
plugins/mod_mam/mod_mam.lua
Software / code / prosody
Comparison
plugins/mod_mam/mod_mam.lua @ 11875:210a785dfa8a
mod_mam: Use util.dataforms timestamp validation
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 26 Oct 2021 13:31:40 +0200 |
| parent | 11819:f590e3c51eff |
| child | 11968:6e1af07921d1 |
comparison
equal
deleted
inserted
replaced
| 11874:84f4c6957d62 | 11875:210a785dfa8a |
|---|---|
| 33 | 33 |
| 34 local is_stanza = st.is_stanza; | 34 local is_stanza = st.is_stanza; |
| 35 local tostring = tostring; | 35 local tostring = tostring; |
| 36 local time_now = os.time; | 36 local time_now = os.time; |
| 37 local m_min = math.min; | 37 local m_min = math.min; |
| 38 local timestamp, timestamp_parse, datestamp = import( "util.datetime", "datetime", "parse", "date"); | 38 local timestamp, datestamp = import( "util.datetime", "datetime", "date"); |
| 39 local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50); | 39 local default_max_items, max_max_items = 20, module:get_option_number("max_archive_query_results", 50); |
| 40 local strip_tags = module:get_option_set("dont_archive_namespaces", { "http://jabber.org/protocol/chatstates" }); | 40 local strip_tags = module:get_option_set("dont_archive_namespaces", { "http://jabber.org/protocol/chatstates" }); |
| 41 | 41 |
| 42 local archive_store = module:get_option_string("archive_store", "archive"); | 42 local archive_store = module:get_option_string("archive_store", "archive"); |
| 43 local archive = module:open_store(archive_store, "archive"); | 43 local archive = module:open_store(archive_store, "archive"); |
| 75 origin.send(reply); | 75 origin.send(reply); |
| 76 return true; | 76 return true; |
| 77 end); | 77 end); |
| 78 | 78 |
| 79 local query_form = dataform { | 79 local query_form = dataform { |
| 80 { name = "FORM_TYPE"; type = "hidden"; value = xmlns_mam; }; | 80 { name = "FORM_TYPE"; type = "hidden"; value = xmlns_mam }; |
| 81 { name = "with"; type = "jid-single"; }; | 81 { name = "with"; type = "jid-single" }; |
| 82 { name = "start"; type = "text-single" }; | 82 { name = "start"; type = "text-single"; datatype = "xs:dateTime" }; |
| 83 { name = "end"; type = "text-single"; }; | 83 { name = "end"; type = "text-single"; datatype = "xs:dateTime" }; |
| 84 }; | 84 }; |
| 85 | 85 |
| 86 if archive.caps and archive.caps.full_id_range then | 86 if archive.caps and archive.caps.full_id_range then |
| 87 table.insert(query_form, { name = "before-id"; type = "text-single"; }); | 87 table.insert(query_form, { name = "before-id"; type = "text-single"; }); |
| 88 table.insert(query_form, { name = "after-id"; type = "text-single"; }); | 88 table.insert(query_form, { name = "after-id"; type = "text-single"; }); |
| 130 end | 130 end |
| 131 qwith, qstart, qend = form["with"], form["start"], form["end"]; | 131 qwith, qstart, qend = form["with"], form["start"], form["end"]; |
| 132 qbefore, qafter = form["before-id"], form["after-id"]; | 132 qbefore, qafter = form["before-id"], form["after-id"]; |
| 133 qids = form["ids"]; | 133 qids = form["ids"]; |
| 134 qwith = qwith and jid_bare(qwith); -- dataforms does jidprep | 134 qwith = qwith and jid_bare(qwith); -- dataforms does jidprep |
| 135 end | |
| 136 | |
| 137 if qstart or qend then -- Validate timestamps | |
| 138 local vstart, vend = (qstart and timestamp_parse(qstart)), (qend and timestamp_parse(qend)); | |
| 139 if (qstart and not vstart) or (qend and not vend) then | |
| 140 origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid timestamp")) | |
| 141 return true; | |
| 142 end | |
| 143 qstart, qend = vstart, vend; | |
| 144 end | 135 end |
| 145 | 136 |
| 146 -- RSM stuff | 137 -- RSM stuff |
| 147 local qset = rsm.get(query); | 138 local qset = rsm.get(query); |
| 148 local qmax = m_min(qset and qset.max or default_max_items, max_max_items); | 139 local qmax = m_min(qset and qset.max or default_max_items, max_max_items); |
