Software `/` code `/` prosody

Comparison

plugins/mod_admin_adhoc.lua @ 11632:21a1b9fb08a1

mod_admin_adhoc: Delete "Get User Password" command This doesn't really make sense today. It doesn't even work with mod_auth_internal_hashed, which should be the default. And even with a supporting authentication module, why would we just hand out the password? One use case may be to recover a forgotten password. While not yet included with Prosody, there are better ways to handle forgotten passwords, usually by resetting them to a new password.

author	Kim Alvefur <zash@zash.se>
date	Sun, 27 Jun 2021 21:51:21 +0200
parent	10543:46b456ed12bd
child	11633:77e38ea34d82

comparison

equal deleted inserted replaced

-:6641ca266d94
+:21a1b9fb08a1
 local keys = require "util.iterators".keys;
 local usermanager_user_exists = require "core.usermanager".user_exists;
 local usermanager_create_user = require "core.usermanager".create_user;
 local usermanager_delete_user = require "core.usermanager".delete_user;
-local usermanager_get_password = require "core.usermanager".get_password;
 local usermanager_set_password = require "core.usermanager".set_password;
 local hostmanager_activate = require "core.hostmanager".activate;
 local hostmanager_deactivate = require "core.hostmanager".deactivate;
 local rm_load_roster = require "core.rostermanager".load_roster;
 local st, jid = require "util.stanza", require "util.jid";
 	end
 	return {status = "completed", info = (#succeeded ~= 0 and
 		"The following accounts were successfully disconnected:\n"..t_concat(succeeded, "\n").."\n" or "")..
 		(#failed ~= 0 and
 		"The following accounts could not be disconnected:\n"..t_concat(failed, "\n") or "") };
-end);
--- Getting a user's password
-local get_user_password_layout = dataforms_new{
-	title = "Getting User's Password";
-	instructions = "Fill out this form to get a user's password.";
-	{ name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
-	{ name = "accountjid", type = "jid-single", required = true, label = "The Jabber ID for which to retrieve the password" };
-};
-local get_user_password_result_layout = dataforms_new{
-	{ name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
-	{ name = "accountjid", type = "jid-single", label = "JID" };
-	{ name = "password", type = "text-single", label = "Password" };
-};
-local get_user_password_handler = adhoc_simple(get_user_password_layout, function(fields, err)
-	if err then
-		return generate_error_message(err);
-	end
-	local user, host = jid.split(fields.accountjid);
-	local accountjid;
-	local password;
-	if host ~= module_host then
-		return { status = "completed", error = { message = "Tried to get password for a user on " .. host .. " but command was sent to " .. module_host } };
-	elseif usermanager_user_exists(user, host) then
-		accountjid = fields.accountjid;
-		password = usermanager_get_password(user, host);
-	else
-		return { status = "completed", error = { message = "User does not exist" } };
-	end
-	return { status = "completed", result = { layout = get_user_password_result_layout, values = {accountjid = accountjid, password = password} } };
 end);
 -- Getting a user's roster
 local get_user_roster_layout = dataforms_new{
 	{ name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
 local add_user_desc = adhoc_new("Add User", "http://jabber.org/protocol/admin#add-user", add_user_command_handler, "admin");
 local change_user_password_desc = adhoc_new("Change User Password", "http://jabber.org/protocol/admin#change-user-password", change_user_password_command_handler, "admin");
 local config_reload_desc = adhoc_new("Reload configuration", "http://prosody.im/protocol/config#reload", config_reload_handler, "global_admin");
 local delete_user_desc = adhoc_new("Delete User", "http://jabber.org/protocol/admin#delete-user", delete_user_command_handler, "admin");
 local end_user_session_desc = adhoc_new("End User Session", "http://jabber.org/protocol/admin#end-user-session", end_user_session_handler, "admin");
-local get_user_password_desc = adhoc_new("Get User Password", "http://jabber.org/protocol/admin#get-user-password", get_user_password_handler, "admin");
 local get_user_roster_desc = adhoc_new("Get User Roster","http://jabber.org/protocol/admin#get-user-roster", get_user_roster_handler, "admin");
 local get_user_stats_desc = adhoc_new("Get User Statistics","http://jabber.org/protocol/admin#user-stats", get_user_stats_handler, "admin");
 local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users-list", get_online_users_command_handler, "admin");
 local list_s2s_this_desc = adhoc_new("List S2S connections", "http://prosody.im/protocol/s2s#list", list_s2s_this_handler, "admin");
 local list_modules_desc = adhoc_new("List loaded modules", "http://prosody.im/protocol/modules#list", list_modules_handler, "admin");
 module:provides("adhoc", add_user_desc);
 module:provides("adhoc", change_user_password_desc);
 module:provides("adhoc", config_reload_desc);
 module:provides("adhoc", delete_user_desc);
 module:provides("adhoc", end_user_session_desc);
-module:provides("adhoc", get_user_password_desc);
 module:provides("adhoc", get_user_roster_desc);
 module:provides("adhoc", get_user_stats_desc);
 module:provides("adhoc", get_online_users_desc);
 module:provides("adhoc", list_s2s_this_desc);
 module:provides("adhoc", list_modules_desc);

prosody

21a1b9fb08a1

plugins/mod_admin_adhoc.lua

Software / code / prosody

Comparison

plugins/mod_admin_adhoc.lua @ 11632:21a1b9fb08a1

Software `/` code `/` prosody