prosody
4a8740e01813
plugins/adhoc/mod_adhoc.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

plugins/adhoc/mod_adhoc.lua @ 12802:4a8740e01813

Merge 0.12->trunk
author Kim Alvefur <zash@zash.se>
date Mon, 12 Dec 2022 07:10:54 +0100
parent 12642:9061f9621330
child 12977:74b9e05af71e
comparison
equal deleted inserted replaced
12801:ebd6b4d8bf04 12802:4a8740e01813
5 -- COPYING file in the source package for more information. 5 -- COPYING file in the source package for more information.
6 -- 6 --
7 7
8 local it = require "util.iterators"; 8 local it = require "util.iterators";
9 local st = require "util.stanza"; 9 local st = require "util.stanza";
10 local is_admin = require "core.usermanager".is_admin;
11 local jid_host = require "util.jid".host; 10 local jid_host = require "util.jid".host;
12 local adhoc_handle_cmd = module:require "adhoc".handle_cmd; 11 local adhoc_handle_cmd = module:require "adhoc".handle_cmd;
13 local xmlns_cmd = "http://jabber.org/protocol/commands"; 12 local xmlns_cmd = "http://jabber.org/protocol/commands";
14 local commands = {}; 13 local commands = {};
15 14
16 module:add_feature(xmlns_cmd); 15 module:add_feature(xmlns_cmd);
17 16
17 local function check_permissions(event, node, command)
18 return (command.permission == "check" and module:may("mod_adhoc:"..node, event))
19 or (command.permission == "local_user" and jid_host(event.stanza.attr.from) == module.host)
20 or (command.permission == "any");
21 end
22
18 module:hook("host-disco-info-node", function (event) 23 module:hook("host-disco-info-node", function (event)
19 local stanza, origin, reply, node = event.stanza, event.origin, event.reply, event.node; 24 local stanza, origin, reply, node = event.stanza, event.origin, event.reply, event.node;
20 if commands[node] then 25 if commands[node] then
21 local from = stanza.attr.from;
22 local privileged = is_admin(from, stanza.attr.to);
23 local global_admin = is_admin(from);
24 local hostname = jid_host(from);
25 local command = commands[node]; 26 local command = commands[node];
26 if (command.permission == "admin" and privileged) 27 if check_permissions(event, node, command) then
27 or (command.permission == "global_admin" and global_admin)
28 or (command.permission == "local_user" and hostname == module.host)
29 or (command.permission == "any") then
30 reply:tag("identity", { name = command.name, 28 reply:tag("identity", { name = command.name,
31 category = "automation", type = "command-node" }):up(); 29 category = "automation", type = "command-node" }):up();
32 reply:tag("feature", { var = xmlns_cmd }):up(); 30 reply:tag("feature", { var = xmlns_cmd }):up();
33 reply:tag("feature", { var = "jabber:x:data" }):up(); 31 reply:tag("feature", { var = "jabber:x:data" }):up();
34 event.exists = true; 32 event.exists = true;
42 event.exists = true; 40 event.exists = true;
43 end 41 end
44 end); 42 end);
45 43
46 module:hook("host-disco-items-node", function (event) 44 module:hook("host-disco-items-node", function (event)
47 local stanza, reply, disco_node = event.stanza, event.reply, event.node; 45 local reply, disco_node = event.reply, event.node;
48 if disco_node ~= xmlns_cmd then 46 if disco_node ~= xmlns_cmd then
49 return; 47 return;
50 end 48 end
51 49
52 local from = stanza.attr.from;
53 local admin = is_admin(from, stanza.attr.to);
54 local global_admin = is_admin(from);
55 local hostname = jid_host(from);
56 for node, command in it.sorted_pairs(commands) do 50 for node, command in it.sorted_pairs(commands) do
57 if (command.permission == "admin" and admin) 51 if check_permissions(event, node, command) then
58 or (command.permission == "global_admin" and global_admin)
59 or (command.permission == "local_user" and hostname == module.host)
60 or (command.permission == "any") then
61 reply:tag("item", { name = command.name, 52 reply:tag("item", { name = command.name,
62 node = node, jid = module:get_host() }); 53 node = node, jid = module:get_host() });
63 reply:up(); 54 reply:up();
64 end 55 end
65 end 56 end
69 module:hook("iq-set/host/"..xmlns_cmd..":command", function (event) 60 module:hook("iq-set/host/"..xmlns_cmd..":command", function (event)
70 local origin, stanza = event.origin, event.stanza; 61 local origin, stanza = event.origin, event.stanza;
71 local node = stanza.tags[1].attr.node 62 local node = stanza.tags[1].attr.node
72 local command = commands[node]; 63 local command = commands[node];
73 if command then 64 if command then
74 local from = stanza.attr.from; 65 if not check_permissions(event, node, command) then
75 local admin = is_admin(from, stanza.attr.to);
76 local global_admin = is_admin(from);
77 local hostname = jid_host(from);
78 if (command.permission == "admin" and not admin)
79 or (command.permission == "global_admin" and not global_admin)
80 or (command.permission == "local_user" and hostname ~= module.host) then
81 origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up() 66 origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up()
82 :add_child(commands[node]:cmdtag("canceled") 67 :add_child(command:cmdtag("canceled")
83 :tag("note", {type="error"}):text("You don't have permission to execute this command"))); 68 :tag("note", {type="error"}):text("You don't have permission to execute this command")));
84 return true 69 return true
85 end 70 end
86 -- User has permission now execute the command 71 -- User has permission now execute the command
87 adhoc_handle_cmd(commands[node], origin, stanza); 72 adhoc_handle_cmd(command, origin, stanza);
88 return true; 73 return true;
89 end 74 end
90 end, 500); 75 end, 500);
91 76
92 local function adhoc_added(event) 77 local function adhoc_added(event)