prosody
5625da6ae6b6
core/moduleapi.lua
Software / code / prosody
Comparison
core/moduleapi.lua @ 12994:5625da6ae6b6
moduleapi: may: Fail early if a local session has no role assigned
We expect every session to explicitly have a role assigned. Falling back to
any kind of "default" role (even the user's default role) in the absence of
an explicit role could open up the possibility of accidental privilege
escalation.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 25 Mar 2023 19:38:41 +0000 |
| parent | 12972:ead41e25ebc0 |
| child | 12995:e385f3a06673 |
comparison
equal
deleted
inserted
replaced
| 12993:623fbb5f9b05 | 12994:5625da6ae6b6 |
|---|---|
| 651 | 651 |
| 652 local session = context.origin or context.session; | 652 local session = context.origin or context.session; |
| 653 if type(session) ~= "table" then | 653 if type(session) ~= "table" then |
| 654 error("Unable to identify actor session from context"); | 654 error("Unable to identify actor session from context"); |
| 655 end | 655 end |
| 656 if session.role and session.type == "c2s" and session.host == self.host then | 656 if session.type == "c2s" and session.host == self.host then |
| 657 local permit = session.role:may(action, context); | 657 local role = session.role; |
| 658 if not role then | |
| 659 self:log("warn", "Access denied: session %s has no role assigned"); | |
| 660 return false; | |
| 661 end | |
| 662 local permit = role:may(action, context); | |
| 658 if not permit then | 663 if not permit then |
| 659 self:log("debug", "Access denied: session %s (%s) may not %s (not permitted by role %s)", | 664 self:log("debug", "Access denied: session %s (%s) may not %s (not permitted by role %s)", |
| 660 session.id, session.full_jid, action, session.role.name | 665 session.id, session.full_jid, action, role.name |
| 661 ); | 666 ); |
| 662 end | 667 end |
| 663 return permit; | 668 return permit; |
| 664 else | 669 else |
| 665 local actor_jid = context.stanza.attr.from; | 670 local actor_jid = context.stanza.attr.from; |
