Software /
code /
prosody
Comparison
plugins/mod_admin_shell.lua @ 13542:67288253d9a2
mod_admin_shell: Reject attempt to add or remove roles for unrelated hosts
The three-argument version seems to be a left-over from 0.12
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 01 Nov 2024 13:10:45 +0100 |
parent | 13540:cc67109ce502 |
child | 13561:d8f7a8a26965 |
comparison
equal
deleted
inserted
replaced
13541:3dc3781d02cd | 13542:67288253d9a2 |
---|---|
1783 if new_role == nil then host, new_role = userhost, host; end | 1783 if new_role == nil then host, new_role = userhost, host; end |
1784 if not prosody.hosts[host] then | 1784 if not prosody.hosts[host] then |
1785 return nil, "No such host: "..host; | 1785 return nil, "No such host: "..host; |
1786 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then | 1786 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then |
1787 return nil, "No such user"; | 1787 return nil, "No such user"; |
1788 elseif userhost ~= host then | |
1789 return nil, "Can't add roles outside users own host" | |
1788 end | 1790 end |
1789 return um.add_user_secondary_role(username, host, new_role); | 1791 return um.add_user_secondary_role(username, host, new_role); |
1790 end | 1792 end |
1791 | 1793 |
1792 describe_command [[user:delrole(jid, host, role) - Remove a secondary role from a user]] | 1794 describe_command [[user:delrole(jid, host, role) - Remove a secondary role from a user]] |
1795 if role_name == nil then host, role_name = userhost, host; end | 1797 if role_name == nil then host, role_name = userhost, host; end |
1796 if not prosody.hosts[host] then | 1798 if not prosody.hosts[host] then |
1797 return nil, "No such host: "..host; | 1799 return nil, "No such host: "..host; |
1798 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then | 1800 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then |
1799 return nil, "No such user"; | 1801 return nil, "No such user"; |
1802 elseif userhost ~= host then | |
1803 return nil, "Can't remove roles outside users own host" | |
1800 end | 1804 end |
1801 return um.remove_user_secondary_role(username, host, role_name); | 1805 return um.remove_user_secondary_role(username, host, role_name); |
1802 end | 1806 end |
1803 | 1807 |
1804 describe_command [[user:list(hostname, pattern) - List users on the specified host, optionally filtering with a pattern]] | 1808 describe_command [[user:list(hostname, pattern) - List users on the specified host, optionally filtering with a pattern]] |