prosody
67288253d9a2
plugins/mod_admin_shell.lua
Software / code / prosody
Comparison
plugins/mod_admin_shell.lua @ 13542:67288253d9a2
mod_admin_shell: Reject attempt to add or remove roles for unrelated hosts
The three-argument version seems to be a left-over from 0.12
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 01 Nov 2024 13:10:45 +0100 |
| parent | 13540:cc67109ce502 |
| child | 13561:d8f7a8a26965 |
comparison
equal
deleted
inserted
replaced
| 13541:3dc3781d02cd | 13542:67288253d9a2 |
|---|---|
| 1783 if new_role == nil then host, new_role = userhost, host; end | 1783 if new_role == nil then host, new_role = userhost, host; end |
| 1784 if not prosody.hosts[host] then | 1784 if not prosody.hosts[host] then |
| 1785 return nil, "No such host: "..host; | 1785 return nil, "No such host: "..host; |
| 1786 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then | 1786 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then |
| 1787 return nil, "No such user"; | 1787 return nil, "No such user"; |
| 1788 elseif userhost ~= host then | |
| 1789 return nil, "Can't add roles outside users own host" | |
| 1788 end | 1790 end |
| 1789 return um.add_user_secondary_role(username, host, new_role); | 1791 return um.add_user_secondary_role(username, host, new_role); |
| 1790 end | 1792 end |
| 1791 | 1793 |
| 1792 describe_command [[user:delrole(jid, host, role) - Remove a secondary role from a user]] | 1794 describe_command [[user:delrole(jid, host, role) - Remove a secondary role from a user]] |
| 1795 if role_name == nil then host, role_name = userhost, host; end | 1797 if role_name == nil then host, role_name = userhost, host; end |
| 1796 if not prosody.hosts[host] then | 1798 if not prosody.hosts[host] then |
| 1797 return nil, "No such host: "..host; | 1799 return nil, "No such host: "..host; |
| 1798 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then | 1800 elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then |
| 1799 return nil, "No such user"; | 1801 return nil, "No such user"; |
| 1802 elseif userhost ~= host then | |
| 1803 return nil, "Can't remove roles outside users own host" | |
| 1800 end | 1804 end |
| 1801 return um.remove_user_secondary_role(username, host, role_name); | 1805 return um.remove_user_secondary_role(username, host, role_name); |
| 1802 end | 1806 end |
| 1803 | 1807 |
| 1804 describe_command [[user:list(hostname, pattern) - List users on the specified host, optionally filtering with a pattern]] | 1808 describe_command [[user:list(hostname, pattern) - List users on the specified host, optionally filtering with a pattern]] |
