prosody
a741183eec97
core/moduleapi.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Comparison

core/moduleapi.lua @ 12645:a741183eec97

core.moduleapi: Expand permission name ':' prefix earlier Ensures it applies to the context as string case Somehow this fixes everything
author Kim Alvefur <zash@zash.se>
date Wed, 15 Jun 2022 23:04:17 +0200
parent 12644:4262ce516e6c
child 12650:e08bf2ad67da
comparison
equal deleted inserted replaced
12644:4262ce516e6c 12645:a741183eec97
613 self:default_permission(role_name, permission); 613 self:default_permission(role_name, permission);
614 end 614 end
615 end 615 end
616 616
617 function api:may(action, context) 617 function api:may(action, context)
618 if action:byte(1) == 58 then -- action begins with ':'
619 action = self.name..action; -- prepend module name
620 end
618 if type(context) == "string" then -- check JID permissions 621 if type(context) == "string" then -- check JID permissions
619 local role; 622 local role;
620 local node, host = jid_split(context); 623 local node, host = jid_split(context);
621 if host == self.host then 624 if host == self.host then
622 role = hosts[host].authz.get_user_default_role(node); 625 role = hosts[host].authz.get_user_default_role(node);
636 639
637 local session = context.origin or context.session; 640 local session = context.origin or context.session;
638 if not session then 641 if not session then
639 error("Unable to identify actor session from context"); 642 error("Unable to identify actor session from context");
640 end 643 end
641 if action:byte(1) == 58 then -- action begins with ':'
642 action = self.name..action; -- prepend module name
643 end
644 if session.type == "s2sin" or (session.type == "c2s" and session.host ~= self.host) then 644 if session.type == "s2sin" or (session.type == "c2s" and session.host ~= self.host) then
645 local actor_jid = context.stanza.attr.from; 645 local actor_jid = context.stanza.attr.from;
646 local role = hosts[self.host].authz.get_jid_role(actor_jid); 646 local role = hosts[self.host].authz.get_jid_role(actor_jid);
647 if not role then 647 if not role then
648 self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action); 648 self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);