prosody
bf4cd327966f
plugins/mod_admin_shell.lua
Software / code / prosody
Comparison
plugins/mod_admin_shell.lua @ 13831:bf4cd327966f
Merge 13.0->trunk
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Wed, 09 Apr 2025 10:59:28 +0100 |
| parent | 13828:a071b20ccc0f |
| child | 13869:f44f2a8a8c37 |
comparison
equal
deleted
inserted
replaced
| 13826:53eb500b19a4 | 13831:bf4cd327966f |
|---|---|
| 136 prosody:guest - Guest/anonymous user | 136 prosody:guest - Guest/anonymous user |
| 137 prosody:registered - Registered user | 137 prosody:registered - Registered user |
| 138 prosody:member - Provisioned user | 138 prosody:member - Provisioned user |
| 139 prosody:admin - Host administrator | 139 prosody:admin - Host administrator |
| 140 prosody:operator - Server administrator | 140 prosody:operator - Server administrator |
| 141 | |
| 142 To view roles and policies, see the commands in 'help role'. | |
| 141 | 143 |
| 142 Roles can be assigned using the user management commands (see 'help user'). | 144 Roles can be assigned using the user management commands (see 'help user'). |
| 143 ]]; | 145 ]]; |
| 144 | 146 |
| 145 | 147 |
| 2456 print(""); | 2458 print(""); |
| 2457 | 2459 |
| 2458 return true, ("Showing %d certificates in %s"):format(c, path); | 2460 return true, ("Showing %d certificates in %s"):format(c, path); |
| 2459 end | 2461 end |
| 2460 | 2462 |
| 2463 def_env.role = new_section("Role and access management"); | |
| 2464 | |
| 2465 describe_command [[role:list(host) - List known roles]] | |
| 2466 function def_env.role:list(host) | |
| 2467 if not host then | |
| 2468 return nil, "Specify which host to list roles for"; | |
| 2469 end | |
| 2470 local role_list = {}; | |
| 2471 for _, role in it.sorted_pairs(um.get_all_roles(host)) do | |
| 2472 table.insert(role_list, role); | |
| 2473 end | |
| 2474 table.sort(role_list, function (a, b) | |
| 2475 if a.priority ~= b.priority then | |
| 2476 return (a.priority or 0) > (b.priority or 0); | |
| 2477 end | |
| 2478 return a.name < b.name; | |
| 2479 end); | |
| 2480 for _, role in ipairs(role_list) do | |
| 2481 self.session.print(role.name); | |
| 2482 end | |
| 2483 return true, ("Showing %d roles on %s"):format(#role_list, host); | |
| 2484 end | |
| 2485 | |
| 2486 describe_command [[role:show(host, role_name) - Show information about a role]] | |
| 2487 function def_env.role:show(host, role_name) | |
| 2488 if not host or not role_name then | |
| 2489 return nil, "Specify the host and role to show"; | |
| 2490 end | |
| 2491 | |
| 2492 local print = self.session.print; | |
| 2493 local role = um.get_role_by_name(role_name, host); | |
| 2494 | |
| 2495 if not role then | |
| 2496 return nil, ("Unable to find role %s on host %s"):format(role_name, host); | |
| 2497 end | |
| 2498 | |
| 2499 local inherits = {}; | |
| 2500 for _, inherited_role in ipairs(role.inherits or {}) do | |
| 2501 table.insert(inherits, inherited_role.name); | |
| 2502 end | |
| 2503 | |
| 2504 local permissions = {}; | |
| 2505 for permission, is_allowed in role:policies() do | |
| 2506 permissions[permission] = is_allowed and "allowed" or "denied"; | |
| 2507 end | |
| 2508 | |
| 2509 print("Name: ", role.name); | |
| 2510 print("Inherits:", table.concat(inherits, ", ")); | |
| 2511 print("Policies:"); | |
| 2512 local c = 0; | |
| 2513 for permission, policy in it.sorted_pairs(permissions) do | |
| 2514 c = c + 1; | |
| 2515 print(" ["..(policy == "allowed" and "+" or " ").."] " .. permission); | |
| 2516 end | |
| 2517 print(""); | |
| 2518 return true, ("Showing role %s with %d policies"):format(role.name, c); | |
| 2519 end | |
| 2520 | |
| 2461 def_env.stats = new_section("Commands to show internal statistics"); | 2521 def_env.stats = new_section("Commands to show internal statistics"); |
| 2462 | 2522 |
| 2463 local short_units = { | 2523 local short_units = { |
| 2464 seconds = "s", | 2524 seconds = "s", |
| 2465 bytes = "B", | 2525 bytes = "B", |
