prosody
082c7d856e61
plugins/mod_admin_shell.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

plugins/mod_admin_shell.lua @ 13170:082c7d856e61

core, plugins: Split prosody:user role into prosody:{guest,registered,member} This gives us more granular control over different types of user account. Accounts registered by IBR get assigned prosody:registered by default, while accounts provisioned by an admin (e.g. via prosodyctl shell) will receive prosody:member by default.
author Matthew Wild <mwild1@gmail.com>
date Thu, 29 Jun 2023 15:36:13 +0100
parent 13132:5bfcfd12c423
line wrap: on
line diff
--- a/plugins/mod_admin_shell.lua	Thu Jun 29 15:31:46 2023 +0100
+++ b/plugins/mod_admin_shell.lua	Thu Jun 29 15:36:13 2023 +0100
@@ -282,8 +282,10 @@
 	elseif section == "roles" then
 		print [[Roles may grant access or restrict users from certain operations]]
 		print [[Built-in roles are:]]
-		print [[  prosody:user     - Normal user (default)]]
-		print [[  prosody:admin    - Host administrator]]
+		print [[  prosody:guest      - Guest/anonymous user]]
+		print [[  prosody:registered - Registered user]]
+		print [[  prosody:member     - Provisioned user]]
+		print [[  prosody:admin      - Host administrator]]
 		print [[  prosody:operator - Server administrator]]
 		print [[]]
 		print [[Roles can be assigned using the user management commands (see 'help user').]]
@@ -1582,36 +1584,16 @@
 		return nil, "User exists";
 	end
 
-	if role then
-		local ok, err = um.create_user(username, nil, host);
-		if not ok then
-			return nil, "Could not create user: "..err;
-		end
-
-		local role_ok, rerr = um.set_user_role(jid, host, role);
-		if not role_ok then
-			return nil, "Could not set role: " .. tostring(rerr);
-		end
-
-		if password then
-			local ok, err = um.set_password(username, password, host, nil);
-			if not ok then
-				return nil, "Could not set password for user: "..err;
-			end
-
-			local ok, err = um.enable_user(username, host);
-			if not ok and err ~= "method not implemented" then
-				return nil, "Could not enable user: "..err;
-			end
-		end
-	else
-		local ok, err = um.create_user(username, password, host);
-		if not ok then
-			return nil, "Could not create user: "..err;
-		end
+	if not role then
+		role = module:get_option_string("default_provisioned_role", "prosody:member");
 	end
 
-	return true, "User created";
+	local ok, err = um.create_user_with_role(username, password, host, role);
+	if not ok then
+		return nil, "Could not create user: "..err;
+	end
+
+	return true, ("Created %s with role '%s'"):format(jid, role);
 end
 
 function def_env.user:disable(jid)