File

HACKERS @ 12658:7ca5645f46cd

usermanager: Remove concept of global authz provider Rationale: - Removes a bunch of code! - We don't have many cases where an actor is not bound to one of our hosts - A notable exception is the admin shell, but if we ever attempt to lock those sessions down, there is a load of other work that also has to be done. And it's not clear if we would need a global authz provider for that anyway. - Removes an extra edge case from the necessary mental model for operators - Sessions that aren't bound to a host generally are anonymous or have an alternative auth model (such as by IP addres). - With the encapsulation now provided by util.roles, ad-hoc "detached roles" can still be created anyway by code that needs them.
author Matthew Wild <mwild1@gmail.com>
date Fri, 12 Aug 2022 16:21:57 +0100
parent 9858:54147de1d1b1
line wrap: on
line source

Welcome hackers!

This project accepts and *encourages* contributions. If you would like to get 
involved you can join us on our mailing list and discussion rooms. More 
information on these at https://prosody.im/discuss

Patches are welcome, though before sending we would appreciate if you read 
docs/coding_style.md for guidelines on how to format your code, and other tips.

Documentation for developers can be found at https://prosody.im/doc/developers

Have fun :)