prosody
7ca5645f46cd
plugins/muc/lock.lib.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

plugins/muc/lock.lib.lua @ 12658:7ca5645f46cd

usermanager: Remove concept of global authz provider Rationale: - Removes a bunch of code! - We don't have many cases where an actor is not bound to one of our hosts - A notable exception is the admin shell, but if we ever attempt to lock those sessions down, there is a load of other work that also has to be done. And it's not clear if we would need a global authz provider for that anyway. - Removes an extra edge case from the necessary mental model for operators - Sessions that aren't bound to a host generally are anonymous or have an alternative auth model (such as by IP addres). - With the encapsulation now provided by util.roles, ad-hoc "detached roles" can still be created anyway by code that needs them.
author Matthew Wild <mwild1@gmail.com>
date Fri, 12 Aug 2022 16:21:57 +0100
parent 10450:c1edeb9fe337
child 12977:74b9e05af71e
line wrap: on
line source

-- Prosody IM
-- Copyright (C) 2008-2010 Matthew Wild
-- Copyright (C) 2008-2010 Waqas Hussain
-- Copyright (C) 2014 Daurnimator
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--

local st = require "util.stanza";

local lock_rooms = module:get_option_boolean("muc_room_locking", true);
local lock_room_timeout = module:get_option_number("muc_room_lock_timeout", 300);

local function lock(room)
	module:fire_event("muc-room-locked", {room = room;});
	room._data.locked = os.time() + lock_room_timeout;
end
local function unlock(room)
	module:fire_event("muc-room-unlocked", {room = room;});
	room._data.locked = nil;
end
local function is_locked(room)
	local ts = room._data.locked;
	if ts then
		if os.time() < ts then return true; end
		unlock(room);
	end
	return false;
end

if lock_rooms then
	module:hook("muc-room-pre-create", function(event)
		-- Older groupchat protocol doesn't lock
		if not event.stanza:get_child("x", "http://jabber.org/protocol/muc") then return end
		-- Lock room at creation
		local room = event.room;
		lock(room);
	end, 10);
end

-- Don't let users into room while it is locked
module:hook("muc-occupant-pre-join", function(event)
	if not event.is_new_room and is_locked(event.room) then -- Deny entry
		module:log("debug", "Room is locked, denying entry");
		event.origin.send(st.error_reply(event.stanza, "cancel", "item-not-found", nil, module.host));
		return true;
	end
end, -30);

-- When config is submitted; unlock the room
module:hook("muc-config-submitted", function(event)
	if is_locked(event.room) then
		unlock(event.room);
	end
end, -1);

return {
	lock = lock;
	unlock = unlock;
	is_locked = is_locked;
};