Software /
code /
prosody
File
COPYING @ 12659:c0eea4f6c739
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Mon, 15 Aug 2022 15:25:07 +0100 |
parent | 12354:3ce3633527af |
line wrap: on
line source
All source code in this project is released under the below MIT license. Some components are not authored by the Prosody maintainers, but such code is itself either released under a MIT license or declared public domain. --- Copyright (C) 2008-2022 Matthew Wild Copyright (C) 2008-2020 Waqas Hussain Copyright (C) 2010-2022 Kim Alvefur Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. --- util-src/encodings.c: Parts included from Lua 5.3. Copyright (C) 1994-2015 Lua.org, PUC-Rio. util-src/signal.c: Copyright (C) 2007 Patrick J. Donnelly (batrick@batbytes.com) See full copyright notice in the source file. util-src/struct.c: Copyright (C) 2010-2018 Lua.org, PUC-Rio. All rights reserved. See full copyright notice in the source file. net/dns.lua: public domain 20080404 lua@ztact.com