prosody
c0eea4f6c739
doc/stanza.txt
Software / code / prosody
File
doc/stanza.txt @ 12659:c0eea4f6c739
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 15 Aug 2022 15:25:07 +0100 |
| parent | 55:4edb942e9dff |
line wrap: on
line source
Structure of a stanza: stanza { --- properties --- tags -- array of tags --- static methods --- iq(attrs) -- --- read-only methods --- reply -- return new stanza with attributes of current stanza child_with_name(string name) -- return the first child of the current tag with the matching name --- write methods --- tag(name, sttrs) -- create a new child of the current tag, and set the child as current up() -- move to the parent of the current tag text(string) -- append a new text node to the current tag }
