prosody
fdb2e0568cf8
util/session.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

util/session.lua @ 13587:fdb2e0568cf8

mod_authz_internal: Make 'prosody:guest' default role for all unknown JIDs This fixes an issue where e.g. remote users or even other users on the server were unable to list MUC rooms. We want to define a permission to list MUC rooms, but we want it to be available to everyone by default (the traditional behaviour). prosody:guest is the lowest role we have. I ran a quick check and it isn't really used for anything right now that would be concerning. It was originally designed for anonymous logins. I think it's safe to treat remote JIDs as equivalent, since we have no trust relationship with anonymous users either.
author Matthew Wild <mwild1@gmail.com>
date Tue, 07 Jan 2025 14:41:32 +0000
parent 13165:9c13c11b199d
line wrap: on
line source

local initialize_filters = require "prosody.util.filters".initialize;
local time = require "prosody.util.time";
local logger = require "prosody.util.logger";

local function new_session(typ)
	local session = {
		type = typ .. "_unauthed";
		base_type = typ;
		since = time.now();
	};
	return session;
end

local function set_id(session)
	local id = session.base_type .. tostring(session):match("%x+$"):lower();
	session.id = id;
	return session;
end

local function set_logger(session)
	local log = logger.init(session.id);
	session.log = log;
	return session;
end

local function set_conn(session, conn)
	session.conn = conn;
	session.ip = conn:ip();
	return session;
end

local function set_send(session)
	local conn = session.conn;
	if not conn then
		function session.send(data)
			session.log("debug", "Discarding data sent to unconnected session: %s", data);
			return false;
		end
		return session;
	end
	local filter = initialize_filters(session);
	local w = conn.write;
	session.send = function (t)
		if t.name then
			t = filter("stanzas/out", t);
		end
		if t then
			t = filter("bytes/out", tostring(t));
			if t then
				local ret, err = w(conn, t);
				if not ret then
					session.log("debug", "Error writing to connection: %s", err);
					return false, err;
				end
			end
		end
		return true;
	end
	return session;
end

local function set_role(session, role)
	session.role = role;
end

return {
	new = new_session;

	set_id = set_id;
	set_logger = set_logger;
	set_conn = set_conn;
	set_send = set_send;
	set_role = set_role;
}