Changeset

5762:785da1854eb9

mod_adhoc: Add local_user permission
author Florian Zeitz <florob@babelmonkeys.de>
date Wed, 24 Jul 2013 23:30:32 +0200
parents 5761:91f8cd53584c
children 5763:0e52f1d5ca71
files plugins/adhoc/mod_adhoc.lua
diffstat 1 files changed, 20 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/adhoc/mod_adhoc.lua	Wed Jul 24 22:58:44 2013 +0200
+++ b/plugins/adhoc/mod_adhoc.lua	Wed Jul 24 23:30:32 2013 +0200
@@ -9,6 +9,7 @@
 local keys = require "util.iterators".keys;
 local array_collect = require "util.array".collect;
 local is_admin = require "core.usermanager".is_admin;
+local jid_split = require "util.jid".split;
 local adhoc_handle_cmd = module:require "adhoc".handle_cmd;
 local xmlns_cmd = "http://jabber.org/protocol/commands";
 local commands = {};
@@ -18,11 +19,14 @@
 module:hook("host-disco-info-node", function (event)
 	local stanza, origin, reply, node = event.stanza, event.origin, event.reply, event.node;
 	if commands[node] then
-		local privileged = is_admin(stanza.attr.from, stanza.attr.to);
-		local global_admin = is_admin(stanza.attr.from);
+		local from = stanza.attr.from;
+		local privileged = is_admin(from, stanza.attr.to);
+		local global_admin = is_admin(from);
+		local username, hostname = jid_split(from);
 		local command = commands[node];
 		if (command.permission == "admin" and privileged)
 		    or (command.permission == "global_admin" and global_admin)
+		    or (command.permission == "local_user" and hostname == module.host)
 		    or (command.permission == "user") then
 			reply:tag("identity", { name = command.name,
 			    category = "automation", type = "command-node" }):up();
@@ -45,13 +49,16 @@
 		return;
 	end
 
-	local admin = is_admin(stanza.attr.from, stanza.attr.to);
-	local global_admin = is_admin(stanza.attr.from);
+	local from = stanza.attr.from;
+	local admin = is_admin(from, stanza.attr.to);
+	local global_admin = is_admin(from);
+	local username, hostname = jid_split(from);
 	local nodes = array_collect(keys(commands)):sort();
 	for _, node in ipairs(nodes) do
 		local command = commands[node];
 		if (command.permission == "admin" and admin)
 		    or (command.permission == "global_admin" and global_admin)
+		    or (command.permission == "local_user" and hostname == module.host)
 		    or (command.permission == "user") then
 			reply:tag("item", { name = command.name,
 			    node = node, jid = module:get_host() });
@@ -65,11 +72,15 @@
 	local origin, stanza = event.origin, event.stanza;
 	if stanza.attr.type == "set" then
 		local node = stanza.tags[1].attr.node
-		if commands[node] then
-			local admin = is_admin(stanza.attr.from, stanza.attr.to);
-			local global_admin = is_admin(stanza.attr.from);
-			if (commands[node].permission == "admin" and not admin)
-			    or (commands[node].permission == "global_admin" and not global_admin) then
+		local command = commands[node];
+		if command then
+			local from = stanza.attr.from;
+			local admin = is_admin(from, stanza.attr.to);
+			local global_admin = is_admin(from);
+			local username, hostname = jid_split(from);
+			if (command.permission == "admin" and not admin)
+			    or (command.permission == "global_admin" and not global_admin)
+			    or (command.permission == "local_user" and hostname ~= module.host) then
 				origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up()
 				    :add_child(commands[node]:cmdtag("canceled")
 					:tag("note", {type="error"}):text("You don't have permission to execute this command")));