Changeset

12658:7ca5645f46cd

usermanager: Remove concept of global authz provider Rationale: - Removes a bunch of code! - We don't have many cases where an actor is not bound to one of our hosts - A notable exception is the admin shell, but if we ever attempt to lock those sessions down, there is a load of other work that also has to be done. And it's not clear if we would need a global authz provider for that anyway. - Removes an extra edge case from the necessary mental model for operators - Sessions that aren't bound to a host generally are anonymous or have an alternative auth model (such as by IP addres). - With the encapsulation now provided by util.roles, ad-hoc "detached roles" can still be created anyway by code that needs them.
author Matthew Wild <mwild1@gmail.com>
date Fri, 12 Aug 2022 16:21:57 +0100
parents 12657:1ab845e80fe7
children 12659:c0eea4f6c739
files core/usermanager.lua
diffstat 1 files changed, 12 insertions(+), 46 deletions(-) [+]
line wrap: on
line diff
--- a/core/usermanager.lua	Fri Aug 12 11:58:25 2022 +0100
+++ b/core/usermanager.lua	Fri Aug 12 16:21:57 2022 +0100
@@ -9,12 +9,10 @@
 local modulemanager = require "core.modulemanager";
 local log = require "util.logger".init("usermanager");
 local type = type;
-local it = require "util.iterators";
-local jid_prep, jid_split = require "util.jid".prep, require "util.jid".split;
+local jid_split = require "util.jid".split;
 local config = require "core.configmanager";
 local sasl_new = require "util.sasl".new;
 local storagemanager = require "core.storagemanager";
-local set = require "util.set";
 
 local prosody = _G.prosody;
 local hosts = prosody.hosts;
@@ -34,19 +32,9 @@
 	});
 end
 
-local global_admins_config = config.get("*", "admins");
-if type(global_admins_config) ~= "table" then
-	global_admins_config = nil; -- TODO: factor out moduleapi magic config handling and use it here
-end
-local global_admins = set.new(global_admins_config) / jid_prep;
-
-local admin_role = { ["prosody:admin"] = true };
-local global_authz_provider = {
+local fallback_authz_provider = {
 	get_user_roles = function (user) end; --luacheck: ignore 212/user
-	get_jids_with_role = function (role)
-		if role ~= "prosody:admin" then return {}; end
-		return it.to_array(global_admins);
-	end;
+	get_jids_with_role = function (role) end; --luacheck: ignore 212
 	set_user_roles = function (user, roles) end; -- luacheck: ignore 212
 	set_jid_roles = function (jid, roles) end; -- luacheck: ignore 212
 
@@ -66,7 +54,7 @@
 	local authz_provider_name = config.get(host, "authorization") or "internal";
 
 	local authz_mod = modulemanager.load(host, "authz_"..authz_provider_name);
-	host_session.authz = authz_mod or global_authz_provider;
+	host_session.authz = authz_mod or fallback_authz_provider;
 
 	if host_session.type ~= "local" then return; end
 
@@ -155,20 +143,14 @@
 	if host and not hosts[host] then return false; end
 	if type(user) ~= "string" then return false; end
 
-	host = host or "*";
-
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
-	return authz_provider.get_user_roles(user);
+	return hosts[host].authz.get_user_roles(user);
 end
 
 local function get_user_default_role(user, host)
 	if host and not hosts[host] then return false; end
 	if type(user) ~= "string" then return false; end
 
-	host = host or "*";
-
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
-	return authz_provider.get_user_default_role(user);
+	return hosts[host].authz.get_user_default_role(user);
 end
 
 -- Accepts a set of role names which the user is allowed to assume
@@ -176,10 +158,7 @@
 	if host and not hosts[host] then return false; end
 	if type(user) ~= "string" then return false; end
 
-	host = host or "*";
-
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
-	local ok, err = authz_provider.set_user_roles(user, roles);
+	local ok, err = hosts[host].authz.set_user_roles(user, roles);
 	if ok then
 		prosody.events.fire_event("user-roles-changed", {
 			username = user, host = host
@@ -189,50 +168,37 @@
 end
 
 local function get_jid_role(jid, host)
-	host = host or "*";
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
 	local jid_node, jid_host = jid_split(jid);
 	if host == jid_host and jid_node then
-		return authz_provider.get_user_default_role(jid_node);
+		return hosts[host].authz.get_user_default_role(jid_node);
 	end
-	return authz_provider.get_jid_role(jid);
+	return hosts[host].authz.get_jid_role(jid);
 end
 
 local function set_jid_role(jid, host, role_name)
-	host = host or "*";
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
 	local _, jid_host = jid_split(jid);
 	if host == jid_host then
 		return nil, "unexpected-local-jid";
 	end
-	return authz_provider.set_jid_role(jid, role_name)
+	return hosts[host].authz.set_jid_role(jid, role_name)
 end
 
 local function get_users_with_role(role, host)
 	if not hosts[host] then return false; end
 	if type(role) ~= "string" then return false; end
-
 	return hosts[host].authz.get_users_with_role(role);
 end
 
 local function get_jids_with_role(role, host)
 	if host and not hosts[host] then return false; end
 	if type(role) ~= "string" then return false; end
-
-	host = host or "*";
-
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
-	return authz_provider.get_jids_with_role(role);
+	return hosts[host].authz.get_jids_with_role(role);
 end
 
 local function get_role_by_name(role_name, host)
 	if host and not hosts[host] then return false; end
 	if type(role_name) ~= "string" then return false; end
-
-	host = host or "*";
-
-	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
-	return authz_provider.get_role_by_name(role_name);
+	return hosts[host].authz.get_role_by_name(role_name);
 end
 
 return {