diff options
author | Matthew Wild <mwild1@gmail.com> | 2023-11-30 17:46:18 +0000 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2023-11-30 17:46:18 +0000 |
commit | 227b0c9733a13c498e47eb83ae4c0746727ada49 (patch) | |
tree | c86bdea430e9728f1c74fec3ef7d632760fd7814 /plugins | |
parent | 8c53b06add6df9cb9529d6906f7dfa89c624d2c1 (diff) | |
download | prosody-227b0c9733a13c498e47eb83ae4c0746727ada49.tar.gz prosody-227b0c9733a13c498e47eb83ae4c0746727ada49.zip |
mod_user_account_management: Fire events with a fake (not destroyed) session
Previously these events fired after the session had been destroyed, which
removes many of the useful properties. The ones I chose to preserve here are
the ones used by the community module mod_audit, which seems like a good
baseline.
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_user_account_management.lua | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/plugins/mod_user_account_management.lua b/plugins/mod_user_account_management.lua index 7affb96d..4f32da00 100644 --- a/plugins/mod_user_account_management.lua +++ b/plugins/mod_user_account_management.lua @@ -18,6 +18,17 @@ local deleted_accounts = module:open_store("accounts_cleanup"); module:add_feature("jabber:iq:register"); +-- Allow us to 'freeze' a session and retrieve properties even after it is +-- destroyed +local function capture_session_properties(session) + return setmetatable({ + id = session.id; + ip = session.ip; + type = session.type; + client_id = session.client_id; + }, { __index = session }); +end + -- Password change and account deletion handler local function handle_registration_stanza(event) local session, stanza = event.origin, event.stanza; @@ -48,6 +59,8 @@ local function handle_registration_stanza(event) return old_session_close(self, ...); end + local old_session = capture_session_properties(session); + if not soft_delete_period then local ok, err = usermanager.delete_user(username, host); @@ -59,7 +72,7 @@ local function handle_registration_stanza(event) end log("info", "User removed their account: %s@%s (deleted)", username, host); - module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = session }); + module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = old_session }); else local ok, err = usermanager.disable_user(username, host, { reason = "ibr"; @@ -74,13 +87,21 @@ local function handle_registration_stanza(event) return true; end - deleted_accounts:set(username, { + local status = { deleted_at = os.time(); pending_until = os.time() + soft_delete_period; client_id = session.client_id; - }); + }; + deleted_accounts:set(username, status); log("info", "User removed their account: %s@%s (disabled, pending deletion)", username, host); + module:fire_event("user-deregistered-pending", { + username = username; + host = host; + source = "mod_register"; + session = old_session; + status = status; + }); end else local username = query:get_child_text("username"); |