aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-06-27 21:51:21 +0200
committerKim Alvefur <zash@zash.se>2021-06-27 21:51:21 +0200
commita727de5ca6a7a163253f22c066e97be09b891913 (patch)
tree875b7be1ce73983c8da40c6c6f67a89fbe6e0da4 /plugins
parentc880dee2af4b1f5e184c3a3c7f70036694d9c1f8 (diff)
downloadprosody-a727de5ca6a7a163253f22c066e97be09b891913.tar.gz
prosody-a727de5ca6a7a163253f22c066e97be09b891913.zip
mod_admin_adhoc: Delete "Get User Password" command
This doesn't really make sense today. It doesn't even work with mod_auth_internal_hashed, which should be the default. And even with a supporting authentication module, why would we just hand out the password? One use case may be to recover a forgotten password. While not yet included with Prosody, there are better ways to handle forgotten passwords, usually by resetting them to a new password.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_admin_adhoc.lua36
1 files changed, 0 insertions, 36 deletions
diff --git a/plugins/mod_admin_adhoc.lua b/plugins/mod_admin_adhoc.lua
index 674b3339..49f51a28 100644
--- a/plugins/mod_admin_adhoc.lua
+++ b/plugins/mod_admin_adhoc.lua
@@ -18,7 +18,6 @@ local keys = require "util.iterators".keys;
local usermanager_user_exists = require "core.usermanager".user_exists;
local usermanager_create_user = require "core.usermanager".create_user;
local usermanager_delete_user = require "core.usermanager".delete_user;
-local usermanager_get_password = require "core.usermanager".get_password;
local usermanager_set_password = require "core.usermanager".set_password;
local hostmanager_activate = require "core.hostmanager".activate;
local hostmanager_deactivate = require "core.hostmanager".deactivate;
@@ -193,39 +192,6 @@ local end_user_session_handler = adhoc_simple(end_user_session_layout, function(
"The following accounts could not be disconnected:\n"..t_concat(failed, "\n") or "") };
end);
--- Getting a user's password
-local get_user_password_layout = dataforms_new{
- title = "Getting User's Password";
- instructions = "Fill out this form to get a user's password.";
-
- { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
- { name = "accountjid", type = "jid-single", required = true, label = "The Jabber ID for which to retrieve the password" };
-};
-
-local get_user_password_result_layout = dataforms_new{
- { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
- { name = "accountjid", type = "jid-single", label = "JID" };
- { name = "password", type = "text-single", label = "Password" };
-};
-
-local get_user_password_handler = adhoc_simple(get_user_password_layout, function(fields, err)
- if err then
- return generate_error_message(err);
- end
- local user, host = jid.split(fields.accountjid);
- local accountjid;
- local password;
- if host ~= module_host then
- return { status = "completed", error = { message = "Tried to get password for a user on " .. host .. " but command was sent to " .. module_host } };
- elseif usermanager_user_exists(user, host) then
- accountjid = fields.accountjid;
- password = usermanager_get_password(user, host);
- else
- return { status = "completed", error = { message = "User does not exist" } };
- end
- return { status = "completed", result = { layout = get_user_password_result_layout, values = {accountjid = accountjid, password = password} } };
-end);
-
-- Getting a user's roster
local get_user_roster_layout = dataforms_new{
{ name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" };
@@ -827,7 +793,6 @@ local change_user_password_desc = adhoc_new("Change User Password", "http://jabb
local config_reload_desc = adhoc_new("Reload configuration", "http://prosody.im/protocol/config#reload", config_reload_handler, "global_admin");
local delete_user_desc = adhoc_new("Delete User", "http://jabber.org/protocol/admin#delete-user", delete_user_command_handler, "admin");
local end_user_session_desc = adhoc_new("End User Session", "http://jabber.org/protocol/admin#end-user-session", end_user_session_handler, "admin");
-local get_user_password_desc = adhoc_new("Get User Password", "http://jabber.org/protocol/admin#get-user-password", get_user_password_handler, "admin");
local get_user_roster_desc = adhoc_new("Get User Roster","http://jabber.org/protocol/admin#get-user-roster", get_user_roster_handler, "admin");
local get_user_stats_desc = adhoc_new("Get User Statistics","http://jabber.org/protocol/admin#user-stats", get_user_stats_handler, "admin");
local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users-list", get_online_users_command_handler, "admin");
@@ -848,7 +813,6 @@ module:provides("adhoc", change_user_password_desc);
module:provides("adhoc", config_reload_desc);
module:provides("adhoc", delete_user_desc);
module:provides("adhoc", end_user_session_desc);
-module:provides("adhoc", get_user_password_desc);
module:provides("adhoc", get_user_roster_desc);
module:provides("adhoc", get_user_stats_desc);
module:provides("adhoc", get_online_users_desc);