diff options
author | Matthew Wild <mwild1@gmail.com> | 2022-08-15 15:25:07 +0100 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2022-08-15 15:25:07 +0100 |
commit | ae3a89375d7dcb1df54c072ddebe2a60248c58b0 (patch) | |
tree | ec938798877f70739c94681a5def6c6dbdf76eb7 /tools/migration/prosody-migrator.lua | |
parent | 7ccf41ebb5e7a1a21fdf5945c5dd157e40b7024c (diff) | |
download | prosody-ae3a89375d7dcb1df54c072ddebe2a60248c58b0.tar.gz prosody-ae3a89375d7dcb1df54c072ddebe2a60248c58b0.zip |
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
Diffstat (limited to 'tools/migration/prosody-migrator.lua')
0 files changed, 0 insertions, 0 deletions