util.roles: Add a :policies() method to iterate through available policies

We don't expose the policies directly, to force people to go through :may(). However, there are times when we really just need to know what policies a role has inside it (e.g. for reporting or debugging purposes).
author: Matthew Wild <mwild1@gmail.com> 2022-10-07 17:01:35 +0100
committer: Matthew Wild <mwild1@gmail.com> 2022-10-07 17:01:35 +0100
commit: d08ddc1f4a1c6d93342bd8efd69c837782656f1f (patch)
tree: 7fe495e577da6561513defd7a51f41d3c24248f8 /util
parent: bda9ea678c9254254c90e3f4626d3aa7f1de364c (diff)
download: prosody-d08ddc1f4a1c6d93342bd8efd69c837782656f1f.tar.gz
prosody-d08ddc1f4a1c6d93342bd8efd69c837782656f1f.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/util/roles.lua b/util/roles.lua
index a38faa58..2c3a5026 100644
--- a/util/roles.lua
+++ b/util/roles.lua
@@ -86,6 +86,16 @@ function role_methods:set_permission(permission_name, policy, overwrite)
 	return true;
 end
 
+function role_methods:policies()
+	local policy_iterator, s, v = it.join(pairs(self[permissions_key]));
+	if self.inherits then
+		for _, inherited_role in ipairs(self.inherits) do
+			policy_iterator:append(inherited_role:policies());
+		end
+	end
+	return policy_iterator, s, v;
+end
+
 function role_mt.__tostring(self)
 	return ("role<[%s] %s>"):format(self.id or "nil", self.name or "[no name]");
 end
author	Matthew Wild <mwild1@gmail.com>	2022-10-07 17:01:35 +0100
committer	Matthew Wild <mwild1@gmail.com>	2022-10-07 17:01:35 +0100
commit	d08ddc1f4a1c6d93342bd8efd69c837782656f1f (patch)
tree	7fe495e577da6561513defd7a51f41d3c24248f8 /util
parent	bda9ea678c9254254c90e3f4626d3aa7f1de364c (diff)
download	prosody-d08ddc1f4a1c6d93342bd8efd69c837782656f1f.tar.gz prosody-d08ddc1f4a1c6d93342bd8efd69c837782656f1f.zip