diff options
Diffstat (limited to 'core')
-rw-r--r-- | core/modulemanager.lua | 2 | ||||
-rw-r--r-- | core/usermanager.lua | 117 |
2 files changed, 36 insertions, 83 deletions
diff --git a/core/modulemanager.lua b/core/modulemanager.lua index 8e62aecb..2847663c 100644 --- a/core/modulemanager.lua +++ b/core/modulemanager.lua @@ -39,7 +39,7 @@ end local array, set = require "util.array", require "util.set"; -local autoload_modules = {"presence", "message", "iq"}; +local autoload_modules = {"presence", "message", "iq", "defaultauth"}; -- We need this to let modules access the real global namespace local _G = _G; diff --git a/core/usermanager.lua b/core/usermanager.lua index 07097dc1..6c269401 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -20,117 +20,72 @@ local require_provisioning = config.get("*", "core", "cyrus_require_provisioning local prosody = _G.prosody; +local setmetatable = setmetatable; + module "usermanager" -local new_default_provider; +function new_null_provider() + local function dummy() end; + return setmetatable({name = "null"}, { __index = function() return dummy; end }); +end local function host_handler(host) local host_session = hosts[host]; - host_session.events.add_handler("item-added/auth-provider", function (provider) - if config.get(host, "core", "authentication") == provider.name then + host_session.events.add_handler("item-added/auth-provider", function (event) + local provider = event.item; + if config.get(host, "core", "authentication") == nil and provider.name == "default" then + host_session.users = provider; + elseif config.get(host, "core", "authentication") == provider.name then host_session.users = provider; end + if host_session.users ~= nil and host_session.users.name ~= nil then + log("debug", "host '%s' now set to use user provider '%s'", host, host_session.users.name); + end end); - host_session.events.add_handler("item-removed/auth-provider", function (provider) + host_session.events.add_handler("item-removed/auth-provider", function (event) + local provider = event.item; if host_session.users == provider then - host_session.users = new_default_provider(host); + host_session.users = new_null_provider(); end end); - host_session.users = new_default_provider(host); -- Start with the default usermanager provider -end -prosody.events.add_handler("host-activated", host_handler); -prosody.events.add_handler("component-activated", host_handler); - -local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end - -function new_default_provider(host) - local provider = { name = "default" }; - - function provider:test_password(username, password) - if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end - local credentials = datamanager.load(username, host, "accounts") or {}; - - if password == credentials.password then - return true; - else - return nil, "Auth failed. Invalid username or password."; - end - end - - function provider:get_password(username) - if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end - return (datamanager.load(username, host, "accounts") or {}).password; - end - - function provider:set_password(username, password) - if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end - local account = datamanager.load(username, host, "accounts"); - if account then - account.password = password; - return datamanager.store(username, host, "accounts", account); - end - return nil, "Account not available."; - end - - function provider:user_exists(username) - if not(require_provisioning) and is_cyrus(host) then return true; end - local account, err = datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials - return (account or err) ~= nil; -- FIXME also check for empty credentials - end - - function provider:create_user(username, password) - if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end - return datamanager.store(username, host, "accounts", {password = password}); - end + host_session.users = new_null_provider(); -- Start with the default usermanager provider +end; +prosody.events.add_handler("host-activated", host_handler, 100); +prosody.events.add_handler("component-activated", host_handler, 100); - function provider:get_supported_methods() - return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config - end - - function provider:is_admin(jid) - local admins = config.get(host, "core", "admins"); - if admins ~= config.get("*", "core", "admins") then - if type(admins) == "table" then - jid = jid_bare(jid); - for _,admin in ipairs(admins) do - if admin == jid then return true; end - end - elseif admins then - log("error", "Option 'admins' for host '%s' is not a table", host); - end - end - return is_admin(jid); -- Test whether it's a global admin instead - end - return provider; -end +function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end -function validate_credentials(host, username, password, method) - return hosts[host].users:test_password(username, password); +function test_password(username, password, host) + return hosts[host].users.test_password(username, password); end function get_password(username, host) - return hosts[host].users:get_password(username); + return hosts[host].users.get_password(username); end -function set_password(username, host, password) - return hosts[host].users:set_password(username, password); +function set_password(username, password, host) + return hosts[host].users.set_password(username, password); end function user_exists(username, host) - return hosts[host].users:user_exists(username); + return hosts[host].users.user_exists(username); end function create_user(username, password, host) - return hosts[host].users:create_user(username, password); + return hosts[host].users.create_user(username, password); end function get_supported_methods(host) - return hosts[host].users:get_supported_methods(); + return hosts[host].users.get_supported_methods(); +end + +function get_provider(host) + return hosts[host].users; end function is_admin(jid, host) if host and host ~= "*" then - return hosts[host].users:is_admin(jid); + return hosts[host].users.is_admin(jid); else -- Test only whether this JID is a global admin local admins = config.get("*", "core", "admins"); if type(admins) == "table" then @@ -145,6 +100,4 @@ function is_admin(jid, host) end end -_M.new_default_provider = new_default_provider; - return _M; |