aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
Diffstat (limited to 'core')
-rw-r--r--core/rostermanager.lua16
-rw-r--r--core/sessionmanager.lua16
-rw-r--r--core/usermanager.lua59
3 files changed, 58 insertions, 33 deletions
diff --git a/core/rostermanager.lua b/core/rostermanager.lua
index e2a92696..506cf205 100644
--- a/core/rostermanager.lua
+++ b/core/rostermanager.lua
@@ -93,15 +93,18 @@ function load_roster(username, host)
else -- Attempt to load roster for non-loaded user
log("debug", "load_roster: loading for offline user: "..username.."@"..host);
end
- roster = datamanager.load(username, host, "roster") or {};
+ local data, err = datamanager.load(username, host, "roster");
+ roster = data or {};
if user then user.roster = roster; end
- if not roster[false] then roster[false] = { }; end
+ if not roster[false] then roster[false] = { broken = err or nil }; end
if roster[jid] then
roster[jid] = nil;
log("warn", "roster for "..jid.." has a self-contact");
end
- hosts[host].events.fire_event("roster-load", username, host, roster);
- return roster;
+ if not err then
+ hosts[host].events.fire_event("roster-load", username, host, roster);
+ end
+ return roster, err;
end
function save_roster(username, host, roster)
@@ -122,6 +125,7 @@ function save_roster(username, host, roster)
if metadata.version ~= true then
metadata.version = (metadata.version or 0) + 1;
end
+ if roster[false].broken then return nil, "Not saving broken roster" end
return datamanager.store(username, host, "roster", roster);
end
log("warn", "save_roster: user had no roster to save");
@@ -187,9 +191,9 @@ function process_inbound_unsubscribe(username, host, jid)
end
function is_contact_subscribed(username, host, jid)
- local roster = load_roster(username, host);
+ local roster, err = load_roster(username, host);
local item = roster[jid];
- return item and (item.subscription == "from" or item.subscription == "both");
+ return item and (item.subscription == "from" or item.subscription == "both"), err;
end
function is_contact_pending_in(username, host, jid)
diff --git a/core/sessionmanager.lua b/core/sessionmanager.lua
index 6e771a84..fd6ed96e 100644
--- a/core/sessionmanager.lua
+++ b/core/sessionmanager.lua
@@ -136,7 +136,7 @@ function bind_resource(session, resource)
local sessions = hosts[session.host].sessions[session.username].sessions;
local limit = config_get(session.host, "core", "max_resources") or 10;
if #sessions >= limit then
- return nil, "cancel", "conflict", "Resource limit reached; only "..limit.." resources allowed";
+ return nil, "cancel", "resource-constraint", "Resource limit reached; only "..limit.." resources allowed";
end
if sessions[resource] then
-- Resource conflict
@@ -174,7 +174,19 @@ function bind_resource(session, resource)
hosts[session.host].sessions[session.username].sessions[resource] = session;
full_sessions[session.full_jid] = session;
- session.roster = rm_load_roster(session.username, session.host);
+ local err;
+ session.roster, err = rm_load_roster(session.username, session.host);
+ if err then
+ full_sessions[session.full_jid] = nil;
+ hosts[session.host].sessions[session.username].sessions[resource] = nil;
+ session.full_jid = nil;
+ session.resource = nil;
+ if next(bare_sessions[session.username..'@'..session.host].sessions) == nil then
+ bare_sessions[session.username..'@'..session.host] = nil;
+ hosts[session.host].sessions[session.username] = nil;
+ end
+ return nil, "cancel", "internal-server-error", "Error loading roster";
+ end
hosts[session.host].events.fire_event("resource-bind", {session=session});
diff --git a/core/usermanager.lua b/core/usermanager.lua
index fd579692..07097dc1 100644
--- a/core/usermanager.lua
+++ b/core/usermanager.lua
@@ -16,13 +16,15 @@ local jid_bare = require "util.jid".bare;
local config = require "core.configmanager";
local hosts = hosts;
+local require_provisioning = config.get("*", "core", "cyrus_require_provisioning") or false;
+
local prosody = _G.prosody;
module "usermanager"
local new_default_provider;
-prosody.events.add_handler("host-activated", function (host)
+local function host_handler(host)
local host_session = hosts[host];
host_session.events.add_handler("item-added/auth-provider", function (provider)
if config.get(host, "core", "authentication") == provider.name then
@@ -35,14 +37,16 @@ prosody.events.add_handler("host-activated", function (host)
end
end);
host_session.users = new_default_provider(host); -- Start with the default usermanager provider
-end);
+end
+prosody.events.add_handler("host-activated", host_handler);
+prosody.events.add_handler("component-activated", host_handler);
local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end
function new_default_provider(host)
local provider = { name = "default" };
- function provider.test_password(username, password)
+ function provider:test_password(username, password)
if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end
local credentials = datamanager.load(username, host, "accounts") or {};
@@ -53,12 +57,12 @@ function new_default_provider(host)
end
end
- function provider.get_password(username)
+ function provider:get_password(username)
if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end
return (datamanager.load(username, host, "accounts") or {}).password;
end
- function provider.set_password(username, password)
+ function provider:set_password(username, password)
if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end
local account = datamanager.load(username, host, "accounts");
if account then
@@ -68,29 +72,32 @@ function new_default_provider(host)
return nil, "Account not available.";
end
- function provider.user_exists(username)
- if is_cyrus(host) then return true; end
- return datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
+ function provider:user_exists(username)
+ if not(require_provisioning) and is_cyrus(host) then return true; end
+ local account, err = datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials
+ return (account or err) ~= nil; -- FIXME also check for empty credentials
end
- function provider.create_user(username, password)
- if is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end
+ function provider:create_user(username, password)
+ if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end
return datamanager.store(username, host, "accounts", {password = password});
end
- function provider.get_supported_methods()
+ function provider:get_supported_methods()
return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config
end
- function provider.is_admin(jid)
+ function provider:is_admin(jid)
local admins = config.get(host, "core", "admins");
- if admins ~= config.get("*", "core", "admins") and type(admins) == "table" then
- jid = jid_bare(jid);
- for _,admin in ipairs(admins) do
- if admin == jid then return true; end
+ if admins ~= config.get("*", "core", "admins") then
+ if type(admins) == "table" then
+ jid = jid_bare(jid);
+ for _,admin in ipairs(admins) do
+ if admin == jid then return true; end
+ end
+ elseif admins then
+ log("error", "Option 'admins' for host '%s' is not a table", host);
end
- elseif admins then
- log("error", "Option 'admins' for host '%s' is not a table", host);
end
return is_admin(jid); -- Test whether it's a global admin instead
end
@@ -98,32 +105,32 @@ function new_default_provider(host)
end
function validate_credentials(host, username, password, method)
- return hosts[host].users.test_password(username, password);
+ return hosts[host].users:test_password(username, password);
end
function get_password(username, host)
- return hosts[host].users.get_password(username);
+ return hosts[host].users:get_password(username);
end
function set_password(username, host, password)
- return hosts[host].users.set_password(username, password);
+ return hosts[host].users:set_password(username, password);
end
function user_exists(username, host)
- return hosts[host].users.user_exists(username);
+ return hosts[host].users:user_exists(username);
end
function create_user(username, password, host)
- return hosts[host].users.create_user(username, password);
+ return hosts[host].users:create_user(username, password);
end
function get_supported_methods(host)
- return hosts[host].users.get_supported_methods();
+ return hosts[host].users:get_supported_methods();
end
function is_admin(jid, host)
if host and host ~= "*" then
- return hosts[host].users.is_admin(jid);
+ return hosts[host].users:is_admin(jid);
else -- Test only whether this JID is a global admin
local admins = config.get("*", "core", "admins");
if type(admins) == "table" then
@@ -138,4 +145,6 @@ function is_admin(jid, host)
end
end
+_M.new_default_provider = new_default_provider;
+
return _M;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 22:10:06 +0000