aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/adhoc
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/adhoc')
-rw-r--r--plugins/adhoc/adhoc.lib.lua14
-rw-r--r--plugins/adhoc/mod_adhoc.lua45
2 files changed, 26 insertions, 33 deletions
diff --git a/plugins/adhoc/adhoc.lib.lua b/plugins/adhoc/adhoc.lib.lua
index 4cf6911d..0ce45e19 100644
--- a/plugins/adhoc/adhoc.lib.lua
+++ b/plugins/adhoc/adhoc.lib.lua
@@ -4,7 +4,7 @@
-- COPYING file in the source package for more information.
--
-local st, uuid = require "util.stanza", require "util.uuid";
+local st, uuid = require "prosody.util.stanza", require "prosody.util.uuid";
local xmlns_cmd = "http://jabber.org/protocol/commands";
@@ -23,10 +23,16 @@ end
function _M.new(name, node, handler, permission)
if not permission then
error "adhoc.new() expects a permission argument, none given"
- end
- if permission == "user" then
+ elseif permission == "user" then
error "the permission mode 'user' has been renamed 'any', please update your code"
end
+ if permission == "admin" then
+ module:default_permission("prosody:admin", "adhoc:"..node);
+ permission = "check";
+ elseif permission == "global_admin" then
+ module:default_permission("prosody:operator", "adhoc:"..node);
+ permission = "check";
+ end
return { name = name, node = node, handler = handler, cmdtag = _cmdtag, permission = permission };
end
@@ -34,6 +40,8 @@ function _M.handle_cmd(command, origin, stanza)
local cmdtag = stanza.tags[1]
local sessionid = cmdtag.attr.sessionid or uuid.generate();
local dataIn = {
+ origin = origin;
+ stanza = stanza;
to = stanza.attr.to;
from = stanza.attr.from;
action = cmdtag.attr.action or "execute";
diff --git a/plugins/adhoc/mod_adhoc.lua b/plugins/adhoc/mod_adhoc.lua
index 09a72075..8abfff99 100644
--- a/plugins/adhoc/mod_adhoc.lua
+++ b/plugins/adhoc/mod_adhoc.lua
@@ -5,28 +5,26 @@
-- COPYING file in the source package for more information.
--
-local it = require "util.iterators";
-local st = require "util.stanza";
-local is_admin = require "core.usermanager".is_admin;
-local jid_host = require "util.jid".host;
+local it = require "prosody.util.iterators";
+local st = require "prosody.util.stanza";
+local jid_host = require "prosody.util.jid".host;
local adhoc_handle_cmd = module:require "adhoc".handle_cmd;
local xmlns_cmd = "http://jabber.org/protocol/commands";
local commands = {};
module:add_feature(xmlns_cmd);
+local function check_permissions(event, node, command, execute)
+ return (command.permission == "check" and module:may("adhoc:"..node, event, not execute))
+ or (command.permission == "local_user" and jid_host(event.stanza.attr.from) == module.host)
+ or (command.permission == "any");
+end
+
module:hook("host-disco-info-node", function (event)
local stanza, origin, reply, node = event.stanza, event.origin, event.reply, event.node;
if commands[node] then
- local from = stanza.attr.from;
- local privileged = is_admin(from, stanza.attr.to);
- local global_admin = is_admin(from);
- local hostname = jid_host(from);
local command = commands[node];
- if (command.permission == "admin" and privileged)
- or (command.permission == "global_admin" and global_admin)
- or (command.permission == "local_user" and hostname == module.host)
- or (command.permission == "any") then
+ if check_permissions(event, node, command) then
reply:tag("identity", { name = command.name,
category = "automation", type = "command-node" }):up();
reply:tag("feature", { var = xmlns_cmd }):up();
@@ -44,20 +42,13 @@ module:hook("host-disco-info-node", function (event)
end);
module:hook("host-disco-items-node", function (event)
- local stanza, reply, disco_node = event.stanza, event.reply, event.node;
+ local reply, disco_node = event.reply, event.node;
if disco_node ~= xmlns_cmd then
return;
end
- local from = stanza.attr.from;
- local admin = is_admin(from, stanza.attr.to);
- local global_admin = is_admin(from);
- local hostname = jid_host(from);
for node, command in it.sorted_pairs(commands) do
- if (command.permission == "admin" and admin)
- or (command.permission == "global_admin" and global_admin)
- or (command.permission == "local_user" and hostname == module.host)
- or (command.permission == "any") then
+ if check_permissions(event, node, command) then
reply:tag("item", { name = command.name,
node = node, jid = module:get_host() });
reply:up();
@@ -71,20 +62,14 @@ module:hook("iq-set/host/"..xmlns_cmd..":command", function (event)
local node = stanza.tags[1].attr.node
local command = commands[node];
if command then
- local from = stanza.attr.from;
- local admin = is_admin(from, stanza.attr.to);
- local global_admin = is_admin(from);
- local hostname = jid_host(from);
- if (command.permission == "admin" and not admin)
- or (command.permission == "global_admin" and not global_admin)
- or (command.permission == "local_user" and hostname ~= module.host) then
+ if not check_permissions(event, node, command, true) then
origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up()
- :add_child(commands[node]:cmdtag("canceled")
+ :add_child(command:cmdtag("canceled")
:tag("note", {type="error"}):text("You don't have permission to execute this command")));
return true
end
-- User has permission now execute the command
- adhoc_handle_cmd(commands[node], origin, stanza);
+ adhoc_handle_cmd(command, origin, stanza);
return true;
end
end, 500);