aboutsummaryrefslogtreecommitdiffstats
path: root/.luacheckrc
Commit message (Collapse)AuthorAgeFilesLines
* Switch to a new role-based authorization framework, removing is_admin()Matthew Wild2022-06-151-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
* luacheck: Set expected globals to Lua 5.4 + compatKim Alvefur2022-07-101-1/+1
| | | | Requires luacheck 0.25.0
* luacheck: Ignore new warning about uses of `not (x == y)` and similarKim Alvefur2022-05-301-1/+1
| | | | Added in luacheck 0.26.
* luacheck: Ignore new warning about using variables prefixed with '_'Kim Alvefur2022-05-301-1/+1
| | | | | | | | | luacheck 0.26 considers the _ prefix as a hint that the variable or argument is unused, then warns if they are used despite this. We have several places where this prefix is used to avoid shadowing another similarly named variable, resulting in many instances of this warning.
* mod_c2s,mod_s2s: Disable and close port listeners before closing sessionsKim Alvefur2022-02-111-0/+1
| | | | This ensures no new clients can start connecting during shutdown
* prosody: Expose main thread on the 'prosody' globalKim Alvefur2021-10-061-0/+3
| | | | To allow running things in it.
* mod_cron: Add a 'weekly' job frequencyKim Alvefur2021-12-031-0/+1
|
* core.moduleapi: Add API for adding daily or hourly tasks via mod_cronKim Alvefur2021-11-211-0/+2
|
* Statistics: Rewrite statistics backends to use OpenMetricsJonas Schäfer2021-04-181-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
* util.datamapper: Library for extracting data from stanzasKim Alvefur2021-03-071-0/+3
| | | | Based on the XML support in the OpenAPI specification.
* util.jsonschema: Library for JSON Schema validationKim Alvefur2021-03-061-0/+3
|
* luacheck: Remove exception for net.cqueues since it is now cleanKim Alvefur2020-07-081-1/+0
|
* util.sasl.digest-md5: Remove, obsolete since 2011Kim Alvefur2020-04-141-2/+0
| | | | | | | RFC 6331 lists several problems with this outdated authentication mechanism. The code here was also completely ignored by lint checks and has probably not been used for a long time, as it is incompatible with SCRAM-hashed password storage.
* luacheck: Don't not warn about not using secondary return valuesKim Alvefur2019-12-201-1/+0
| | | | Brace for ONE BILLION WARNINGS!!!
* .luacheckrc: Remove passing spec/ files from ignore listMatthew Wild2019-12-091-3/+0
|
* .luacheckrc: Remove passing file from ignore listMatthew Wild2019-12-091-1/+0
|
* .luacheckrc: Correct indentation of 'exclude_files' listKim Alvefur2019-04-011-30/+30
|
* .luacheckrc: Update to reflect new module API methodsMatthew Wild2019-03-191-1/+4
|
* luacheckrc: Teach luacheck about the new module:send_iq() APIKim Alvefur2018-12-301-0/+1
|
* net.adns: Silence individual luacheck warnings instead of ignoring entire fileKim Alvefur2018-12-241-1/+0
|
* luacheckrc: No longer ignore access to undefined fields on table libKim Alvefur2018-12-081-1/+1
|
* lint: No longer ignore access to the deprecated global 'unpack'Kim Alvefur2018-12-081-1/+1
| | | | _G.unpack is deprecated in Lua 5.2
* luacheckrc: Set Lua standard to 5.3 with 5.2 compat enabledKim Alvefur2018-12-081-0/+1
|
* mod_net_multiplex: Remove exception from luacheckKim Alvefur2018-10-101-1/+0
|
* mod_http_files: Remove exception from luacheckKim Alvefur2018-10-101-1/+0
|
* mod_privacy: Remove exception from luacheckKim Alvefur2018-10-101-1/+0
| | | | | Plugin has been removed and replaced by a tombstone, no point in excluding it from linting
* mod_storage_sql: Remove exception from luacheckKim Alvefur2018-10-101-1/+0
|
* .luacheckrc: Ignore unused secondaries in non-strict modeKim Alvefur2018-10-061-2/+2
| | | | Previous commit was backwards
* .luacheckrc: Do not ignore unused secondaries in strict modeKim Alvefur2018-10-061-0/+1
|
* mod_websocket: Silence the one warning instead of ignoring the entire fileKim Alvefur2018-09-301-1/+0
|
* mod_s2s: Silence all warnings instead of ignoring the entire moduleKim Alvefur2018-09-301-2/+0
|
* mod_admin_telnet: Remove from luacheck ignore listKim Alvefur2018-09-301-1/+0
|
* mod_admin_adhoc: Remove from global luacheck ignore listKim Alvefur2018-09-301-1/+0
|
* .luacheckrc: Allow randomize() global in spec/Matthew Wild2018-09-291-1/+2
| | | | | | This is a busted function that is not currently recognized by luacheck. See https://github.com/mpeterv/luacheck/pull/183
* util.json tests: Add [luacheck] annotation to mark intentionally-empty if branchMatthew Wild2018-09-171-1/+0
|
* .luacheckrc: Remove util_cache_spec.lua from the ignore listMatthew Wild2018-09-171-1/+0
|
* .luacheckrc: Remove aspirational goals from strict check, keep it simple for nowMatthew Wild2018-09-131-3/+0
|
* luacheckrc: Remove mod_groups from ignored filesKim Alvefur2018-07-071-1/+0
|
* luacheckrc: Remove exception for modules that produce no warningsKim Alvefur2018-07-061-3/+0
|
* mod_announce: Fix luacheck warningsKim Alvefur2018-07-061-1/+0
|
* luacheckrc: Consider mod_http cleanKim Alvefur2018-07-061-1/+0
|
* luacheckrc: Remove exception for mod_pep, it's cleanKim Alvefur2018-07-061-1/+0
|
* .luacheckrc: Remove mod_pubsub/pubsub.lib.lua from files excluded from checksKim Alvefur2018-05-231-1/+0
|
* .luacheckrc: Only ignore warnings for excluded files, not syntax errorsKim Alvefur2018-05-231-1/+4
|
* .luacheckrc: Ignore attempts to get table.unpackKim Alvefur2018-05-191-1/+1
| | | | | | This is to allow this common pattern: local unpack = table.unpack or unpack;
* .luacheckrc: Remove mod_limits from excluded files as it should now be cleanKim Alvefur2018-05-181-1/+0
|
* .luacheckrc: Add some additional stricter requirements when ↵Matthew Wild2018-05-181-0/+3
| | | | PROSODY_STRICT_LINT=1
* .luacheckrc: Ignore currently-unclean files unless env var PROSODY_STRICT_LINT=1Matthew Wild2018-05-181-0/+64
|
* .luacheckrc: Fix whitespaceMatthew Wild2018-05-181-1/+1
|
* luacheckrc: No longer ignore use of the global 'server' (net.server)Kim Alvefur2018-04-051-1/+0
|