aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
Commit message (Collapse)AuthorAgeFilesLines
* core.certmanager: Move LuaSec verification tweaks to mod_s2sKim Alvefur8 days1-0/+8
| | | | | These two settings are only really needed for XMPP server-to-server connections.
* mod_cloud_notify, mod_cron, mod_invites: Add 'prosody.' prefix to requiresMatthew Wild7 days3-10/+10
|
* MUC: Use new XEP namespace for hats by defaultMatthew Wild8 days1-1/+1
| | | | Revert with muc_hats_compat = true in the config if necessary.
* mod_admin_shell: Remove duplicated lineMatthew Wild9 days1-2/+0
|
* mod_admin_shell: Rename user:setrole to user:set_rolesMatthew Wild9 days1-4/+4
| | | | | This is more readable and accessible, and it will only be harder to change after release.
* mod_admin_shell: Hide secondary role commands, focus on primary rolesMatthew Wild9 days1-7/+17
| | | | | | | | | Secondary roles are an advanced feature without any strong use cases currently. Having multiple ways to manage roles is confusing. Now the 'user:role' command will just show the primary role if that is all there is, but will list secondary roles too if there are any (which in 99.9% of cases there won't be).
* mod_admin_shell: Support for hiding certain commands from default help listingMatthew Wild9 days1-5/+8
| | | | Useful for e.g. deprecated commands.
* mod_account_activity: Fix error when no duration specified in shell commandMatthew Wild9 days1-1/+1
|
* mod_admin_shell: Fix result handling of user addrole/delrole commandsMatthew Wild9 days1-2/+10
|
* mod_authz_internal: Fix error messagesMatthew Wild9 days1-2/+2
|
* mod_authz_internal: Fix return values of secondary role management methodsMatthew Wild9 days1-3/+8
| | | | usermanager expects (role, err) and (ok, err)
* mod_presence: Fix traceback if origin gets disconnected during processingMatthew Wild9 days1-2/+10
| | | | Fixes #1887
* mod_invites: Add shell commands to list, show and delete pending invitationsMatthew Wild9 days1-0/+140
|
* mod_invites: Shell command to create reset linksMatthew Wild9 days1-0/+18
|
* mod_account_activity: Add shell command to list inactive accountsMatthew Wild10 days1-0/+43
| | | | Including accounts which may never have logged in.
* mod_account_activity: Fix required module namesMatthew Wild10 days1-3/+3
|
* mod_account_activity: Record an account's last activity timestampMatthew Wild10 days1-0/+109
| | | | | | | | | | | | | This is similar to mod_lastlog/mod_lastlog2. Some functionality was dropped, compared to mod_lastlog2. These features (recording the IP address, or tracking the timestamp of multiple events) are handled better by the mod_audit family of modules. For example, those correctly handle multiple logins, IP address truncation, and data retention policies. The "registered" timestamp from mod_lastlog2 was also dropped, as this has been stored in account_details by Prosody itself since at least 0.12 already.
* mod_storage_sql: Fix tests for SQLite3Kim Alvefur2025-02-081-1/+1
| | | | Tests does not run the code that initializes `sqlite_version`
* MUC: Don't inform people about the avatar hash when there is noneMatthew Wild2025-02-071-0/+1
|
* mod_vcard: Switch store name for MUC hosts (thanks lissine)Matthew Wild2025-02-061-2/+8
|
* mod_muc: Integrate support for vcards/avatars on MUC roomsMatthew Wild2025-02-062-0/+85
| | | | | | This was previously served by a community module (mod_vcard_muc). It can be disabled by setting `vcard_muc = false` in the config.
* mod_vcard: Some support for handling vcards on componentsMatthew Wild2025-02-061-3/+7
|
* mod_vcard: Fire event when vcard updatedMatthew Wild2025-02-061-0/+1
|
* mod_vcard: Add API to get hash of the vcard avatarMatthew Wild2025-02-061-0/+13
|
* mod_c2s: Add debug log when disconnecting all user sessionsMatthew Wild2025-02-061-0/+1
|
* mod_admin_shell: Fix column alignment in 'help roles'Kim Alvefur2025-02-021-1/+1
|
* mod_admin_shell: Fix help forgetting argumentsKim Alvefur2025-02-021-1/+1
| | | | | | The array:pluck() method mutates the args, replacing the table items with the resulting strings. On later runs I assume it tries to index the string, which returns nil, emptying the array.
* mod_tokenauth: Fix expiry lasting one second too muchRémi Bardon2025-02-011-5/+5
| | | | | | | | | Because the code was using `< now` in a lot of places, things expiring at the current second wouldn't be marked as expired. It isn't noticeable in real-world scenarios but I wanted to create OAuth 2.0 tokens valid for 0 second in integration tests and it wasn't possible. By using `<=` instead of `<`, we make sure tokens don't live a single millisecond more than what they are supposed to.
* mod_storage_sql: Don't treat Enter or Ctrl-C as yes in upgrade commandKim Alvefur2025-01-231-1/+1
| | | | | It seems to imply that No is the default, so it shouldn't continue doing the Yes action unless you actually press Y
* mod_storage_sql: Detect SQLite3 without UPSERT (or SQLCipher 3.x)Kim Alvefur2025-01-231-1/+23
| | | | | | | | | | | | | | | | | | SQLCipher v3.4.1 (the version in Debian 12) is based on SQLite3 v3.15.2, while UPSERT support was introduced in SQLite3 v3.24.0 This check was not needed before because we v3.24.0 has not been in a version of Debian we support for a long, long time. Note however that SQLCipher databases are not compatible across major versions, upgrading from v3.x to v4.x requires executing a migration. Attempts at making `prosodyctl mod_storage_sql upgrade` perform such a migration has not been successful. Executing the following in the `sqlcipher` tool should do the migration: PRAGMA key = '<key material>'; PRAGMA cipher_migrate;
* mod_admin_shell: Remove log statement intended for development onlyMatthew Wild2025-01-161-1/+0
|
* mod_pubsub: Remove duplicate create_node commandMatthew Wild2025-01-141-16/+0
| | | | Removed the one without error handling.
* mod_authz_internal: Make host considered the parent configurableKim Alvefur2025-01-131-1/+1
| | | | | | | | | | | | This bestows the role specified by the 'host_user_role' setting onto users of that host. For simplicity, only a single host can be specified. Making it configurable allows for setups where VirtualHost and related Components may be siblings instead of having a subdomain relationship. For setups with many VirtualHosts sharing a single Component, the 'server_user_role' setting is more appropriate. Even more complicated setups would have to resort to mod_firewall or similar.
* mod_cloud_notify: Merge from prosody-modules@fc521fb5ffa0Matthew Wild2025-01-091-0/+653
| | | | | | Many thanks to Thilo Molitor and Kim Alvefur for their work on this module while it was in the community repository. It has been stable for some time, is widely used, and provides a feature that is important to most deployments.
* mod_invites: Add support for invites_page option to use external invites pagesMatthew Wild2025-01-091-0/+36
| | | | | | | | | | | This allows Prosody to easily provide friendly invitation links, even without setting up mod_invites_page (which is a community module). Admins can configure it to use a third-party deployment such as https://xmpp.link or they can deploy their own based on https://github.com/modernxmpp/easy-xmpp-invitation Alternatively they can just install mod_invites_page and this will all be handled automatically by that.
* mod_storage_sql: Remove the word 'error' from debug messagesKim Alvefur2025-01-081-2/+2
| | | | | | The word 'error' anywhere, especially in harmless debug messages, are too often interpreted as fatal errors my some users, so best avoid that word. These look too scary as it is, being tracebacks.
* mod_pubsub: Remove unused loop variable [luacheck]Kim Alvefur2025-01-081-1/+1
|
* mod_admin_shell: Remove redundant 'mod_' prefix from debug messageKim Alvefur2025-01-081-1/+1
|
* mod_admin_shell: Fix reporting origin module for commandsKim Alvefur2025-01-081-1/+1
| | | | | | | The field `_provided_by` comes from module:provides(), but these items comes from moduel:add_item(), which include the originating module as a 'source' field of the event. However, this is absent when items are retrieved at a later time than the initial event.
* mod_pubsub: Quiet down check for service adminKim Alvefur2025-01-071-1/+1
| | | | This produced a *lot* of noise, especially listing items.
* mod_pubsub: Limit node listing based on new ACL-aware metadata methodKim Alvefur2025-01-071-1/+4
| | | | | | | Ensures that nodes that one does not have metadata access to are hidden from view. This follows from the new ACL-aware method added in 3b357ab6b6eb.
* mod_admin_shell: user:password(): Support prompting for password if none givenMatthew Wild2025-01-071-6/+9
|
* mod_admin_shell: user:create(): Reject promise with error message on failureMatthew Wild2025-01-071-1/+1
|
* mod_admin_shell: Mark event as handled when requested input is submittedMatthew Wild2025-01-071-0/+1
|
* mod_admin_shell: user:create(): request password via prompt if none givenMatthew Wild2025-01-071-6/+7
|
* mod_admin_shell: Add session method to request (password) input from shell ↵Matthew Wild2025-01-071-0/+46
| | | | client
* mod_admin_socket: Fire event on admin client disconnectMatthew Wild2025-01-071-1/+6
|
* mod_admin_shell: Don't pause async thread while waiting for promise resultMatthew Wild2025-01-071-14/+22
| | | | | | | | | | | This allows us to continue sending/receiving on the session, for example if the promise will be resolved by other data that the client is going to send. Specifically, this allows the repl-request-input to work without a deadlock. It does open the door to interleaved commands/results, which may not be a good thing overall, but can be restricted separately if necessary (e.g. a flag on the session).
* mod_cron: Don't run tasks if loaded inside prosodyctlMatthew Wild2025-01-071-0/+4
| | | | | It's common for modules to depend on mod_cron, and this can lead to it loading inside prosodyctl, where we don't really want to run any cron tasks.
* mod_authz_internal: Make 'prosody:guest' default role for all unknown JIDsMatthew Wild2025-01-071-2/+2
| | | | | | | | | | | | | | | This fixes an issue where e.g. remote users or even other users on the server were unable to list MUC rooms. We want to define a permission to list MUC rooms, but we want it to be available to everyone by default (the traditional behaviour). prosody:guest is the lowest role we have. I ran a quick check and it isn't really used for anything right now that would be concerning. It was originally designed for anonymous logins. I think it's safe to treat remote JIDs as equivalent, since we have no trust relationship with anonymous users either.
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 15:17:17 +0000