From 7ccf41ebb5e7a1a21fdf5945c5dd157e40b7024c Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Fri, 12 Aug 2022 16:21:57 +0100 Subject: usermanager: Remove concept of global authz provider Rationale: - Removes a bunch of code! - We don't have many cases where an actor is not bound to one of our hosts - A notable exception is the admin shell, but if we ever attempt to lock those sessions down, there is a load of other work that also has to be done. And it's not clear if we would need a global authz provider for that anyway. - Removes an extra edge case from the necessary mental model for operators - Sessions that aren't bound to a host generally are anonymous or have an alternative auth model (such as by IP addres). - With the encapsulation now provided by util.roles, ad-hoc "detached roles" can still be created anyway by code that needs them. --- core/usermanager.lua | 58 +++++++++++----------------------------------------- 1 file changed, 12 insertions(+), 46 deletions(-) diff --git a/core/usermanager.lua b/core/usermanager.lua index a299f9d9..2311ce9e 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -9,12 +9,10 @@ local modulemanager = require "core.modulemanager"; local log = require "util.logger".init("usermanager"); local type = type; -local it = require "util.iterators"; -local jid_prep, jid_split = require "util.jid".prep, require "util.jid".split; +local jid_split = require "util.jid".split; local config = require "core.configmanager"; local sasl_new = require "util.sasl".new; local storagemanager = require "core.storagemanager"; -local set = require "util.set"; local prosody = _G.prosody; local hosts = prosody.hosts; @@ -34,19 +32,9 @@ local function new_null_provider() }); end -local global_admins_config = config.get("*", "admins"); -if type(global_admins_config) ~= "table" then - global_admins_config = nil; -- TODO: factor out moduleapi magic config handling and use it here -end -local global_admins = set.new(global_admins_config) / jid_prep; - -local admin_role = { ["prosody:admin"] = true }; -local global_authz_provider = { +local fallback_authz_provider = { get_user_roles = function (user) end; --luacheck: ignore 212/user - get_jids_with_role = function (role) - if role ~= "prosody:admin" then return {}; end - return it.to_array(global_admins); - end; + get_jids_with_role = function (role) end; --luacheck: ignore 212 set_user_roles = function (user, roles) end; -- luacheck: ignore 212 set_jid_roles = function (jid, roles) end; -- luacheck: ignore 212 @@ -66,7 +54,7 @@ local function initialize_host(host) local authz_provider_name = config.get(host, "authorization") or "internal"; local authz_mod = modulemanager.load(host, "authz_"..authz_provider_name); - host_session.authz = authz_mod or global_authz_provider; + host_session.authz = authz_mod or fallback_authz_provider; if host_session.type ~= "local" then return; end @@ -155,20 +143,14 @@ local function get_user_roles(user, host) if host and not hosts[host] then return false; end if type(user) ~= "string" then return false; end - host = host or "*"; - - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; - return authz_provider.get_user_roles(user); + return hosts[host].authz.get_user_roles(user); end local function get_user_default_role(user, host) if host and not hosts[host] then return false; end if type(user) ~= "string" then return false; end - host = host or "*"; - - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; - return authz_provider.get_user_default_role(user); + return hosts[host].authz.get_user_default_role(user); end -- Accepts a set of role names which the user is allowed to assume @@ -176,10 +158,7 @@ local function set_user_roles(user, host, roles) if host and not hosts[host] then return false; end if type(user) ~= "string" then return false; end - host = host or "*"; - - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; - local ok, err = authz_provider.set_user_roles(user, roles); + local ok, err = hosts[host].authz.set_user_roles(user, roles); if ok then prosody.events.fire_event("user-roles-changed", { username = user, host = host @@ -189,50 +168,37 @@ local function set_user_roles(user, host, roles) end local function get_jid_role(jid, host) - host = host or "*"; - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; local jid_node, jid_host = jid_split(jid); if host == jid_host and jid_node then - return authz_provider.get_user_default_role(jid_node); + return hosts[host].authz.get_user_default_role(jid_node); end - return authz_provider.get_jid_role(jid); + return hosts[host].authz.get_jid_role(jid); end local function set_jid_role(jid, host, role_name) - host = host or "*"; - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; local _, jid_host = jid_split(jid); if host == jid_host then return nil, "unexpected-local-jid"; end - return authz_provider.set_jid_role(jid, role_name) + return hosts[host].authz.set_jid_role(jid, role_name) end local function get_users_with_role(role, host) if not hosts[host] then return false; end if type(role) ~= "string" then return false; end - return hosts[host].authz.get_users_with_role(role); end local function get_jids_with_role(role, host) if host and not hosts[host] then return false; end if type(role) ~= "string" then return false; end - - host = host or "*"; - - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; - return authz_provider.get_jids_with_role(role); + return hosts[host].authz.get_jids_with_role(role); end local function get_role_by_name(role_name, host) if host and not hosts[host] then return false; end if type(role_name) ~= "string" then return false; end - - host = host or "*"; - - local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider; - return authz_provider.get_role_by_name(role_name); + return hosts[host].authz.get_role_by_name(role_name); end return { -- cgit v1.2.3