From 95e4d426911ba6dc909a0caf5ddad27d2f8cfb85 Mon Sep 17 00:00:00 2001 From: Florian Zeitz Date: Thu, 2 Jun 2011 21:56:24 +0200 Subject: mod_adhoc: Add support for commands only executable by global administrators --- plugins/adhoc/mod_adhoc.lua | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'plugins/adhoc') diff --git a/plugins/adhoc/mod_adhoc.lua b/plugins/adhoc/mod_adhoc.lua index 20c0f2be..6d826338 100644 --- a/plugins/adhoc/mod_adhoc.lua +++ b/plugins/adhoc/mod_adhoc.lua @@ -1,5 +1,5 @@ -- Copyright (C) 2009 Thilo Cestonaro --- Copyright (C) 2009-2010 Florian Zeitz +-- Copyright (C) 2009-2011 Florian Zeitz -- -- This file is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. @@ -51,12 +51,14 @@ module:hook("iq/host/"..xmlns_disco.."#items:query", function (event) local origin, stanza = event.origin, event.stanza; if stanza.attr.type == "get" and stanza.tags[1].attr.node and stanza.tags[1].attr.node == xmlns_cmd then - local privileged = is_admin(stanza.attr.from, stanza.attr.to); + local admin = is_admin(stanza.attr.from, stanza.attr.to); + local global_admin = is_admin(stanza.attr.from); reply = st.reply(stanza); reply:tag("query", { xmlns = xmlns_disco.."#items", node = xmlns_cmd }); for node, command in pairs(commands) do - if (command.permission == "admin" and privileged) + if (command.permission == "admin" and admin) + or (command.permission == "global_admin" and global_admin) or (command.permission == "user") then reply:tag("item", { name = command.name, node = node, jid = module:get_host() }); @@ -73,9 +75,10 @@ module:hook("iq/host/"..xmlns_cmd..":command", function (event) if stanza.attr.type == "set" then local node = stanza.tags[1].attr.node if commands[node] then - local privileged = is_admin(stanza.attr.from, stanza.attr.to); - if commands[node].permission == "admin" - and not privileged then + local admin = is_admin(stanza.attr.from, stanza.attr.to); + local global_admin = is_admin(stanza.attr.from); + if (commands[node].permission == "admin" and not admin) + or (commands[node].permission == "global_admin" and not global_admin) then origin.send(st.error_reply(stanza, "auth", "forbidden", "You don't have permission to execute this command"):up() :add_child(commands[node]:cmdtag("canceled") :tag("note", {type="error"}):text("You don't have permission to execute this command"))); -- cgit v1.2.3