1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
|
-- Prosody IM
-- Copyright (C) 2008-2012 Matthew Wild
-- Copyright (C) 2008-2012 Waqas Hussain
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
local array = require "prosody.util.array";
local set = require "prosody.util.set";
local it = require "prosody.util.iterators";
local logger = require "prosody.util.logger";
local timer = require "prosody.util.timer";
local resolve_relative_path = require"prosody.util.paths".resolve_relative_path;
local st = require "prosody.util.stanza";
local cache = require "prosody.util.cache";
local errors = require "prosody.util.error";
local promise = require "prosody.util.promise";
local time_now = require "prosody.util.time".now;
local format = require "prosody.util.format".format;
local jid_node = require "prosody.util.jid".node;
local jid_split = require "prosody.util.jid".split;
local jid_resource = require "prosody.util.jid".resource;
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
local error, setmetatable, type = error, setmetatable, type;
local ipairs, pairs, select = ipairs, pairs, select;
local tonumber, tostring = tonumber, tostring;
local require = require;
local pack = table.pack;
local unpack = table.unpack;
local prosody = prosody;
local hosts = prosody.hosts;
-- FIXME: This assert() is to try and catch an obscure bug (2013-04-05)
local core_post_stanza = assert(prosody.core_post_stanza,
"prosody.core_post_stanza is nil, please report this as a bug");
-- Registry of shared module data
local shared_data = setmetatable({}, { __mode = "v" });
local NULL = {};
local api = {};
-- Returns the name of the current module
function api:get_name()
return self.name;
end
-- Returns the host that the current module is serving
function api:get_host()
return self.host;
end
function api:get_host_type()
return (self.host == "*" and "global") or hosts[self.host].type or "local";
end
function api:set_global()
self.host = "*";
-- Update the logger
local _log = logger.init("mod_"..self.name);
self.log = function (self, ...) return _log(...); end; --luacheck: ignore self
self._log = _log;
self.global = true;
end
function api:add_feature(xmlns)
self:add_item("feature", xmlns);
end
function api:add_identity(category, identity_type, name)
self:add_item("identity", {category = category, type = identity_type, name = name});
end
function api:add_extension(data)
self:add_item("extension", data);
end
function api:fire_event(...)
return (hosts[self.host] or prosody).events.fire_event(...);
end
function api:hook_object_event(object, event, handler, priority)
self.event_handlers:set(object, event, handler, true);
return object.add_handler(event, handler, priority);
end
function api:unhook_object_event(object, event, handler)
self.event_handlers:set(object, event, handler, nil);
return object.remove_handler(event, handler);
end
function api:hook(event, handler, priority)
return self:hook_object_event((hosts[self.host] or prosody).events, event, handler, priority);
end
function api:hook_global(event, handler, priority)
return self:hook_object_event(prosody.events, event, handler, priority);
end
function api:hook_tag(xmlns, name, handler, priority)
if not handler and type(name) == "function" then
-- If only 2 options then they specified no xmlns
xmlns, name, handler, priority = nil, xmlns, name, handler;
elseif not (handler and name) then
self:log("warn", "Error: Insufficient parameters to module:hook_tag()");
return;
end
return self:hook("stanza/"..(xmlns and (xmlns..":") or "")..name,
function (data) return handler(data.origin, data.stanza, data); end, priority);
end
api.hook_stanza = api.hook_tag; -- COMPAT w/pre-0.9
function api:unhook(event, handler)
return self:unhook_object_event((hosts[self.host] or prosody).events, event, handler);
end
function api:wrap_object_event(events_object, event, handler)
return self:hook_object_event(assert(events_object.wrappers, "no wrappers"), event, handler);
end
function api:wrap_event(event, handler)
return self:wrap_object_event((hosts[self.host] or prosody).events, event, handler);
end
function api:wrap_global(event, handler)
return self:hook_object_event(prosody.events, event, handler);
end
function api:require(lib)
local modulemanager = require"prosody.core.modulemanager";
local f, n = modulemanager.loader:load_code_ext(self.name, lib, "lib.lua", self.environment);
if not f then error("Failed to load plugin library '"..lib.."', error: "..n); end -- FIXME better error message
return f();
end
function api:depends(name)
local modulemanager = require"prosody.core.modulemanager";
if self:get_option_inherited_set("modules_disabled", {}):contains(name) then
error("Dependency on disabled module mod_"..name);
end
if not self.dependencies then
self.dependencies = {};
self:hook("module-reloaded", function (event)
if self.dependencies[event.module] and not self.reloading then
self:log("info", "Auto-reloading due to reload of %s:%s", event.host, event.module);
modulemanager.reload(self.host, self.name);
return;
end
end);
self:hook("module-unloaded", function (event)
if self.dependencies[event.module] then
self:log("info", "Auto-unloading due to unload of %s:%s", event.host, event.module);
modulemanager.unload(self.host, self.name);
end
end);
end
local mod = modulemanager.get_module(self.host, name) or modulemanager.get_module("*", name);
if mod and mod.module.host == "*" and self.host ~= "*"
and modulemanager.module_has_method(mod, "add_host") then
mod = nil; -- Target is a shared module, so we still want to load it on our host
end
if not mod then
local err;
mod, err = modulemanager.load(self.host, name);
if not mod then
return error(("Unable to load required module, mod_%s: %s"):format(name, ((err or "unknown error"):gsub("%-", " ")) ));
end
end
self.dependencies[name] = true;
if not mod.module.reverse_dependencies then
mod.module.reverse_dependencies = {};
end
mod.module.reverse_dependencies[self.name] = true;
return mod;
end
local function get_shared_table_from_path(module, tables, path)
if path:sub(1,1) ~= "/" then -- Prepend default components
local default_path_components = { module.host, module.name };
local n_components = select(2, path:gsub("/", "%1"));
path = (n_components<#default_path_components and "/" or "")
..t_concat(default_path_components, "/", 1, #default_path_components-n_components).."/"..path;
end
local shared = tables[path];
if not shared then
shared = {};
if path:match("%-cache$") then
setmetatable(shared, { __mode = "kv" });
end
tables[path] = shared;
end
return shared;
end
-- Returns a shared table at the specified virtual path
-- Intentionally does not allow the table to be _set_, it
-- is auto-created if it does not exist.
function api:shared(path)
if not self.shared_data then self.shared_data = {}; end
local shared = get_shared_table_from_path(self, shared_data, path);
self.shared_data[path] = shared;
return shared;
end
function api:get_option(name, default_value)
local config = require "prosody.core.configmanager";
local value = config.get(self.host, name);
if value == nil then
value = default_value;
end
return value;
end
function api:get_option_scalar(name, default_value)
local value = self:get_option(name, default_value);
if type(value) == "table" then
if #value > 1 then
self:log("error", "Config option '%s' does not take a list, using just the first item", name);
end
value = value[1];
end
return value;
end
function api:get_option_string(name, default_value)
local value = self:get_option_scalar(name, default_value);
if value == nil then
return nil;
end
return tostring(value);
end
function api:get_option_number(name, ...)
local value = self:get_option_scalar(name, ...);
local ret = tonumber(value);
if value ~= nil and ret == nil then
self:log("error", "Config option '%s' not understood, expecting a number", name);
end
return ret;
end
function api:get_option_boolean(name, ...)
local value = self:get_option_scalar(name, ...);
if value == nil then
return nil;
end
local ret = value == true or value == "true" or value == 1 or nil;
if ret == nil then
ret = (value == false or value == "false" or value == 0);
if ret then
ret = false;
else
ret = nil;
end
end
if ret == nil then
self:log("error", "Config option '%s' not understood, expecting true/false", name);
end
return ret;
end
function api:get_option_array(name, ...)
local value = self:get_option(name, ...);
if value == nil then
return nil;
end
if type(value) ~= "table" then
return array{ value }; -- Assume any non-list is a single-item list
end
return array():append(value); -- Clone
end
function api:get_option_set(name, ...)
local value = self:get_option_array(name, ...);
if value == nil then
return nil;
end
return set.new(value);
end
function api:get_option_inherited_set(name, ...)
local value = self:get_option_set(name, ...);
local global_value = self:context("*"):get_option_set(name, ...);
if not value then
return global_value;
elseif not global_value then
return value;
end
value:include(global_value);
return value;
end
function api:get_option_path(name, default, parent)
if parent == nil then
parent = self:get_directory();
elseif prosody.paths[parent] then
parent = prosody.paths[parent];
end
local value = self:get_option_string(name, default);
if value == nil then
return nil;
end
return resolve_relative_path(parent, value);
end
function api:context(host)
return setmetatable({ host = host or "*", global = "*" == host }, { __index = self, __newindex = self });
end
function api:add_item(key, value)
self.items = self.items or {};
self.items[key] = self.items[key] or {};
t_insert(self.items[key], value);
self:fire_event("item-added/"..key, {source = self, item = value});
end
function api:remove_item(key, value)
local t = self.items and self.items[key] or NULL;
for i = #t,1,-1 do
if t[i] == value then
t_remove(self.items[key], i);
self:fire_event("item-removed/"..key, {source = self, item = value});
return value;
end
end
end
function api:get_host_items(key)
local modulemanager = require"prosody.core.modulemanager";
local result = modulemanager.get_items(key, self.host) or {};
return result;
end
function api:handle_items(item_type, added_cb, removed_cb, existing)
self:hook("item-added/"..item_type, added_cb);
self:hook("item-removed/"..item_type, removed_cb);
if existing ~= false then
for _, item in ipairs(self:get_host_items(item_type)) do
added_cb({ item = item });
end
end
end
function api:provides(name, item)
-- if not item then item = setmetatable({}, { __index = function(t,k) return rawget(self.environment, k); end }); end
if not item then
item = {}
for k,v in pairs(self.environment) do
if k ~= "module" then item[k] = v; end
end
end
if not item.name then
local item_name = self.name;
-- Strip a provider prefix to find the item name
-- (e.g. "auth_foo" -> "foo" for an auth provider)
if item_name:find((name:gsub("%-", "_")).."_", 1, true) == 1 then
item_name = item_name:sub(#name+2);
end
item.name = item_name;
end
item._provided_by = self.name;
self:add_item(name.."-provider", item);
end
function api:send(stanza, origin)
return core_post_stanza(origin or hosts[self.host], stanza);
end
function api:send_iq(stanza, origin, timeout)
local iq_cache = self._iq_cache;
if not iq_cache then
iq_cache = cache.new(256, function (_, iq)
iq.reject(errors.new({
type = "wait", condition = "resource-constraint",
text = "evicted from iq tracking cache"
}));
end);
self._iq_cache = iq_cache;
end
local event_type;
if not jid_node(stanza.attr.from) then
event_type = "host";
elseif jid_resource(stanza.attr.from) then
event_type = "full";
else -- assume bare since we can't hook full jids
event_type = "bare";
end
local result_event = "iq-result/"..event_type.."/"..stanza.attr.id;
local error_event = "iq-error/"..event_type.."/"..stanza.attr.id;
local cache_key = event_type.."/"..stanza.attr.id;
if event_type == "full" then
result_event = "iq/" .. event_type;
error_event = "iq/" .. event_type;
end
local p = promise.new(function (resolve, reject)
local function result_handler(event)
local response = event.stanza;
if response.attr.type == "result" and response.attr.from == stanza.attr.to and response.attr.id == stanza.attr.id then
resolve(event);
return true;
end
end
local function error_handler(event)
local response = event.stanza;
if response.attr.type == "error" and response.attr.from == stanza.attr.to and response.attr.id == stanza.attr.id then
reject(errors.from_stanza(event.stanza, event));
return true;
end
end
if iq_cache:get(cache_key) then
reject(errors.new({
type = "modify", condition = "conflict",
text = "IQ stanza id attribute already used",
}));
return;
end
self:hook(result_event, result_handler, 1);
self:hook(error_event, error_handler, 1);
local timeout_handle = self:add_timer(timeout or 120, function ()
reject(errors.new({
type = "wait", condition = "remote-server-timeout",
text = "IQ stanza timed out",
}));
end);
local ok = iq_cache:set(cache_key, {
reject = reject, resolve = resolve,
timeout_handle = timeout_handle,
result_handler = result_handler, error_handler = error_handler;
});
if not ok then
reject(errors.new({
type = "wait", condition = "internal-server-error",
text = "Could not store IQ tracking data"
}));
return;
end
local wrapped_origin = setmetatable({
-- XXX Needed in some cases for replies to work correctly when sending queries internally.
send = function (reply)
if reply.name == stanza.name and reply.attr.id == stanza.attr.id then
resolve({ stanza = reply });
end
return (origin or hosts[self.host]).send(reply)
end;
}, {
__index = origin or hosts[self.host];
});
self:send(stanza, wrapped_origin);
end);
p:finally(function ()
local iq = iq_cache:get(cache_key);
if iq then
self:unhook(result_event, iq.result_handler);
self:unhook(error_event, iq.error_handler);
iq.timeout_handle:stop();
iq_cache:set(cache_key, nil);
end
end);
return p;
end
function api:broadcast(jids, stanza, iter)
for jid in (iter or it.values)(jids) do
local new_stanza = st.clone(stanza);
new_stanza.attr.to = jid;
self:send(new_stanza);
end
end
local timer_methods = { }
local timer_mt = {
__index = timer_methods;
}
function timer_methods:stop( )
timer.stop(self.id);
end
timer_methods.disarm = timer_methods.stop
function timer_methods:reschedule(delay)
timer.reschedule(self.id, delay)
end
local function timer_callback(now, id, t) --luacheck: ignore 212/id
if t.module_env.loaded == false then return; end
return t.callback(now, unpack(t, 1, t.n));
end
function api:add_timer(delay, callback, ...)
local t = pack(...)
t.module_env = self;
t.callback = callback;
t.id = timer.add_task(delay, timer_callback, t);
return setmetatable(t, timer_mt);
end
function api:cron(task_spec)
self:depends("cron");
self:add_item("task", task_spec);
end
function api:hourly(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "hourly"; run = fun });
end
function api:daily(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "daily"; run = fun });
end
function api:weekly(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "weekly"; run = fun });
end
local path_sep = package.config:sub(1,1);
function api:get_directory()
return self.resource_path or self.path and (self.path:gsub("%"..path_sep.."[^"..path_sep.."]*$", "")) or nil;
end
function api:load_resource(path, mode)
path = resolve_relative_path(self:get_directory(), path);
return io.open(path, mode);
end
function api:open_store(name, store_type)
if self.host == "*" then return nil, "global-storage-not-supported"; end
return require"prosody.core.storagemanager".open(self.host, name or self.name, store_type);
end
function api:measure(name, stat_type, conf)
local measure = require "prosody.core.statsmanager".measure;
local fixed_label_key, fixed_label_value
if self.host ~= "*" then
fixed_label_key = "host"
fixed_label_value = self.host
end
-- new_legacy_metric takes care of scoping for us, as it does not accept
-- an array of labels
-- the prosody_ prefix is automatically added by statsmanager for legacy
-- metrics.
self:add_item("measure", { name = name, type = stat_type, conf = conf });
return measure(stat_type, "mod_"..self.name.."/"..name, conf, fixed_label_key, fixed_label_value)
end
function api:metric(type_, name, unit, description, label_keys, conf)
local metric = require "prosody.core.statsmanager".metric;
local is_scoped = self.host ~= "*"
if is_scoped then
-- prepend `host` label to label keys if this is not a global module
local orig_labels = label_keys
label_keys = array { "host" }
label_keys:append(orig_labels)
end
local mf = metric(type_, "prosody_mod_"..self.name.."/"..name, unit, description, label_keys, conf)
self:add_item("metric", { name = name, mf = mf });
if is_scoped then
-- make sure to scope the returned metric family to the current host
return mf:with_partial_label(self.host)
end
return mf
end
local status_priorities = { error = 3, warn = 2, info = 1, core = 0 };
function api:set_status(status_type, status_message, override)
local priority = status_priorities[status_type];
if not priority then
self:log("error", "set_status: Invalid status type '%s', assuming 'info'", status_type);
status_type, priority = "info", status_priorities.info;
end
local current_priority = status_priorities[self.status_type] or 0;
-- By default an 'error' status can only be overwritten by another 'error' status
if (current_priority >= status_priorities.error and priority < current_priority and override ~= true)
or (override == false and current_priority > priority) then
self:log("debug", "moduleapi: ignoring status [prio %d override %s]: %s", priority, override, status_message);
return;
end
self.status_type, self.status_message, self.status_time = status_type, status_message, time_now();
self:fire_event("module-status/updated", { name = self.name });
end
function api:log_status(level, msg, ...)
self:set_status(level, format(msg, ...));
return self:log(level, msg, ...);
end
function api:get_status()
return self.status_type, self.status_message, self.status_time;
end
function api:default_permission(role_name, permission)
permission = permission:gsub("^:", self.name..":");
if self.host == "*" then
for _, host in pairs(hosts) do
if host.authz then
host.authz.add_default_permission(role_name, permission);
end
end
return
end
hosts[self.host].authz.add_default_permission(role_name, permission);
end
function api:default_permissions(role_name, permissions)
for _, permission in ipairs(permissions) do
self:default_permission(role_name, permission);
end
end
function api:could(action, context)
return self:may(action, context, true);
end
function api:may(action, context, peek)
if action:byte(1) == 58 then -- action begins with ':'
action = self.name..action; -- prepend module name
end
if type(context) == "string" then -- check JID permissions
local role;
local node, host = jid_split(context);
if host == self.host then
role = hosts[host].authz.get_user_role(node);
else
role = hosts[self.host].authz.get_jid_role(context);
end
if not role then
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", context, action);
end
return false;
end
local permit = role:may(action);
if not permit then
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", context, action, role.name);
end
end
return permit;
end
local session = context.origin or context.session;
if type(session) ~= "table" then
error("Unable to identify actor session from context");
end
if session.type == "c2s" and session.host == self.host then
local role = session.role;
if not role then
if not peek then
self:log("warn", "Access denied: session %s has no role assigned");
end
return false;
end
local permit = role:may(action, context);
if not permit and not peek then
self:log("debug", "Access denied: session %s (%s) may not %s (not permitted by role %s)",
session.id, session.full_jid, action, role.name
);
end
return permit;
else
local actor_jid = context.stanza.attr.from;
local role = hosts[self.host].authz.get_jid_role(actor_jid);
if not role then
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);
end
return false;
end
local permit = role:may(action, context);
if not permit and not peek then
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", actor_jid, action, role.name);
end
return permit;
end
end
return api;
|