prosody-modules: mod_muc_restrict_rooms/mod_muc_restrict

1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	1	local st = require "util.stanza";
1617 ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	2	local jid = require "util.jid";
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	3	local nodeprep = require "util.encodings".stringprep.nodeprep;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	4
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	5	local rooms = module:shared "muc/rooms";
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	6	if not rooms then
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	7	module:log("error", "This module only works on MUC components!");
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	8	return;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	9	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	10
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	11	local restrict_patterns = module:get_option("muc_restrict_matching", {});
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	12	local restrict_excepts = module:get_option_set("muc_restrict_exceptions", {});
1617 ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	13	local restrict_allow_admins = module:get_option_boolean("muc_restrict_allow_admins", false);
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	14
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	15	local function is_restricted(room, who)
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	16	-- If admins can join prohibited rooms, we allow them to
1617 ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	17	if restrict_allow_admins and usermanager.is_admin(who, module.host) then
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	18	module:log("debug", "Admins are allowed to enter restricted rooms (%s on %s)", who, room)
1617 ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	19	return nil;
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	20	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	21
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	22	-- Don't evaluate exceptions
1617 ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	23	if restrict_excepts:contains(room) then
ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	24	module:log("debug", "Room %s is amongst restriction exceptions", room())
ca04f75958f7 mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more Nicolás Kovac <nkneumann(at)gmail.com> parents: 1616 diff changeset	25	return nil;
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	26	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	27
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	28	-- Evaluate regexps of restricted patterns
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	29	for pattern,reason in pairs(restrict_patterns) do
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	30	if room:match(pattern) then
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	31	module:log("debug", "Room %s is restricted by pattern %s, user %s is not allowed to join (%s)", room, pattern, who, reason)
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	32	return reason;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	33	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	34	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	35
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	36	return nil
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	37	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	38
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	39	module:hook("presence/full", function(event)
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	40	local stanza = event.stanza;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	41
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	42	if stanza.name == "presence" and stanza.attr.type == "unavailable" then -- Leaving events get discarded
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	43	return;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	44	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	45
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	46	-- Get the room
1618 79adec50b24d mod_muc_restrict_rooms: Fixed the way of getting room and user Nicolás Kovac <nkneumann(at)gmail.com> parents: 1617 diff changeset	47	local room = jid.split(stanza.attr.to);
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	48	if not room then return; end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	49
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	50	-- Get who has tried to join it
1618 79adec50b24d mod_muc_restrict_rooms: Fixed the way of getting room and user Nicolás Kovac <nkneumann(at)gmail.com> parents: 1617 diff changeset	51	local who = jid.bare(stanza.attr.from)
1616 247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	52
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	53	-- Checking whether room is restricted
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	54	local check_restricted = is_restricted(room, who)
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	55	if check_restricted ~= nil then
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	56	event.allowed = false;
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	57	event.stanza.attr.type = 'error';
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	58	return event.origin.send(st.error_reply(event.stanza, "cancel", "forbidden", "You're not allowed to enter this room: " .. check_restricted));
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	59	end
247e6e43843e Adding new mod_muc_restrict_rooms module Nicolás Kovac <nkneumann(at)gmail.com> parents: diff changeset	60	end, 10);

author	Matthew Wild <mwild1@gmail.com>
	Sat, 24 Sep 2022 09:26:26 +0100
changeset 5063	5f1120c284c5
parent 1618	79adec50b24d
permissions	-rw-r--r--