Mercurial Mercurial > prosody > prosody-modules / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_restrict_xmpp/README.markdown
author Kim Alvefur <zash@zash.se>
Sun, 03 Mar 2024 11:23:40 +0100
changeset 5857 97c9b76867ca
parent 5772 62654f523c6a
permissions -rw-r--r--
mod_log_ringbuffer: Detach event handlers on logging reload (thanks Menel) Otherwise the global event handlers accumulate, one added each time logging is reoladed, and each invocation of the signal or event triggers one dump of each created ringbuffer.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5013
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     1
 
---
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     2
 
labels:
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     3
 
- Stage-Alpha
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     4
 
summary: XMPP-layer access control for Prosody
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     5
 
---
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     6
 












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     7


Introduction












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     8


============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     9














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    10


This module enforces access policies using Prosody's new [roles and












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    11


permissions framework](https://prosody.im/doc/developers/permissions). It can












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    12


be used to grant restricted access to an XMPP account or services.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    13














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    14


This module is still in its early stages, and prone to change. Feedback from












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    15


testers is welcome. At this early stage, it should not be solely relied upon












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    16


for account security purposes.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    17














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    18


Configuration












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    19


=============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    20














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    21


There is no configuration, apart from Prosody's normal roles and permissions












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    22


configuration.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    23














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    24


Permissions












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    25


===========












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    26














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    27


`xmpp:federate`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    28


:   Communicate with other users and services on other hosts on the XMPP












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    29


    network












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    30









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    31


`xmpp:account:messages:read`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    32


:   Read incoming messages












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    33









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    34


`xmpp:account:messages:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    35


:   Send outgoing messages












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    36









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    37


`xmpp:account:presence:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    38


:   Update presence for the account












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    39









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    40


`xmpp:account:contacts:read`/`xmpp:account:contacts:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    41


:   Controls access to the contact list (roster)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    42









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    43


`xmpp:account:bookmarks:read`/`xmpp:account:bookmarks:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    44


:   Controls access to the bookmarks (group chats list)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    45









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    46


`xmpp:account:profile:read`/`xmpp:account:profile:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    47


:   Controls access to the user's profile (e.g. vCard/avatar)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    48









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    49


`xmpp:account:omemo:read`/`xmpp:account:omemo:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    50


:   Controls access to the user's OMEMO data












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    51









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    52


`xmpp:account:blocklist:read`/`xmpp:account:blocklist:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    53


:   Controls access to the user's block list












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    54









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    55


`xmpp:account:disco:read`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    56


:   Controls access to the user's service discovery information







5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    57














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    58


Compatibility












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    59


=============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    60














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    61


Requires Prosody trunk 72f431b4dc2c (build 1444) or later.














prosody-modules