Mercurial Mercurial > prosody > prosody-modules / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_restrict_xmpp/README.markdown
author Ben Smith <bens@effortlessis.com>
Tue, 14 May 2024 07:31:34 -0700
changeset 5912 dcea4b4c415d
parent 5772 62654f523c6a
permissions -rw-r--r--
Tweaking documentation to clarify that Oauth2 can be used for VirtualHosts and Component installations.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5013
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     1
 
---
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     2
 
labels:
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     3
 
- Stage-Alpha
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     4
 
summary: XMPP-layer access control for Prosody
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     5
 
---
459a4001c1d9 mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset 
     6
 












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     7


Introduction












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     8


============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




     9














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    10


This module enforces access policies using Prosody's new [roles and












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    11


permissions framework](https://prosody.im/doc/developers/permissions). It can












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    12


be used to grant restricted access to an XMPP account or services.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    13














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    14


This module is still in its early stages, and prone to change. Feedback from












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    15


testers is welcome. At this early stage, it should not be solely relied upon












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    16


for account security purposes.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    17














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    18


Configuration












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    19


=============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    20














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    21


There is no configuration, apart from Prosody's normal roles and permissions












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    22


configuration.












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    23














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    24


Permissions












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    25


===========












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    26














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    27


`xmpp:federate`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    28


:   Communicate with other users and services on other hosts on the XMPP












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    29


    network












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    30









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    31


`xmpp:account:messages:read`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    32


:   Read incoming messages












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    33









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    34


`xmpp:account:messages:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    35


:   Send outgoing messages












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    36









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    37


`xmpp:account:presence:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    38


:   Update presence for the account












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    39









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    40


`xmpp:account:contacts:read`/`xmpp:account:contacts:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    41


:   Controls access to the contact list (roster)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    42









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    43


`xmpp:account:bookmarks:read`/`xmpp:account:bookmarks:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    44


:   Controls access to the bookmarks (group chats list)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    45









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    46


`xmpp:account:profile:read`/`xmpp:account:profile:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    47


:   Controls access to the user's profile (e.g. vCard/avatar)












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    48









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    49


`xmpp:account:omemo:read`/`xmpp:account:omemo:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    50


:   Controls access to the user's OMEMO data












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    51









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    52


`xmpp:account:blocklist:read`/`xmpp:account:blocklist:write`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    53


:   Controls access to the user's block list












62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    54









5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    55


`xmpp:account:disco:read`







5772






62654f523c6a
mod_restrict_xmpp/README: Fix definition list rendering



Kim Alvefur <zash@zash.se>


parents: 
5013

diff
changeset




    56


:   Controls access to the user's service discovery information







5013






459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    57














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    58


Compatibility












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    59


=============












459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    60














459a4001c1d9
mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API



Matthew Wild <mwild1@gmail.com>


parents: 

diff
changeset




    61


Requires Prosody trunk 72f431b4dc2c (build 1444) or later.














prosody-modules