78 local data = payload.tags[1]; |
78 local data = payload.tags[1]; |
79 proto = data and legacy_storage_nodes[data.attr.xmlns] or "legacy-storage"; |
79 proto = data and legacy_storage_nodes[data.attr.xmlns] or "legacy-storage"; |
80 elseif proto == "carbons" then |
80 elseif proto == "carbons" then |
81 -- This allows access to live messages |
81 -- This allows access to live messages |
82 proto, action = "messages", "read"; |
82 proto, action = "messages", "read"; |
|
83 elseif proto == "history" then |
|
84 action = "read"; |
83 end |
85 end |
84 local permission_name = "xmpp:account:"..(proto and (proto..":") or "")..action; |
86 local permission_name = "xmpp:account:"..(proto and (proto..":") or "")..action; |
85 if not module:may(permission_name, event) then |
87 if not module:may(permission_name, event) then |
86 module:log("warn", "Access denied: %s ({%s}%s) for %s", permission_name, ns, payload.name, origin.full_jid or origin.id); |
88 module:log("warn", "Access denied: %s ({%s}%s) for %s", permission_name, ns, payload.name, origin.full_jid or origin.id); |
87 origin.send(st.error_reply(stanza, "auth", "forbidden", "You do not have permission to make this request ("..permission_name..")")); |
89 origin.send(st.error_reply(stanza, "auth", "forbidden", "You do not have permission to make this request ("..permission_name..")")); |