1 local jid = require "util.jid"; |
1 local jid = require "util.jid"; |
2 local jid_bare, jid_split = jid.bare, jid.split; |
2 local jid_bare, jid_host = jid.bare, jid.host; |
3 local is_admin = require "core.usermanager".is_admin; |
|
4 local set = require "util.set"; |
3 local set = require "util.set"; |
5 local st = require "util.stanza"; |
4 local st = require "util.stanza"; |
6 |
5 |
7 local stanza_types = set.new{"message", "presence", "iq"}; |
6 local stanza_types = set.new{"message", "presence", "iq"}; |
8 local jid_types = set.new{"bare", "full", "host"}; |
7 local jid_types = set.new{"bare", "full", "host"}; |
9 |
8 |
10 local except_domains = module:get_option_inherited_set("isolate_except_domains", {}); |
9 local except_domains = module:get_option_inherited_set("isolate_except_domains", {}); |
11 local except_users = module:get_option_inherited_set("isolate_except_users", {}); |
10 local except_users = module:get_option_inherited_set("isolate_except_users", {}); |
12 |
11 |
|
12 if not module.may then |
|
13 module:depends("compat_roles"); |
|
14 end |
|
15 |
13 function check_stanza(event) |
16 function check_stanza(event) |
14 local origin, stanza = event.origin, event.stanza; |
17 local origin, stanza = event.origin, event.stanza; |
15 if origin.no_host_isolation then return; end |
18 if origin.no_host_isolation then return; end |
16 local to_user, to_host = jid_split(event.stanza.attr.to); |
19 local to_host = jid_host(event.stanza.attr.to); |
17 if to_host and to_host ~= origin.host and not except_domains:contains(to_host) then |
20 if to_host and to_host ~= origin.host and not except_domains:contains(to_host) then |
18 if to_host:match("^[^.]+%.(.+)$") == origin.host then -- Permit subdomains |
21 if to_host:match("^[^.]+%.(.+)$") == origin.host then -- Permit subdomains |
19 except_domains:add(to_host); |
22 except_domains:add(to_host); |
20 return; |
23 return; |
21 end |
24 end |
29 for jid_type in jid_types do |
32 for jid_type in jid_types do |
30 module:hook("pre-"..stanza_type.."/"..jid_type, check_stanza, 1); |
33 module:hook("pre-"..stanza_type.."/"..jid_type, check_stanza, 1); |
31 end |
34 end |
32 end |
35 end |
33 |
36 |
|
37 module:default_permission("prosody:admin", "xmpp:federate"); |
|
38 |
34 function check_user_isolated(event) |
39 function check_user_isolated(event) |
35 local session = event.session; |
40 local session = event.session; |
36 local bare_jid = jid_bare(session.full_jid); |
41 local bare_jid = jid_bare(session.full_jid); |
37 if is_admin(bare_jid, module.host) or except_users:contains(bare_jid) then |
42 if module:may("xmpp:federate") or except_users:contains(bare_jid) then |
38 session.no_host_isolation = true; |
43 session.no_host_isolation = true; |
39 end |
44 end |
40 module:log("debug", "%s is %sisolated", session.full_jid or "[?]", session.no_host_isolation and "" or "not "); |
45 module:log("debug", "%s is %sisolated", session.full_jid or "[?]", session.no_host_isolation and "" or "not "); |
41 end |
46 end |
42 |
47 |