Mercurial Mercurial > prosody > prosody-modules / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_privilege/mod_privilege.lua
changeset 4998 cce12a660b98
parent 4941 3ddab718f717
child 5877 a88c43de648c
equal deleted inserted replaced
4997:f36d15107c15 4998:cce12a660b98 
   391     if session_privileges and session_privileges.message=="outgoing" then
 
   391     if session_privileges and session_privileges.message=="outgoing" then
 
   392         if #privilege_elt.tags==1 and privilege_elt.tags[1].name == "forwarded"
 
   392         if #privilege_elt.tags==1 and privilege_elt.tags[1].name == "forwarded"
 
   393             and privilege_elt.tags[1].attr.xmlns==_FORWARDED_NS then
 
   393             and privilege_elt.tags[1].attr.xmlns==_FORWARDED_NS then
 
   394             local message_elt = privilege_elt.tags[1]:get_child('message', 'jabber:client')
 
   394             local message_elt = privilege_elt.tags[1]:get_child('message', 'jabber:client')
 
   395             if message_elt ~= nil then
 
   395             if message_elt ~= nil then
 
   396                 local _, from_host, from_resource = jid.split(message_elt.attr.from)
 
   396                 local username, from_host, from_resource = jid.split(message_elt.attr.from)
 
   397                 if from_resource == nil and hosts[from_host] then -- we only accept bare jids from one of the server hosts
 
   397                 if from_resource == nil and hosts[from_host] then -- we only accept bare jids from one of the server hosts
 
   398                     clean_xmlns(message_elt);  -- needed do to proper routing
 
   398                     clean_xmlns(message_elt);  -- needed do to proper routing
 
       
   399                     local session = {
 
       
   400                         username = username;
 
       
   401                         host = from_host;
 
       
   402                         type = "c2s";
 
       
   403                         log = module._log;
 
       
   404                     }
 
   399                     -- at this point everything should be alright, we can send the message
 
   405                     -- at this point everything should be alright, we can send the message
 
   400                     prosody.core_route_stanza(nil, message_elt)
 
   406                     prosody.core_post_stanza(session, message_elt, true)
 
   401                 else -- trying to send a message from a forbidden entity
 
   407                 else -- trying to send a message from a forbidden entity
 
   402                     module:log("warn", "Entity "..tostring(session.full_jid).." try to send a message from "..tostring(message_elt.attr.from))
 
   408                     module:log("warn", "Entity "..tostring(session.full_jid).." try to send a message from "..tostring(message_elt.attr.from))
 
   403                     session.send(st.error_reply(stanza, 'auth', 'forbidden'))
 
   409                     session.send(st.error_reply(stanza, 'auth', 'forbidden'))
 
   404                 end
 
   410                 end
 
   405             else -- incorrect message child
 
   411             else -- incorrect message child
 
   616         return true
 
   622         return true
 
   617     end
 
   623     end
 
   618 
   624 
   619     wrapped_iq.attr.from = stanza.attr.to
 
   625     wrapped_iq.attr.from = stanza.attr.to
 
   620 
   626 
   621     if wrapped_iq.attr.to == nil then
 
       
   622         session.send(
 
       
   623             st.error_reply(
 
       
   624                 stanza,
 
       
   625                 "auth",
 
       
   626                 "forbidden",
 
       
   627                 'wrapped <IQ> "to" attribute is missing'
 
       
   628             )
 
       
   629         )
 
       
   630         return true
 
       
   631     end
 
       
   632 
   627 
   633     if wrapped_iq.attr.type ~= iq_type then
 
   628     if wrapped_iq.attr.type ~= iq_type then
 
   634         session.send(
 
   629         session.send(
 
   635             st.error_reply(
 
   630             st.error_reply(
 
   636                 stanza,
 
   631                 stanza,
 
   653         )
 
   648         )
 
   654         return true
 
   649         return true
 
   655     end
 
   650     end
 
   656 
   651 
   657     -- at this point, wrapped_iq is considered valid, and privileged entity is allowed to send it
 
   652     -- at this point, wrapped_iq is considered valid, and privileged entity is allowed to send it
 
   658 
   653     local username, from_host, _ = jid.split(wrapped_iq.attr.from)
 
   659     module:send_iq(wrapped_iq)
 
   654     local newsession = {
 
       
   655         username = username;
 
       
   656         host = from_host;
 
       
   657 	    full_jid = stanza.attr.to;
 
       
   658         type = "c2s";
 
       
   659         log = module._log;
 
       
   660     }
 
       
   661 
       
   662     module:send_iq(wrapped_iq,newsession)
 
   660         :next(function (response)
 
   663         :next(function (response)
 
   661             local reply = st.reply(stanza);
 
   664             local reply = st.reply(stanza);
 
   662             response.stanza.attr.xmlns = 'jabber:client'
 
   665             response.stanza.attr.xmlns = 'jabber:client'
 
   663             reply:tag("privilege", {xmlns = _PRIV_ENT_NS})
 
   666             reply:tag("privilege", {xmlns = _PRIV_ENT_NS})
 
   664             :tag("forwarded", {xmlns = _FORWARDED_NS})
 
   667             :tag("forwarded", {xmlns = _FORWARDED_NS})
prosody-modules