| author | Kim Alvefur <zash@zash.se> |
| Mon, 07 Mar 2022 00:35:29 +0100 | |
| changeset 12392 | 50fcd3879482 |
| parent 11749 | 3a2d58a39872 |
| child 12646 | 9061f9621330 |
| permissions | -rw-r--r-- |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
1 |
local array = require "util.array"; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
2 |
local it = require "util.iterators"; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
3 |
local set = require "util.set"; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
4 |
local jid_split = require "util.jid".split; |
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
local normalize = require "util.jid".prep; |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
6 |
local config_admin_jids = module:get_option_inherited_set("admins", {}) / normalize; |
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
local host = module.host; |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
local role_store = module:open_store("roles"); |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
9 |
local role_map_store = module:open_store("roles", "map"); |
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
|
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
local admin_role = { ["prosody:admin"] = true }; |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
function get_user_roles(user) |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
14 |
if config_admin_jids:contains(user.."@"..host) then |
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
return admin_role; |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
end |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
return role_store:get(user); |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
end |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
|
|
11476
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
20 |
function set_user_roles(user, roles) |
|
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
21 |
role_store:set(user, roles) |
|
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
22 |
return true; |
|
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
23 |
end |
|
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
24 |
|
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
25 |
function get_users_with_role(role) |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
26 |
local storage_role_users = it.to_array(it.keys(role_map_store:get_all(role) or {})); |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
27 |
if role == "prosody:admin" then |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
28 |
local config_admin_users = config_admin_jids / function (admin_jid) |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
29 |
local j_node, j_host = jid_split(admin_jid); |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
30 |
if j_host == host then |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
31 |
return j_node; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
32 |
end |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
33 |
end; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
34 |
return it.to_array(config_admin_users + set.new(storage_role_users)); |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
35 |
end |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
36 |
return storage_role_users; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
37 |
end |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
38 |
|
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 |
function get_jid_roles(jid) |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
40 |
if config_admin_jids:contains(jid) then |
|
10663
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 |
return admin_role; |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 |
end |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 |
return nil; |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
end |
|
8f95308c3c45
usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 |
|
|
11478
8fba807e5256
mod_authz_internal: Ignore unused argument for now [luachec]
Kim Alvefur <zash@zash.se>
parents:
11476
diff
changeset
|
46 |
function set_jid_roles(jid) -- luacheck: ignore 212 |
|
11476
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
47 |
return false; |
|
c32753ceb0f0
mod_authz_internal: add support for setting roles of a local user
Jonas Schäfer <jonas@wielicki.name>
parents:
10663
diff
changeset
|
48 |
end |
|
11749
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
49 |
|
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
50 |
function get_jids_with_role(role) |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
51 |
-- Fetch role users from storage |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
52 |
local storage_role_jids = array.map(get_users_with_role(role), function (username) |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
53 |
return username.."@"..host; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
54 |
end); |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
55 |
if role == "prosody:admin" then |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
56 |
return it.to_array(config_admin_jids + set.new(storage_role_jids)); |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
57 |
end |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
58 |
return storage_role_jids; |
|
3a2d58a39872
usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role
Matthew Wild <mwild1@gmail.com>
parents:
11478
diff
changeset
|
59 |
end |