mod_admin_shell: Add command for updating roles user:roles(jid, roles)
This would allow e.g. granting admin status without changing the config
and without a restart.
--- a/plugins/mod_admin_shell.lua Sat Dec 04 02:25:01 2021 +0100
+++ b/plugins/mod_admin_shell.lua Mon Dec 06 21:55:57 2021 +0100
@@ -250,6 +250,7 @@
elseif section == "user" then
print [[user:create(jid, password, roles) - Create the specified user account]]
print [[user:password(jid, password) - Set the password for the specified user account]]
+ print [[user:roles(jid, roles) - Set roles for an user]]
print [[user:delete(jid) - Permanently remove the specified user account]]
print [[user:list(hostname, pattern) - List users on the specified host, optionally filtering with a pattern]]
elseif section == "muc" then
@@ -1269,6 +1270,13 @@
local um = require"core.usermanager";
+local function coerce_roles(roles)
+ if roles == "admin" then roles = "prosody:admin"; end
+ if type(roles) == "string" then roles = { [roles] = true }; end
+ if roles[1] then for i, role in ipairs(roles) do roles[role], roles[i] = true, nil; end end
+ return roles;
+end
+
def_env.user = {};
function def_env.user:create(jid, password, roles)
local username, host = jid_split(jid);
@@ -1280,9 +1288,7 @@
local ok, err = um.create_user(username, password, host);
if ok then
if ok and roles then
- if roles == "admin" then roles = "prosody:admin"; end
- if type(roles) == "string" then roles = { [roles] = true }; end
- if roles[1] then for i, role in ipairs(roles) do roles[role], roles[i] = true, nil; end end
+ roles = coerce_roles(roles);
local roles_ok, rerr = um.set_roles(jid, host, roles);
if not roles_ok then return nil, "User created, but could not set roles: " .. tostring(rerr); end
end
@@ -1322,7 +1328,16 @@
end
end
--- TODO user:roles(jid, new_roles)
+-- user:roles("someone@example.com", {"prosody:admin"})
+function def_env.user:roles(jid, new_roles)
+ local username, host = jid_split(jid);
+ if not prosody.hosts[host] then
+ return nil, "No such host: "..host;
+ elseif not um.user_exists(username, host) then
+ return nil, "No such user";
+ end
+ return um.set_roles(jid, host, coerce_roles(new_roles));
+end
-- TODO switch to table view, include roles
function def_env.user:list(host, pat)