author | Matthew Wild <mwild1@gmail.com> |
Wed, 24 Apr 2024 13:47:48 +0100 | |
changeset 5895 | 512f912fdfa5 |
parent 5878 | f8b9095f7862 |
permissions | -rw-r--r-- |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
-- Export a module:may() that works on Prosody 0.12 and earlier |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
-- (i.e. backed by is_admin). |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 |
-- This API is safe because Prosody 0.12 and earlier do not support |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
-- per-session roles - all authorization is based on JID alone. It is not |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
-- safe on versions that support per-session authorization. |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
module:set_global(); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 |
local moduleapi = require "core.moduleapi"; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
-- If module.may already exists, abort |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
if moduleapi.may then return; end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 |
local jid_split = require "util.jid".split; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 |
local um_is_admin = require "core.usermanager".is_admin; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 |
local function get_jid_role_name(jid, host) |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
if um_is_admin(jid, "*") then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 |
return "prosody:operator"; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
elseif um_is_admin(jid, host) then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 |
return "prosody:admin"; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 |
return nil; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
local function get_user_role_name(username, host) |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 |
return get_jid_role_name(username.."@"..host, host); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 |
|
5102
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
31 |
-- permissions[host][role_name][permission_name] = is_permitted |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 |
local permissions = {}; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 |
|
5103
f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
Matthew Wild <mwild1@gmail.com>
parents:
5102
diff
changeset
|
34 |
local role_inheritance = { |
f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
Matthew Wild <mwild1@gmail.com>
parents:
5102
diff
changeset
|
35 |
["prosody:operator"] = "prosody:admin"; |
5586
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
36 |
["prosody:admin"] = "prosody:member"; |
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
37 |
["prosody:member"] = "prosody:registered"; |
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
38 |
["prosody:registered"] = "prosody:guest"; |
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
39 |
|
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
40 |
-- COMPAT |
825c6fb76c48
Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
Matthew Wild <mwild1@gmail.com>
parents:
5103
diff
changeset
|
41 |
["prosody:user"] = "prosody:registered"; |
5103
f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
Matthew Wild <mwild1@gmail.com>
parents:
5102
diff
changeset
|
42 |
}; |
f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
Matthew Wild <mwild1@gmail.com>
parents:
5102
diff
changeset
|
43 |
|
5102
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
44 |
local function role_may(host, role_name, permission) |
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
45 |
local host_roles = permissions[host]; |
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
46 |
if not host_roles then |
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
47 |
return false; |
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
48 |
end |
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
49 |
local role_permissions = host_roles[role_name]; |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 |
if not role_permissions then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 |
return false; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 |
end |
5878
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
53 |
if role_permissions[permission] then |
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
54 |
return true; |
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
55 |
end |
5103
f03f4ec859a3
mod_compat_roles: Add support for role inheritance (built-in roles only)
Matthew Wild <mwild1@gmail.com>
parents:
5102
diff
changeset
|
56 |
local next_role = role_inheritance[role_name]; |
5878
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
57 |
if not next_role then |
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
58 |
return false; |
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
59 |
end |
f8b9095f7862
mod_compat_roles: Fix attempt to index a nil value #1847
Kim Alvefur <zash@zash.se>
parents:
5586
diff
changeset
|
60 |
return role_may(host, next_role, permission); |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 |
function moduleapi.may(self, action, context) |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 |
if action:byte(1) == 58 then -- action begins with ':' |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 |
action = self.name..action; -- prepend module name |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 |
if type(context) == "string" then -- check JID permissions |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 |
local role; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 |
local node, host = jid_split(context); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 |
if host == self.host then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
role = get_user_role_name(node, self.host); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 |
else |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 |
role = get_jid_role_name(context, self.host); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 |
if not role then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 |
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", context, action); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 |
return false; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 |
|
5102
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
80 |
local permit = role_may(self.host, role, action); |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 |
if not permit then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 |
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", context, action, role.name); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 |
return permit; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 |
local session = context.origin or context.session; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 |
if type(session) ~= "table" then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 |
error("Unable to identify actor session from context"); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 |
if session.type == "s2sin" or (session.type == "c2s" and session.host ~= self.host) then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 |
local actor_jid = context.stanza.attr.from; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 |
local role_name = get_jid_role_name(actor_jid); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 |
if not role_name then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 |
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 |
return false; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 |
end |
5102
817bc9873fc2
mod_compat_roles: Fix permission checks/roles to be per-host as intended
Matthew Wild <mwild1@gmail.com>
parents:
5101
diff
changeset
|
98 |
local permit = role_may(self.host, role_name, action, context); |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 |
if not permit then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", actor_jid, action, role_name); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 |
return permit; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 |
function moduleapi.default_permission(self, role_name, permission) |
5101
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
107 |
local p = permissions[self.host]; |
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
108 |
if not p then |
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
109 |
p = {}; |
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
110 |
permissions[self.host] = p; |
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
111 |
end |
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
112 |
local r = p[role_name]; |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 |
if not r then |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 |
r = {}; |
5101
d414fa8b37dc
mod_compat_roles: Fix traceback when no host roles are defined (thanks cc)
Matthew Wild <mwild1@gmail.com>
parents:
4987
diff
changeset
|
115 |
p[role_name] = r; |
4987
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 |
r[permission] = true; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 |
function moduleapi.default_permissions(self, role_name, permission_list) |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 |
for _, permission in ipairs(permission_list) do |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 |
self:default_permission(role_name, permission); |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
125 |
|
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 |
function module.add_host(host_module) |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 |
permissions[host_module.host] = {}; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 |
function host_module.unload() |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 |
permissions[host_module.host] = nil; |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 |
end |
7c77058a1ac5
mod_compat_roles: New module providing compat shim for trunk's new role API
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 |
end |