author | Kim Alvefur <zash@zash.se> |
Mon, 14 Sep 2015 12:59:48 +0200 | |
changeset 1857 | c25a0ac8b511 |
parent 1618 | 79adec50b24d |
permissions | -rw-r--r-- |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
1 |
local st = require "util.stanza"; |
1617
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
2 |
local jid = require "util.jid"; |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
3 |
local nodeprep = require "util.encodings".stringprep.nodeprep; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
4 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
5 |
local rooms = module:shared "muc/rooms"; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
6 |
if not rooms then |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
7 |
module:log("error", "This module only works on MUC components!"); |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
8 |
return; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
9 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
10 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
11 |
local restrict_patterns = module:get_option("muc_restrict_matching", {}); |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
12 |
local restrict_excepts = module:get_option_set("muc_restrict_exceptions", {}); |
1617
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
13 |
local restrict_allow_admins = module:get_option_boolean("muc_restrict_allow_admins", false); |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
14 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
15 |
local function is_restricted(room, who) |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
16 |
-- If admins can join prohibited rooms, we allow them to |
1617
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
17 |
if restrict_allow_admins and usermanager.is_admin(who, module.host) then |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
18 |
module:log("debug", "Admins are allowed to enter restricted rooms (%s on %s)", who, room) |
1617
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
19 |
return nil; |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
20 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
21 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
22 |
-- Don't evaluate exceptions |
1617
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
23 |
if restrict_excepts:contains(room) then |
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
24 |
module:log("debug", "Room %s is amongst restriction exceptions", room()) |
ca04f75958f7
mod_muc_restrict_rooms: Some fixes based on Matthew's comments + a few more
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1616
diff
changeset
|
25 |
return nil; |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
26 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
27 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
28 |
-- Evaluate regexps of restricted patterns |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
29 |
for pattern,reason in pairs(restrict_patterns) do |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
30 |
if room:match(pattern) then |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
31 |
module:log("debug", "Room %s is restricted by pattern %s, user %s is not allowed to join (%s)", room, pattern, who, reason) |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
32 |
return reason; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
33 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
34 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
35 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
36 |
return nil |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
37 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
38 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
39 |
module:hook("presence/full", function(event) |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
40 |
local stanza = event.stanza; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
41 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
42 |
if stanza.name == "presence" and stanza.attr.type == "unavailable" then -- Leaving events get discarded |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
43 |
return; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
44 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
45 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
46 |
-- Get the room |
1618
79adec50b24d
mod_muc_restrict_rooms: Fixed the way of getting room and user
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1617
diff
changeset
|
47 |
local room = jid.split(stanza.attr.to); |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
48 |
if not room then return; end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
49 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
50 |
-- Get who has tried to join it |
1618
79adec50b24d
mod_muc_restrict_rooms: Fixed the way of getting room and user
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
1617
diff
changeset
|
51 |
local who = jid.bare(stanza.attr.from) |
1616
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
52 |
|
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
53 |
-- Checking whether room is restricted |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
54 |
local check_restricted = is_restricted(room, who) |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
55 |
if check_restricted ~= nil then |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
56 |
event.allowed = false; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
57 |
event.stanza.attr.type = 'error'; |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
58 |
return event.origin.send(st.error_reply(event.stanza, "cancel", "forbidden", "You're not allowed to enter this room: " .. check_restricted)); |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
59 |
end |
247e6e43843e
Adding new mod_muc_restrict_rooms module
Nicolás Kovac <nkneumann(at)gmail.com>
parents:
diff
changeset
|
60 |
end, 10); |