| author | Jeff Mitchell <jeff@jefferai.org> |
| Thu, 27 May 2010 10:54:11 -0400 | |
| changeset 3166 | 3c46cb94caed |
| parent 3164 | db9def53fe9c |
| child 3167 | 546695e80e0a |
| permissions | -rw-r--r-- |
|
1523
841d61be198f
Remove version number from copyright headers
Matthew Wild <mwild1@gmail.com>
parents:
896
diff
changeset
|
1 |
-- Prosody IM |
|
2923
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2032
diff
changeset
|
2 |
-- Copyright (C) 2008-2010 Matthew Wild |
|
b7049746bd29
Update copyright headers for 2010
Matthew Wild <mwild1@gmail.com>
parents:
2032
diff
changeset
|
3 |
-- Copyright (C) 2008-2010 Waqas Hussain |
|
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
4 |
-- |
| 758 | 5 |
-- This project is MIT/X11 licensed. Please see the |
6 |
-- COPYING file in the source package for more information. |
|
|
519
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
7 |
-- |
|
cccd610a0ef9
Insert copyright/license headers
Matthew Wild <mwild1@gmail.com>
parents:
449
diff
changeset
|
8 |
|
|
2032
2714ccde2569
usermanager: Removed an unnecessary global access.
Waqas Hussain <waqas20@gmail.com>
parents:
2031
diff
changeset
|
9 |
local datamanager = require "util.datamanager"; |
|
53
14ea0fe6ca86
Session destruction fixes, some debugging code while we fix the rest. Also change logger to be more useful.
Matthew Wild <mwild1@gmail.com>
parents:
38
diff
changeset
|
10 |
local log = require "util.logger".init("usermanager"); |
|
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
11 |
local type = type; |
|
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
12 |
local error = error; |
|
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
13 |
local ipairs = ipairs; |
|
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
14 |
local hashes = require "util.hashes"; |
|
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
15 |
local jid_bare = require "util.jid".bare; |
|
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
16 |
local config = require "core.configmanager"; |
|
2929
1e4e314bef33
usermanager: Return sane errors/results when Cyrus SASL is in use.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
17 |
local hosts = hosts; |
| 0 | 18 |
|
|
3064
596303990c7c
usermanager, mod_saslauth: Make account provisioning for Cyrus SASL optional (default: not required)
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
19 |
local require_provisioning = config.get("*", "core", "cyrus_require_provisioning") or false; |
|
596303990c7c
usermanager, mod_saslauth: Make account provisioning for Cyrus SASL optional (default: not required)
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
20 |
|
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
21 |
local prosody = _G.prosody; |
|
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
22 |
|
|
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
23 |
local setmetatable = setmetatable; |
|
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
24 |
|
| 0 | 25 |
module "usermanager" |
26 |
||
|
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
27 |
function new_null_provider() |
|
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
28 |
local function dummy() end; |
|
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
3163
diff
changeset
|
29 |
return setmetatable({name = "dummyauth"}, { __index = function() return dummy; end }); |
|
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
30 |
end |
|
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
31 |
|
|
3036
0714539bcf71
usermanager: Handle auth providers for components.
Waqas Hussain <waqas20@gmail.com>
parents:
3035
diff
changeset
|
32 |
local function host_handler(host) |
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
33 |
local host_session = hosts[host]; |
| 3163 | 34 |
host_session.events.add_handler("item-added/auth-provider", function (event) |
35 |
local provider = event.item; |
|
36 |
if config.get(host, "core", "authentication") == nil and provider.name == "default" then |
|
37 |
host_session.users = provider; |
|
38 |
elseif config.get(host, "core", "authentication") == provider.name then |
|
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
39 |
host_session.users = provider; |
|
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
40 |
end |
|
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
3163
diff
changeset
|
41 |
if host_session.users ~= nil and host_session.users.name ~= nil then |
|
3166
3c46cb94caed
Add mechanism for upgrading to hashed passwords from default. Remove some extra debug.
Jeff Mitchell <jeff@jefferai.org>
parents:
3164
diff
changeset
|
42 |
log("debug", "host '%s' now set to use user provider '%s'", host, host_session.users.name); |
| 3163 | 43 |
end |
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
44 |
end); |
| 3163 | 45 |
host_session.events.add_handler("item-removed/auth-provider", function (event) |
46 |
local provider = event.item; |
|
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
47 |
if host_session.users == provider then |
|
3161
73e93a48c0c1
Update usermanager to not crash, etc.
Jeff Mitchell <jeff@jefferai.org>
parents:
3160
diff
changeset
|
48 |
host_session.users = new_null_provider(); |
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
49 |
end |
|
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
50 |
end); |
|
3036
0714539bcf71
usermanager: Handle auth providers for components.
Waqas Hussain <waqas20@gmail.com>
parents:
3035
diff
changeset
|
51 |
end |
| 3163 | 52 |
prosody.events.add_handler("host-activated", host_handler, 100); |
53 |
prosody.events.add_handler("component-activated", host_handler, 100); |
|
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
54 |
|
| 3163 | 55 |
function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
|
2929
1e4e314bef33
usermanager: Return sane errors/results when Cyrus SASL is in use.
Waqas Hussain <waqas20@gmail.com>
parents:
2923
diff
changeset
|
56 |
|
|
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
3163
diff
changeset
|
57 |
function test_password(username, password, host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
58 |
return hosts[host].users.test_password(username, password); |
| 0 | 59 |
end |
| 38 | 60 |
|
|
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
61 |
function get_password(username, host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
62 |
return hosts[host].users.get_password(username); |
|
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
63 |
end |
|
2987
0acfae4da199
usermanager: Support for pluggable authentication providers
Matthew Wild <mwild1@gmail.com>
parents:
2934
diff
changeset
|
64 |
|
|
3164
db9def53fe9c
Check in mod_hashpassauth -- works!
Jeff Mitchell <jeff@jefferai.org>
parents:
3163
diff
changeset
|
65 |
function set_password(username, password, host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
66 |
return hosts[host].users.set_password(username, password); |
|
2934
060bb8217fea
usermanager: Added function set_password.
Waqas Hussain <waqas20@gmail.com>
parents:
2929
diff
changeset
|
67 |
end |
|
1585
edc066730d11
Switch to using a more generic credentials_callback/handler for SASL auth.
nick@lupine.me.uk
parents:
1523
diff
changeset
|
68 |
|
|
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
69 |
function user_exists(username, host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
70 |
return hosts[host].users.user_exists(username); |
|
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
71 |
end |
|
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
72 |
|
|
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
73 |
function create_user(username, password, host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
74 |
return hosts[host].users.create_user(username, password); |
|
60
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
75 |
end |
|
44800be871f5
User registration, etc (jabber:iq:register)
Waqas Hussain <waqas20@gmail.com>
parents:
53
diff
changeset
|
76 |
|
|
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
77 |
function get_supported_methods(host) |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
78 |
return hosts[host].users.get_supported_methods(); |
|
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
79 |
end |
|
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
80 |
|
|
2030
d9382a16af5b
usermanager: Changed function is_admin to allow checking for host-specific admins.
Waqas Hussain <waqas20@gmail.com>
parents:
1589
diff
changeset
|
81 |
function is_admin(jid, host) |
|
3030
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
82 |
if host and host ~= "*" then |
|
3158
3d42e0092888
Backed out changeset 8bd3857a75ee
Matthew Wild <mwild1@gmail.com>
parents:
3053
diff
changeset
|
83 |
return hosts[host].users.is_admin(jid); |
|
3030
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
84 |
else -- Test only whether this JID is a global admin |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
85 |
local admins = config.get("*", "core", "admins"); |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
86 |
if type(admins) == "table" then |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
87 |
jid = jid_bare(jid); |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
88 |
for _,admin in ipairs(admins) do |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
89 |
if admin == jid then return true; end |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
90 |
end |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
91 |
elseif admins then |
|
3031
421890f3f247
usermanager: Bump log level of incorrect config option warnings
Matthew Wild <mwild1@gmail.com>
parents:
3030
diff
changeset
|
92 |
log("error", "Option 'admins' for host '%s' is not a table", host); |
|
3030
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
93 |
end |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
94 |
return nil; |
|
2be7801474fb
usermanager: Fix for is_admin to work with the new auth provider architecture
Matthew Wild <mwild1@gmail.com>
parents:
2999
diff
changeset
|
95 |
end |
|
890
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
96 |
end |
|
5b8da51b0843
usermanager: Added is_admin(jid)
Waqas Hussain <waqas20@gmail.com>
parents:
760
diff
changeset
|
97 |
|
|
228
875842235836
Updated usermanager with DIGEST-MD5 support
Waqas Hussain <waqas20@gmail.com>
parents:
60
diff
changeset
|
98 |
return _M; |