prosody: core/usermanager.lua@7ca5645f46cd (annotated)

1523 841d61be198f Remove version number from copyright headers Matthew Wild <mwild1@gmail.com> parents: 896 diff changeset	1	-- Prosody IM
2923 b7049746bd29 Update copyright headers for 2010 Matthew Wild <mwild1@gmail.com> parents: 2032 diff changeset	2	-- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010 Matthew Wild <mwild1@gmail.com> parents: 2032 diff changeset	3	-- Copyright (C) 2008-2010 Waqas Hussain
1585 edc066730d11 Switch to using a more generic credentials_callback/handler for SASL auth. nick@lupine.me.uk parents: 1523 diff changeset	4	--
758 b1885732e979 GPL->MIT! Matthew Wild <mwild1@gmail.com> parents: 615 diff changeset	5	-- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT! Matthew Wild <mwild1@gmail.com> parents: 615 diff changeset	6	-- COPYING file in the source package for more information.
519 cccd610a0ef9 Insert copyright/license headers Matthew Wild <mwild1@gmail.com> parents: 449 diff changeset	7	--
cccd610a0ef9 Insert copyright/license headers Matthew Wild <mwild1@gmail.com> parents: 449 diff changeset	8
3180 99be525bcfb4 Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name. Matthew Wild <mwild1@gmail.com> parents: 3177 diff changeset	9	local modulemanager = require "core.modulemanager";
53 14ea0fe6ca86 Session destruction fixes, some debugging code while we fix the rest. Also change logger to be more useful. Matthew Wild <mwild1@gmail.com> parents: 38 diff changeset	10	local log = require "util.logger".init("usermanager");
890 5b8da51b0843 usermanager: Added is_admin(jid) Waqas Hussain <waqas20@gmail.com> parents: 760 diff changeset	11	local type = type;
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	12	local jid_split = require "util.jid".split;
890 5b8da51b0843 usermanager: Added is_admin(jid) Waqas Hussain <waqas20@gmail.com> parents: 760 diff changeset	13	local config = require "core.configmanager";
3362 90bf162303f3 usermanager: Return a non-nil SASL handler from the null auth provider (fixes a traceback). Waqas Hussain <waqas20@gmail.com> parents: 3336 diff changeset	14	local sasl_new = require "util.sasl".new;
5042 ce823b32225e usermanager: Add method for deleting a user Kim Alvefur <zash@zash.se> parents: 4943 diff changeset	15	local storagemanager = require "core.storagemanager";
0 3e3171b59028 First commit, where do you want to go tomorrow? matthew parents: diff changeset	16
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	17	local prosody = _G.prosody;
8720 9ddd0fbbe53a core: Use prosody.hosts instead of _G.hosts for consistency Kim Alvefur <zash@zash.se> parents: 8558 diff changeset	18	local hosts = prosody.hosts;
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	19
3161 73e93a48c0c1 Update usermanager to not crash, etc. Jeff Mitchell <jeff@jefferai.org> parents: 3160 diff changeset	20	local setmetatable = setmetatable;
73e93a48c0c1 Update usermanager to not crash, etc. Jeff Mitchell <jeff@jefferai.org> parents: 3160 diff changeset	21
12337 ed8a4f8dfd27 usermanager, mod_saslauth: Default to internal_hashed if no auth module specified Matthew Wild <mwild1@gmail.com> parents: 12024 diff changeset	22	local default_provider = "internal_hashed";
3180 99be525bcfb4 Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name. Matthew Wild <mwild1@gmail.com> parents: 3177 diff changeset	23
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	24	local _ENV = nil;
8558 4f0f5b49bb03 vairious: Add annotation when an empty environment is set [luacheck] Kim Alvefur <zash@zash.se> parents: 8195 diff changeset	25	-- luacheck: std none
0 3e3171b59028 First commit, where do you want to go tomorrow? matthew parents: diff changeset	26
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	27	local function new_null_provider()
3991 2b86d7705f4e usermanager: Change dummy provider method to return an error string also (method not implemented) Matthew Wild <mwild1@gmail.com> parents: 3982 diff changeset	28	local function dummy() return nil, "method not implemented"; end;
3362 90bf162303f3 usermanager: Return a non-nil SASL handler from the null auth provider (fixes a traceback). Waqas Hussain <waqas20@gmail.com> parents: 3336 diff changeset	29	local function dummy_get_sasl_handler() return sasl_new(nil, {}); end
3991 2b86d7705f4e usermanager: Change dummy provider method to return an error string also (method not implemented) Matthew Wild <mwild1@gmail.com> parents: 3982 diff changeset	30	return setmetatable({name = "null", get_sasl_handler = dummy_get_sasl_handler}, {
6666 d3023dd07cb6 portmanager, s2smanager, sessionmanager, stanza_router, storagemanager, usermanager, util.xml: Add luacheck annotations Matthew Wild <mwild1@gmail.com> parents: 6631 diff changeset	31	__index = function(self, method) return dummy; end --luacheck: ignore 212
3991 2b86d7705f4e usermanager: Change dummy provider method to return an error string also (method not implemented) Matthew Wild <mwild1@gmail.com> parents: 3982 diff changeset	32	});
3161 73e93a48c0c1 Update usermanager to not crash, etc. Jeff Mitchell <jeff@jefferai.org> parents: 3160 diff changeset	33	end
73e93a48c0c1 Update usermanager to not crash, etc. Jeff Mitchell <jeff@jefferai.org> parents: 3160 diff changeset	34
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	35	local fallback_authz_provider = {
10637 d1cc6af0fb97 usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish). Matthew Wild <mwild1@gmail.com> parents: 8720 diff changeset	36	get_user_roles = function (user) end; --luacheck: ignore 212/user
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	37	get_jids_with_role = function (role) end; --luacheck: ignore 212
12024 a949f1aae171 core.usermanager: Implement noop role writes on global authz provider Kim Alvefur <zash@zash.se> parents: 11902 diff changeset	38	set_user_roles = function (user, roles) end; -- luacheck: ignore 212
a949f1aae171 core.usermanager: Implement noop role writes on global authz provider Kim Alvefur <zash@zash.se> parents: 11902 diff changeset	39	set_jid_roles = function (jid, roles) end; -- luacheck: ignore 212
12657 e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	40
e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	41	get_user_default_role = function (user) end; -- luacheck: ignore 212
e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	42	get_users_with_role = function (role_name) end; -- luacheck: ignore 212
e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	43	get_jid_role = function (jid) end; -- luacheck: ignore 212
e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	44	set_jid_role = function (jid) end; -- luacheck: ignore 212
e4a412a54462 core.usermanager: Add missing stub authz methods to global authz provider Kim Alvefur <zash@zash.se> parents: 12652 diff changeset	45	add_default_permission = function (role_name, action, policy) end; -- luacheck: ignore 212
12661 1ab845e80fe7 usermanager: Fix method name of global authz provider (thanks Zash) Matthew Wild <mwild1@gmail.com> parents: 12660 diff changeset	46	get_role_by_name = function (role_name) end; -- luacheck: ignore 212
10637 d1cc6af0fb97 usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish). Matthew Wild <mwild1@gmail.com> parents: 8720 diff changeset	47	};
d1cc6af0fb97 usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish). Matthew Wild <mwild1@gmail.com> parents: 8720 diff changeset	48
3992 73075b004e77 usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers) Matthew Wild <mwild1@gmail.com> parents: 3991 diff changeset	49	local provider_mt = { __index = new_null_provider() };
73075b004e77 usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers) Matthew Wild <mwild1@gmail.com> parents: 3991 diff changeset	50
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	51	local function initialize_host(host)
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	52	local host_session = hosts[host];
10638 c9e1cb7a38b8 usermanager: Load authz providers on components also Matthew Wild <mwild1@gmail.com> parents: 10637 diff changeset	53
10663 8f95308c3c45 usermanager, mod_authz_: Merge mod_authz_config and mod_authz_internal into the latter Matthew Wild <mwild1@gmail.com>* parents: 10644 diff changeset	54	local authz_provider_name = config.get(host, "authorization") or "internal";
10638 c9e1cb7a38b8 usermanager: Load authz providers on components also Matthew Wild <mwild1@gmail.com> parents: 10637 diff changeset	55
c9e1cb7a38b8 usermanager: Load authz providers on components also Matthew Wild <mwild1@gmail.com> parents: 10637 diff changeset	56	local authz_mod = modulemanager.load(host, "authz_"..authz_provider_name);
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	57	host_session.authz = authz_mod or fallback_authz_provider;
10638 c9e1cb7a38b8 usermanager: Load authz providers on components also Matthew Wild <mwild1@gmail.com> parents: 10637 diff changeset	58
3612 5547acd18a9f usermanager: Don't load auth modules for components. Waqas Hussain <waqas20@gmail.com> parents: 3608 diff changeset	59	if host_session.type ~= "local" then return; end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5377 diff changeset	60
3163 a23168cc4af5 Working defaultauth Jeff Mitchell <jeff@jefferai.org> parents: 3161 diff changeset	61	host_session.events.add_handler("item-added/auth-provider", function (event)
a23168cc4af5 Working defaultauth Jeff Mitchell <jeff@jefferai.org> parents: 3161 diff changeset	62	local provider = event.item;
5377 898454038524 core.: Complete removal of all traces of the "core" section and section-related code. Kim Alvefur <zash@zash.se>* parents: 5157 diff changeset	63	local auth_provider = config.get(host, "authentication") or default_provider;
898454038524 core.: Complete removal of all traces of the "core" section and section-related code. Kim Alvefur <zash@zash.se>* parents: 5157 diff changeset	64	if config.get(host, "anonymous_login") then
4773 ee55956597f4 usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version. Matthew Wild <mwild1@gmail.com> parents: 4459 diff changeset	65	log("error", "Deprecated config option 'anonymous_login'. Use authentication = 'anonymous' instead.");
ee55956597f4 usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version. Matthew Wild <mwild1@gmail.com> parents: 4459 diff changeset	66	auth_provider = "anonymous";
ee55956597f4 usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version. Matthew Wild <mwild1@gmail.com> parents: 4459 diff changeset	67	end -- COMPAT 0.7
3180 99be525bcfb4 Rename mod_defaultauth -> mod_auth_internal, mod_hashpassauth -> mod_auth_internal_hashed, and the providers to internal and internal_hashed respectively. Also no longer auto-load defaultauth, but instead auto-load the plugin selected for each host at startup based on the provider name. Matthew Wild <mwild1@gmail.com> parents: 3177 diff changeset	68	if provider.name == auth_provider then
3992 73075b004e77 usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers) Matthew Wild <mwild1@gmail.com> parents: 3991 diff changeset	69	host_session.users = setmetatable(provider, provider_mt);
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	70	end
3164 db9def53fe9c Check in mod_hashpassauth -- works! Jeff Mitchell <jeff@jefferai.org> parents: 3163 diff changeset	71	if host_session.users ~= nil and host_session.users.name ~= nil then
6631 8495734da243 usermanager: Capitalize log message Kim Alvefur <zash@zash.se> parents: 5795 diff changeset	72	log("debug", "Host '%s' now set to use user provider '%s'", host, host_session.users.name);
3163 a23168cc4af5 Working defaultauth Jeff Mitchell <jeff@jefferai.org> parents: 3161 diff changeset	73	end
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	74	end);
3163 a23168cc4af5 Working defaultauth Jeff Mitchell <jeff@jefferai.org> parents: 3161 diff changeset	75	host_session.events.add_handler("item-removed/auth-provider", function (event)
a23168cc4af5 Working defaultauth Jeff Mitchell <jeff@jefferai.org> parents: 3161 diff changeset	76	local provider = event.item;
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	77	if host_session.users == provider then
3161 73e93a48c0c1 Update usermanager to not crash, etc. Jeff Mitchell <jeff@jefferai.org> parents: 3160 diff changeset	78	host_session.users = new_null_provider();
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	79	end
0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	80	end);
3540 bc139431830b Monster whitespace commit (beware the whitespace monster). Waqas Hussain <waqas20@gmail.com> parents: 3466 diff changeset	81	host_session.users = new_null_provider(); -- Start with the default usermanager provider
5377 898454038524 core.: Complete removal of all traces of the "core" section and section-related code. Kim Alvefur <zash@zash.se>* parents: 5157 diff changeset	82	local auth_provider = config.get(host, "authentication") or default_provider;
898454038524 core.: Complete removal of all traces of the "core" section and section-related code. Kim Alvefur <zash@zash.se>* parents: 5157 diff changeset	83	if config.get(host, "anonymous_login") then auth_provider = "anonymous"; end -- COMPAT 0.7
3540 bc139431830b Monster whitespace commit (beware the whitespace monster). Waqas Hussain <waqas20@gmail.com> parents: 3466 diff changeset	84	if auth_provider ~= "null" then
bc139431830b Monster whitespace commit (beware the whitespace monster). Waqas Hussain <waqas20@gmail.com> parents: 3466 diff changeset	85	modulemanager.load(host, "auth_"..auth_provider);
bc139431830b Monster whitespace commit (beware the whitespace monster). Waqas Hussain <waqas20@gmail.com> parents: 3466 diff changeset	86	end
10637 d1cc6af0fb97 usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish). Matthew Wild <mwild1@gmail.com> parents: 8720 diff changeset	87
3176 f77759710324 usermanager: Add hunk that got missed in a merge Matthew Wild <mwild1@gmail.com> parents: 3167 diff changeset	88	end;
3293 4ce9d569a99c usermanager: Expose host_handler() as initialize_host() Matthew Wild <mwild1@gmail.com> parents: 3285 diff changeset	89	prosody.events.add_handler("host-activated", initialize_host, 100);
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	90
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	91	local function test_password(username, host, password)
3158 3d42e0092888 Backed out changeset 8bd3857a75ee Matthew Wild <mwild1@gmail.com> parents: 3053 diff changeset	92	return hosts[host].users.test_password(username, password);
0 3e3171b59028 First commit, where do you want to go tomorrow? matthew parents: diff changeset	93	end
38 3fdfd6e0cb4e SASL! Matthew Wild <mwild1@gmail.com> parents: 0 diff changeset	94
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	95	local function get_password(username, host)
3158 3d42e0092888 Backed out changeset 8bd3857a75ee Matthew Wild <mwild1@gmail.com> parents: 3053 diff changeset	96	return hosts[host].users.get_password(username);
1585 edc066730d11 Switch to using a more generic credentials_callback/handler for SASL auth. nick@lupine.me.uk parents: 1523 diff changeset	97	end
2987 0acfae4da199 usermanager: Support for pluggable authentication providers Matthew Wild <mwild1@gmail.com> parents: 2934 diff changeset	98
8195 4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	99	local function set_password(username, password, host, resource)
4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	100	local ok, err = hosts[host].users.set_password(username, password);
4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	101	if ok then
4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	102	prosody.events.fire_event("user-password-changed", { username = username, host = host, resource = resource });
4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	103	end
4354f556c5db core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) Kim Alvefur <zash@zash.se> parents: 7180 diff changeset	104	return ok, err;
2934 060bb8217fea usermanager: Added function set_password. Waqas Hussain <waqas20@gmail.com> parents: 2929 diff changeset	105	end
1585 edc066730d11 Switch to using a more generic credentials_callback/handler for SASL auth. nick@lupine.me.uk parents: 1523 diff changeset	106
12650 3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	107	local function get_account_info(username, host)
3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	108	local method = hosts[host].users.get_account_info;
3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	109	if not method then return nil, "method-not-supported"; end
3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	110	return method(username);
3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	111	end
3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	112
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	113	local function user_exists(username, host)
7180 1295e14614f4 usermanager: Shortcircuit user existence check if they have existing sessions Kim Alvefur <zash@zash.se> parents: 6982 diff changeset	114	if hosts[host].sessions[username] then return true; end
3158 3d42e0092888 Backed out changeset 8bd3857a75ee Matthew Wild <mwild1@gmail.com> parents: 3053 diff changeset	115	return hosts[host].users.user_exists(username);
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: 53 diff changeset	116	end
44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: 53 diff changeset	117
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	118	local function create_user(username, password, host)
3158 3d42e0092888 Backed out changeset 8bd3857a75ee Matthew Wild <mwild1@gmail.com> parents: 3053 diff changeset	119	return hosts[host].users.create_user(username, password);
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: 53 diff changeset	120	end
44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: 53 diff changeset	121
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	122	local function delete_user(username, host)
5042 ce823b32225e usermanager: Add method for deleting a user Kim Alvefur <zash@zash.se> parents: 4943 diff changeset	123	local ok, err = hosts[host].users.delete_user(username);
ce823b32225e usermanager: Add method for deleting a user Kim Alvefur <zash@zash.se> parents: 4943 diff changeset	124	if not ok then return nil, err; end
5094 e646c849d72f core.usermanager: Don't close sessions ourselves when deleting users. Instead, fire an event that modules can hook. Kim Alvefur <zash@zash.se> parents: 5042 diff changeset	125	prosody.events.fire_event("user-deleted", { username = username, host = host });
5129 e8253c931166 storagemanager: Add purge() for purging user data from all backends in use Kim Alvefur <zash@zash.se> parents: 5094 diff changeset	126	return storagemanager.purge(username, host);
3993 b71e5ecc694b usermanager: Add delete_user method Matthew Wild <mwild1@gmail.com> parents: 3992 diff changeset	127	end
b71e5ecc694b usermanager: Add delete_user method Matthew Wild <mwild1@gmail.com> parents: 3992 diff changeset	128
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	129	local function users(host)
5157 0e1686f334b8 usermanager: Add support for iterating over accounts Kim Alvefur <zash@zash.se> parents: 5129 diff changeset	130	return hosts[host].users.users();
0e1686f334b8 usermanager: Add support for iterating over accounts Kim Alvefur <zash@zash.se> parents: 5129 diff changeset	131	end
0e1686f334b8 usermanager: Add support for iterating over accounts Kim Alvefur <zash@zash.se> parents: 5129 diff changeset	132
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	133	local function get_sasl_handler(host, session)
4943 50f63f07245f usermanager: Pass session on to auth provider (missing half of commit 0545a574667b) (thanks Zash) Matthew Wild <mwild1@gmail.com> parents: 4773 diff changeset	134	return hosts[host].users.get_sasl_handler(session);
228 875842235836 Updated usermanager with DIGEST-MD5 support Waqas Hussain <waqas20@gmail.com> parents: 60 diff changeset	135	end
875842235836 Updated usermanager with DIGEST-MD5 support Waqas Hussain <waqas20@gmail.com> parents: 60 diff changeset	136
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	137	local function get_provider(host)
3167 546695e80e0a Correct out of order logic in mod_hashpassauth Jeff Mitchell <jeff@jefferai.org> parents: 3166 diff changeset	138	return hosts[host].users;
546695e80e0a Correct out of order logic in mod_hashpassauth Jeff Mitchell <jeff@jefferai.org> parents: 3166 diff changeset	139	end
546695e80e0a Correct out of order logic in mod_hashpassauth Jeff Mitchell <jeff@jefferai.org> parents: 3166 diff changeset	140
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	141	-- Returns a map of { [role_name] = role, ... } that a user is allowed to assume
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	142	local function get_user_roles(user, host)
4237 6b0d7d94eb7f usermanager: Check host exists before trying to look up admins for it Matthew Wild <mwild1@gmail.com> parents: 3993 diff changeset	143	if host and not hosts[host] then return false; end
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	144	if type(user) ~= "string" then return false; end
4237 6b0d7d94eb7f usermanager: Check host exists before trying to look up admins for it Matthew Wild <mwild1@gmail.com> parents: 3993 diff changeset	145
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	146	return hosts[host].authz.get_user_roles(user);
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	147	end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	148
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	149	local function get_user_default_role(user, host)
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	150	if host and not hosts[host] then return false; end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	151	if type(user) ~= "string" then return false; end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	152
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	153	return hosts[host].authz.get_user_default_role(user);
10644 5622eda7c5c5 usermanager: Add get_roles() function Matthew Wild <mwild1@gmail.com> parents: 10639 diff changeset	154	end
5622eda7c5c5 usermanager: Add get_roles() function Matthew Wild <mwild1@gmail.com> parents: 10639 diff changeset	155
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	156	-- Accepts a set of role names which the user is allowed to assume
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	157	local function set_user_roles(user, host, roles)
11477 afe80b64e209 usermanager: expose set_roles through API Jonas Schäfer <jonas@wielicki.name> parents: 10699 diff changeset	158	if host and not hosts[host] then return false; end
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	159	if type(user) ~= "string" then return false; end
11477 afe80b64e209 usermanager: expose set_roles through API Jonas Schäfer <jonas@wielicki.name> parents: 10699 diff changeset	160
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	161	local ok, err = hosts[host].authz.set_user_roles(user, roles);
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	162	if ok then
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	163	prosody.events.fire_event("user-roles-changed", {
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	164	username = user, host = host
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	165	});
11477 afe80b64e209 usermanager: expose set_roles through API Jonas Schäfer <jonas@wielicki.name> parents: 10699 diff changeset	166	end
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	167	return ok, err;
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	168	end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	169
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	170	local function get_jid_role(jid, host)
12658 f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	171	local jid_node, jid_host = jid_split(jid);
f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	172	if host == jid_host and jid_node then
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	173	return hosts[host].authz.get_user_default_role(jid_node);
12658 f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	174	end
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	175	return hosts[host].authz.get_jid_role(jid);
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	176	end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	177
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	178	local function set_jid_role(jid, host, role_name)
12658 f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	179	local _, jid_host = jid_split(jid);
f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	180	if host == jid_host then
f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	181	return nil, "unexpected-local-jid";
f3dbbc7655e6 usermanager: Handle local JIDs being passed to get/set_jid_role() Matthew Wild <mwild1@gmail.com> parents: 12657 diff changeset	182	end
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	183	return hosts[host].authz.set_jid_role(jid, role_name)
11477 afe80b64e209 usermanager: expose set_roles through API Jonas Schäfer <jonas@wielicki.name> parents: 10699 diff changeset	184	end
afe80b64e209 usermanager: expose set_roles through API Jonas Schäfer <jonas@wielicki.name> parents: 10699 diff changeset	185
11749 3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	186	local function get_users_with_role(role, host)
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	187	if not hosts[host] then return false; end
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	188	if type(role) ~= "string" then return false; end
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	189	return hosts[host].authz.get_users_with_role(role);
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	190	end
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	191
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	192	local function get_jids_with_role(role, host)
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	193	if host and not hosts[host] then return false; end
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	194	if type(role) ~= "string" then return false; end
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	195	return hosts[host].authz.get_jids_with_role(role);
11749 3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	196	end
3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	197
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	198	local function get_role_by_name(role_name, host)
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	199	if host and not hosts[host] then return false; end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	200	if type(role_name) ~= "string" then return false; end
12662 7ca5645f46cd usermanager: Remove concept of global authz provider Matthew Wild <mwild1@gmail.com> parents: 12661 diff changeset	201	return hosts[host].authz.get_role_by_name(role_name);
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	202	end
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	203
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	204	return {
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	205	new_null_provider = new_null_provider;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	206	initialize_host = initialize_host;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	207	test_password = test_password;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	208	get_password = get_password;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	209	set_password = set_password;
12650 3f38f4735c7a usermanager, mod_auth_: Add get_account_info() returning creation/update time Matthew Wild <mwild1@gmail.com>* parents: 12646 diff changeset	210	get_account_info = get_account_info;
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	211	user_exists = user_exists;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	212	create_user = create_user;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	213	delete_user = delete_user;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	214	users = users;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	215	get_sasl_handler = get_sasl_handler;
6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	216	get_provider = get_provider;
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	217	get_user_default_role = get_user_default_role;
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	218	get_user_roles = get_user_roles;
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	219	set_user_roles = set_user_roles;
11749 3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	220	get_users_with_role = get_users_with_role;
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	221	get_jid_role = get_jid_role;
f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	222	set_jid_role = set_jid_role;
11749 3a2d58a39872 usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role Matthew Wild <mwild1@gmail.com> parents: 11477 diff changeset	223	get_jids_with_role = get_jids_with_role;
12652 f299e570a0fe mod_authz_internal: Use util.roles, some API changes and config support Matthew Wild <mwild1@gmail.com> parents: 12650 diff changeset	224	get_role_by_name = get_role_by_name;
6782 6236668da30a core.: Remove use of module() function Kim Alvefur <zash@zash.se>* parents: 6666 diff changeset	225	};

author	Matthew Wild <mwild1@gmail.com>
	Fri, 12 Aug 2022 16:21:57 +0100
changeset 12662	7ca5645f46cd
parent 12661	1ab845e80fe7
child 12663	c0eea4f6c739
permissions	-rw-r--r--