prosody: plugins/mod_user_account_management.lua@c2a476f4712a (annotated)

1523 841d61be198f Remove version number from copyright headers Matthew Wild <mwild1@gmail.com> parents: 1189 diff changeset	1	-- Prosody IM
2923 b7049746bd29 Update copyright headers for 2010 Matthew Wild <mwild1@gmail.com> parents: 2448 diff changeset	2	-- Copyright (C) 2008-2010 Matthew Wild
b7049746bd29 Update copyright headers for 2010 Matthew Wild <mwild1@gmail.com> parents: 2448 diff changeset	3	-- Copyright (C) 2008-2010 Waqas Hussain
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5763 diff changeset	4	--
758 b1885732e979 GPL->MIT! Matthew Wild <mwild1@gmail.com> parents: 691 diff changeset	5	-- This project is MIT/X11 licensed. Please see the
b1885732e979 GPL->MIT! Matthew Wild <mwild1@gmail.com> parents: 691 diff changeset	6	-- COPYING file in the source package for more information.
519 cccd610a0ef9 Insert copyright/license headers Matthew Wild <mwild1@gmail.com> parents: 438 diff changeset	7	--
cccd610a0ef9 Insert copyright/license headers Matthew Wild <mwild1@gmail.com> parents: 438 diff changeset	8
cccd610a0ef9 Insert copyright/license headers Matthew Wild <mwild1@gmail.com> parents: 438 diff changeset	9
12981 74b9e05af71e plugins: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 10386 diff changeset	10	local st = require "prosody.util.stanza";
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	11	local usermanager = require "prosody.core.usermanager";
12981 74b9e05af71e plugins: Prefix module imports with prosody namespace Kim Alvefur <zash@zash.se> parents: 10386 diff changeset	12	local nodeprep = require "prosody.util.encodings".stringprep.nodeprep;
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	13	local jid_bare, jid_node = import("prosody.util.jid", "bare", "node");
3995 e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	14
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	15	local compat = module:get_option_boolean("registration_compat", true);
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	16	local soft_delete_period = module:get_option_period("registration_delete_grace_period");
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	17	local deleted_accounts = module:open_store("accounts_cleanup");
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	18
541 3521e0851c9e Change modules to use the new add_feature module API method. Waqas Hussain <waqas20@gmail.com> parents: 519 diff changeset	19	module:add_feature("jabber:iq:register");
421 63be85693710 Modules now sending disco replies Waqas Hussain <waqas20@gmail.com> parents: 386 diff changeset	20
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	21	-- Allow us to 'freeze' a session and retrieve properties even after it is
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	22	-- destroyed
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	23	local function capture_session_properties(session)
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	24	return setmetatable({
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	25	id = session.id;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	26	ip = session.ip;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	27	type = session.type;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	28	client_id = session.client_id;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	29	}, { __index = session });
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	30	end
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	31
8197 ba9cd8447578 mod_register: Add comments saying which section handles password change, account deletion and which is in-band registration Kim Alvefur <zash@zash.se> parents: 8195 diff changeset	32	-- Password change and account deletion handler
3995 e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	33	local function handle_registration_stanza(event)
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	34	local session, stanza = event.origin, event.stanza;
7020 ff734a602886 mod_register: Use session log instance to ease indentification Kim Alvefur <zash@zash.se> parents: 5776 diff changeset	35	local log = session.log or module._log;
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	36
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	37	local query = stanza.tags[1];
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	38	if stanza.attr.type == "get" then
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	39	local reply = st.reply(stanza);
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	40	reply:tag("query", {xmlns = "jabber:iq:register"})
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	41	:tag("registered"):up()
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	42	:tag("username"):text(session.username):up()
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	43	:tag("password"):up();
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	44	session.send(reply);
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	45	else -- stanza.attr.type == "set"
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	46	if query.tags[1] and query.tags[1].name == "remove" then
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	47	local username, host = session.username, session.host;
5098 fca8b5946f6f mod_register: Hijack the session close call to send the final iq reply when deleting Kim Alvefur <zash@zash.se> parents: 5096 diff changeset	48
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	49	if host ~= module.host then -- Sanity check for safety
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	50	module:log("error", "Host mismatch on deletion request (a bug): %s ~= %s", host, module.host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	51	session.send(st.error_reply(stanza, "cancel", "internal-server-error"));
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	52	return true;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	53	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	54
7021 5c3d4254d415 mod_register: Add comment explaining the workaround for replying when the account is being deleted Kim Alvefur <zash@zash.se> parents: 7020 diff changeset	55	-- This one weird trick sends a reply to this stanza before the user is deleted
5098 fca8b5946f6f mod_register: Hijack the session close call to send the final iq reply when deleting Kim Alvefur <zash@zash.se> parents: 5096 diff changeset	56	local old_session_close = session.close;
7714 c8130995d4d1 mod_register: Rename session reference in wrapped close method [luacheck] Kim Alvefur <zash@zash.se> parents: 7713 diff changeset	57	session.close = function(self, ...)
c8130995d4d1 mod_register: Rename session reference in wrapped close method [luacheck] Kim Alvefur <zash@zash.se> parents: 7713 diff changeset	58	self.send(st.reply(stanza));
c8130995d4d1 mod_register: Rename session reference in wrapped close method [luacheck] Kim Alvefur <zash@zash.se> parents: 7713 diff changeset	59	return old_session_close(self, ...);
5098 fca8b5946f6f mod_register: Hijack the session close call to send the final iq reply when deleting Kim Alvefur <zash@zash.se> parents: 5096 diff changeset	60	end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5763 diff changeset	61
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	62	local old_session = capture_session_properties(session);
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	63
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	64	if not soft_delete_period then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	65	local ok, err = usermanager.delete_user(username, host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	66
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	67	if not ok then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	68	log("debug", "Removing user account %s@%s failed: %s", username, host, err);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	69	session.close = old_session_close;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	70	session.send(st.error_reply(stanza, "cancel", "service-unavailable", err));
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	71	return true;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	72	end
5776 bd0ff8ae98a8 Remove all trailing whitespace Florian Zeitz <florob@babelmonkeys.de> parents: 5763 diff changeset	73
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	74	log("info", "User removed their account: %s@%s (deleted)", username, host);
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	75	module:fire_event("user-deregistered", { username = username, host = host, source = "mod_register", session = old_session });
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	76	else
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	77	local ok, err = usermanager.disable_user(username, host, {
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	78	reason = "ibr";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	79	comment = "Deletion requested by user";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	80	when = os.time();
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	81	});
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	82
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	83	if not ok then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	84	log("debug", "Removing (disabling) user account %s@%s failed: %s", username, host, err);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	85	session.close = old_session_close;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	86	session.send(st.error_reply(stanza, "cancel", "service-unavailable", err));
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	87	return true;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	88	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	89
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	90	local status = {
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	91	deleted_at = os.time();
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	92	pending_until = os.time() + soft_delete_period;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	93	client_id = session.client_id;
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	94	};
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	95	deleted_accounts:set(username, status);
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	96
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	97	log("info", "User removed their account: %s@%s (disabled, pending deletion)", username, host);
13376 ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	98	module:fire_event("user-deregistered-pending", {
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	99	username = username;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	100	host = host;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	101	source = "mod_register";
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	102	session = old_session;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	103	status = status;
ffbd058bb232 mod_user_account_management: Fire events with a fake (not destroyed) session Matthew Wild <mwild1@gmail.com> parents: 13373 diff changeset	104	});
3996 7f35b292531b mod_register: Change to use new delete_user auth provider method Matthew Wild <mwild1@gmail.com> parents: 3995 diff changeset	105	end
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	106	else
10386 fcdc65bc6697 mod_user_account_management: Apply username normalization later Kim Alvefur <zash@zash.se> parents: 8487 diff changeset	107	local username = query:get_child_text("username");
5637 991b47778bf3 mod_register: get_child_text()! Kim Alvefur <zash@zash.se> parents: 5500 diff changeset	108	local password = query:get_child_text("password");
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	109	if username and password then
10386 fcdc65bc6697 mod_user_account_management: Apply username normalization later Kim Alvefur <zash@zash.se> parents: 8487 diff changeset	110	username = nodeprep(username);
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	111	if username == session.username then
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	112	if usermanager.set_password(username, password, session.host, session.resource) then
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	113	session.send(st.reply(stanza));
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	114	else
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	115	-- TODO unable to write file, file may be locked, etc, what's the correct error?
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	116	session.send(st.error_reply(stanza, "wait", "internal-server-error"));
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	117	end
44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	118	else
311 513bd52e8e19 Fixed mod_register to use session.send for sending stanzas Waqas Hussain <waqas20@gmail.com> parents: 85 diff changeset	119	session.send(st.error_reply(stanza, "modify", "bad-request"));
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	120	end
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	121	else
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	122	session.send(st.error_reply(stanza, "modify", "bad-request"));
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	123	end
44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	124	end
3529 3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	125	end
3f9cc12308aa mod_register: Updated to use the new events API. Waqas Hussain <waqas20@gmail.com> parents: 3394 diff changeset	126	return true;
3995 e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	127	end
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	128
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	129	module:hook("iq/self/jabber:iq:register:query", handle_registration_stanza);
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	130	if compat then
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	131	module:hook("iq/host/jabber:iq:register:query", function (event)
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	132	local session, stanza = event.origin, event.stanza;
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	133	if session.type == "c2s" and jid_bare(stanza.attr.to) == session.host then
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	134	return handle_registration_stanza(event);
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	135	end
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	136	end);
e504b06492c6 mod_register: Add registration_compat config option to allow account remove requests addressed to='host' (defaults to true) Matthew Wild <mwild1@gmail.com> parents: 3540 diff changeset	137	end
60 44800be871f5 User registration, etc (jabber:iq:register) Waqas Hussain <waqas20@gmail.com> parents: diff changeset	138
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	139	-- This improves UX of soft-deleted accounts by informing the user that the
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	140	-- account has been deleted, rather than just disabled. They can e.g. contact
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	141	-- their admin if this was a mistake.
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	142	module:hook("authentication-failure", function (event)
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	143	if event.condition ~= "account-disabled" then return; end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	144	local session = event.session;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	145	local sasl_handler = session and session.sasl_handler;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	146	if sasl_handler.username then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	147	local status = deleted_accounts:get(sasl_handler.username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	148	if status then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	149	event.text = "Account deleted";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	150	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	151	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	152	end, -1000);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	153
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	154	function restore_account(username)
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	155	local pending, pending_err = deleted_accounts:get(username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	156	if not pending then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	157	return nil, pending_err or "Account not pending deletion";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	158	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	159	local account_info, err = usermanager.get_account_info(username, module.host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	160	if not account_info then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	161	return nil, "Couldn't fetch account info: "..err;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	162	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	163	local forget_ok, forget_err = deleted_accounts:set(username, nil);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	164	if not forget_ok then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	165	return nil, "Couldn't remove account from deletion queue: "..forget_err;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	166	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	167	local enable_ok, enable_err = usermanager.enable_user(username, module.host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	168	if not enable_ok then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	169	return nil, "Removed account from deletion queue, but couldn't enable it: "..enable_err;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	170	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	171	return true, "Account restored";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	172	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	173
13391 e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	174	-- Automatically clear pending deletion if an account is re-enabled
e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	175	module:context("*"):hook("user-enabled", function (event)
e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	176	if event.host ~= module.host then return; end
e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	177	deleted_accounts:set(event.username, nil);
e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	178	end);
e5ddae99faa8 mod_user_account_management: Clear pending deletion if account re-enabled Matthew Wild <mwild1@gmail.com> parents: 13376 diff changeset	179
13373 13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	180	local cleanup_time = module:measure("cleanup", "times");
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	181
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	182	function cleanup_soft_deleted_accounts()
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	183	local cleanup_done = cleanup_time();
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	184	local success, fail, restored, pending = 0, 0, 0, 0;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	185
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	186	for username in deleted_accounts:users() do
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	187	module:log("debug", "Processing account cleanup for '%s'", username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	188	local account_info, account_info_err = usermanager.get_account_info(username, module.host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	189	if not account_info then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	190	module:log("warn", "Unable to process delayed deletion of user '%s': %s", username, account_info_err);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	191	fail = fail + 1;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	192	else
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	193	if account_info.enabled == false then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	194	local meta = deleted_accounts:get(username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	195	if meta.pending_until <= os.time() then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	196	local ok, err = usermanager.delete_user(username, module.host);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	197	if not ok then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	198	module:log("warn", "Unable to process delayed deletion of user '%s': %s", username, err);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	199	fail = fail + 1;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	200	else
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	201	success = success + 1;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	202	deleted_accounts:set(username, nil);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	203	module:log("debug", "Deleted account '%s' successfully", username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	204	module:fire_event("user-deregistered", { username = username, host = module.host, source = "mod_register" });
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	205	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	206	else
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	207	pending = pending + 1;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	208	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	209	else
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	210	module:log("warn", "Account '%s' is not disabled, removing from deletion queue", username);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	211	restored = restored + 1;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	212	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	213	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	214	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	215
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	216	module:log("debug", "%d accounts scheduled for future deletion", pending);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	217
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	218	if success > 0 or fail > 0 then
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	219	module:log("info", "Completed account cleanup - %d accounts deleted (%d failed, %d restored, %d pending)", success, fail, restored, pending);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	220	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	221	cleanup_done();
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	222	end
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	223
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	224	module:daily("Remove deleted accounts", cleanup_soft_deleted_accounts);
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	225
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	226	--- shell command
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	227	module:add_item("shell-command", {
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	228	section = "user";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	229	name = "restore";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	230	desc = "Restore a user account scheduled for deletion";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	231	args = {
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	232	{ name = "jid", type = "string" };
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	233	};
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	234	host_selector = "jid";
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	235	handler = function (self, jid) --luacheck: ignore 212/self
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	236	return restore_account(jid_node(jid));
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	237	end;
13a27043cd0f mod_user_account_management: Add support for soft-deletion of accounts via IBR Matthew Wild <mwild1@gmail.com> parents: 12981 diff changeset	238	});

author	Kim Alvefur <zash@zash.se>
	Wed, 27 Mar 2024 19:33:11 +0100
changeset 13471	c2a476f4712a
parent 13391	e5ddae99faa8
permissions	-rw-r--r--