|
1 -- Prosody IM |
|
2 -- Copyright (C) 2008-2010 Matthew Wild |
|
3 -- Copyright (C) 2008-2010 Waqas Hussain |
|
4 -- Copyright (C) 2010 Jeff Mitchell |
|
5 -- |
|
6 -- This project is MIT/X11 licensed. Please see the |
|
7 -- COPYING file in the source package for more information. |
|
8 -- |
|
9 |
|
10 local log = require "util.logger".init("usermanager"); |
|
11 local type = type; |
|
12 local ipairs = ipairs; |
|
13 local jid_bare = require "util.jid".bare; |
|
14 local config = require "core.configmanager"; |
|
15 local new_sasl = require "util.sasl".new; |
|
16 local datamanager = require "util.datamanager"; |
|
17 |
|
18 function new_default_provider(host) |
|
19 local provider = { name = "anonymous" }; |
|
20 |
|
21 function provider.test_password(username, password) |
|
22 return nil, "Password based auth not supported."; |
|
23 end |
|
24 |
|
25 function provider.get_password(username) |
|
26 return nil, "Password not available."; |
|
27 end |
|
28 |
|
29 function provider.set_password(username, password) |
|
30 return nil, "Password based auth not supported."; |
|
31 end |
|
32 |
|
33 function provider.user_exists(username) |
|
34 return nil, "Only anonymous users are supported."; -- FIXME check if anonymous user is connected? |
|
35 end |
|
36 |
|
37 function provider.create_user(username, password) |
|
38 return nil, "Account creation/modification not supported."; end |
|
39 end |
|
40 |
|
41 function provider.get_sasl_handler() |
|
42 local realm = module:get_option("sasl_realm") or module.host; |
|
43 local anonymous_authentication_profile = { |
|
44 anonymous = function(username, realm) |
|
45 return true; -- for normal usage you should always return true here |
|
46 end |
|
47 }; |
|
48 return new_sasl(realm, anonymous_authentication_profile); |
|
49 end |
|
50 |
|
51 function provider.is_admin(jid) |
|
52 local admins = config.get(host, "core", "admins"); |
|
53 if admins ~= config.get("*", "core", "admins") and type(admins) == "table" then |
|
54 jid = jid_bare(jid); |
|
55 for _,admin in ipairs(admins) do |
|
56 if admin == jid then return true; end |
|
57 end |
|
58 elseif admins then |
|
59 log("error", "Option 'admins' for host '%s' is not a table", host); |
|
60 end |
|
61 return is_admin(jid); -- Test whether it's a global admin instead |
|
62 end |
|
63 return provider; |
|
64 end |
|
65 |
|
66 local function dm_callback(username, host, datastore, data) |
|
67 if host == module.host then |
|
68 return false; |
|
69 end |
|
70 return username, host, datastore, data; |
|
71 end |
|
72 local host = hosts[module.host]; |
|
73 local _saved_disallow_s2s = host.disallow_s2s; |
|
74 function module.load() |
|
75 _saved_disallow_s2s = host.disallow_s2s; |
|
76 host.disallow_s2s = module:get_option("disallow_s2s") ~= false; |
|
77 datamanager.add_callback(dm_callback); |
|
78 end |
|
79 function module.unload() |
|
80 host.disallow_s2s = _saved_disallow_s2s; |
|
81 datamanager.remove_callback(dm_callback); |
|
82 end |
|
83 |
|
84 module:add_item("auth-provider", new_default_provider(module.host)); |
|
85 |