Mercurial Mercurial > prosody > prosody / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
core/moduleapi.lua
changeset 12999 e385f3a06673
parent 12998 5625da6ae6b6
child 13019 46c05c2e34f7 
--- a/core/moduleapi.lua	Sat Mar 25 19:38:41 2023 +0000
+++ b/core/moduleapi.lua	Sun Mar 26 14:06:04 2023 +0100
@@ -626,7 +626,11 @@
 	end
 end
 
-function api:may(action, context)
+function api:could(action, context)
+	return self:may(action, context, true);
+end
+
+function api:may(action, context, peek)
 	if action:byte(1) == 58 then -- action begins with ':'
 		action = self.name..action; -- prepend module name
 	end
@@ -639,12 +643,16 @@
 			role = hosts[self.host].authz.get_jid_role(context);
 		end
 		if not role then
-			self:log("debug", "Access denied: JID <%s> may not %s (no role found)", context, action);
+			if not peek then
+				self:log("debug", "Access denied: JID <%s> may not %s (no role found)", context, action);
+			end
 			return false;
 		end
 		local permit = role:may(action);
 		if not permit then
-			self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", context, action, role.name);
+			if not peek then
+				self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", context, action, role.name);
+			end
 		end
 		return permit;
 	end
@@ -656,11 +664,13 @@
 	if session.type == "c2s" and session.host == self.host then
 		local role = session.role;
 		if not role then
-			self:log("warn", "Access denied: session %s has no role assigned");
+			if not peek then
+				self:log("warn", "Access denied: session %s has no role assigned");
+			end
 			return false;
 		end
 		local permit = role:may(action, context);
-		if not permit then
+		if not permit and not peek then
 			self:log("debug", "Access denied: session %s (%s) may not %s (not permitted by role %s)",
 				session.id, session.full_jid, action, role.name
 			);
@@ -670,11 +680,13 @@
 		local actor_jid = context.stanza.attr.from;
 		local role = hosts[self.host].authz.get_jid_role(actor_jid);
 		if not role then
-			self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);
+			if not peek then
+				self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);
+			end
 			return false;
 		end
 		local permit = role:may(action, context);
-		if not permit then
+		if not permit and not peek then
 			self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", actor_jid, action, role.name);
 		end
 		return permit;
prosody