diff --git a/ChangeLog b/ChangeLog index 0440b6a29..de1a0384e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,6 +16,9 @@ delete-nodes for delete item use case (fix from erroneous definition in XEP-0060) + * src/mod_pubsub/mod_pubsub.erl: Added "access-whitelist" and + "member-affiliation" features (thanks to Andy Skelton)(EJAB-780) + 2008-12-29 Alexey Shchepin * src/ejabberd_c2s.erl: Bugfix in "from" attribute checking diff --git a/src/mod_pubsub/mod_pubsub.erl b/src/mod_pubsub/mod_pubsub.erl index ceadbd5e6..cff4daa9d 100644 --- a/src/mod_pubsub/mod_pubsub.erl +++ b/src/mod_pubsub/mod_pubsub.erl @@ -2066,6 +2066,7 @@ get_roster_info(OwnerUser, OwnerServer, {SubscriberUser, SubscriberServer, _}, A %% @doc

Convert an affiliation type from string to atom.

string_to_affiliation("owner") -> owner; string_to_affiliation("publisher") -> publisher; +string_to_affiliation("member") -> member; string_to_affiliation("outcast") -> outcast; string_to_affiliation("none") -> none; string_to_affiliation(_) -> false. @@ -2086,6 +2087,7 @@ string_to_subscription(_) -> false. %% @doc

Convert an affiliation type from atom to string.

affiliation_to_string(owner) -> "owner"; affiliation_to_string(publisher) -> "publisher"; +affiliation_to_string(member) -> "member"; affiliation_to_string(outcast) -> "outcast"; affiliation_to_string(_) -> "none". @@ -2666,7 +2668,7 @@ features() -> "access-open", % OPTIONAL this relates to access_model option in node_default "access-presence", % OPTIONAL this relates to access_model option in node_pep %TODO "access-roster", % OPTIONAL - %TODO "access-whitelist", % OPTIONAL + "access-whitelist", % OPTIONAL % see plugin "auto-create", % OPTIONAL % see plugin "auto-subscribe", % RECOMMENDED "collections", % RECOMMENDED @@ -2683,7 +2685,7 @@ features() -> %TODO "cache-last-item", %TODO "leased-subscription", % OPTIONAL % see plugin "manage-subscriptions", % OPTIONAL - %TODO "member-affiliation", % RECOMMENDED + "member-affiliation", % RECOMMENDED %TODO "meta-data", % RECOMMENDED % see plugin "modify-affiliations", % OPTIONAL %TODO "multi-collection", % OPTIONAL diff --git a/src/mod_pubsub/node_default.erl b/src/mod_pubsub/node_default.erl index d7fdb450e..3a4faf506 100644 --- a/src/mod_pubsub/node_default.erl +++ b/src/mod_pubsub/node_default.erl @@ -282,6 +282,7 @@ subscribe_node(Host, Node, Sender, Subscriber, AccessModel, State = get_state(Host, Node, SubscriberKey), #pubsub_state{affiliation = Affiliation, subscription = Subscription} = State, + Whitelisted = lists:member(Affiliation, [member, publisher, owner]), if not Authorized -> %% JIDs do not match @@ -298,8 +299,8 @@ subscribe_node(Host, Node, Sender, Subscriber, AccessModel, (AccessModel == roster) and (not RosterGroup) -> %% Entity is not authorized to create a subscription (not in roster group) {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")}; - (AccessModel == whitelist) -> % TODO: to be done - %% Node has whitelist access model + (AccessModel == whitelist) and (not Whitelisted) -> + %% Node has whitelist access model and entity lacks required affiliation {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")}; (AccessModel == authorize) -> % TODO: to be done %% Node has authorize access model @@ -667,6 +668,7 @@ get_items(Host, Node, JID, AccessModel, PresenceSubscription, RosterGroup, _SubI #pubsub_state{affiliation = Affiliation, subscription = Subscription} = State, Subscribed = not ((Subscription == none) or (Subscription == pending)), + Whitelisted = lists:member(Affiliation, [member, publisher, owner]), if %%SubID == "", ?? -> %% Entity has multiple subscriptions to the node but does not specify a subscription ID @@ -686,8 +688,8 @@ get_items(Host, Node, JID, AccessModel, PresenceSubscription, RosterGroup, _SubI (AccessModel == roster) and (not RosterGroup) -> %% Entity is not authorized to create a subscription (not in roster group) {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")}; - (AccessModel == whitelist) -> % TODO: to be done - %% Node has whitelist access model + (AccessModel == whitelist) and (not Whitelisted) -> + %% Node has whitelist access model and entity lacks required affiliation {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")}; (AccessModel == authorize) -> % TODO: to be done %% Node has authorize access model @@ -717,6 +719,7 @@ get_item(Host, Node, ItemId, JID, AccessModel, PresenceSubscription, RosterGroup #pubsub_state{affiliation = Affiliation, subscription = Subscription} = State, Subscribed = not ((Subscription == none) or (Subscription == pending)), + Whitelisted = lists:member(Affiliation, [member, publisher, owner]), if %%SubID == "", ?? -> %% Entity has multiple subscriptions to the node but does not specify a subscription ID @@ -736,8 +739,8 @@ get_item(Host, Node, ItemId, JID, AccessModel, PresenceSubscription, RosterGroup (AccessModel == roster) and (not RosterGroup) -> %% Entity is not authorized to create a subscription (not in roster group) {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")}; - (AccessModel == whitelist) -> % TODO: to be done - %% Node has whitelist access model + (AccessModel == whitelist) and (not Whitelisted) -> + %% Node has whitelist access model and entity lacks required affiliation {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")}; (AccessModel == authorize) -> % TODO: to be done %% Node has authorize access model