PubSub: Added access-whitelist and member-affiliation features (EJAB-780)

SVN Revision: 1768
2024-11-22 16:20:52 +01:00 · 2009-01-03 00:55:05 +00:00 · 2009-01-03 00:55:05 +00:00 · 01d761a901
commit 01d761a901
parent e710a24860
3 changed files with 16 additions and 8 deletions
--- a/3
+++ b/3
@ -16,6 +16,9 @@
 	delete-nodes for delete item use case (fix from erroneous definition
 	in XEP-0060)
 	* src/mod_pubsub/mod_pubsub.erl: Added "access-whitelist" and
 	"member-affiliation" features (thanks to Andy Skelton)(EJAB-780)
 2008-12-29  Alexey Shchepin  <alexey@process-one.net>
 	* src/ejabberd_c2s.erl: Bugfix in "from" attribute checking
--- a/src/mod_pubsub/mod_pubsub.erl
+++ b/src/mod_pubsub/mod_pubsub.erl
@ -2066,6 +2066,7 @@ get_roster_info(OwnerUser, OwnerServer, {SubscriberUser, SubscriberServer, _}, A
 %% @doc <p>Convert an affiliation type from string to atom.</p>
 string_to_affiliation("owner") -> owner;
 string_to_affiliation("publisher") -> publisher;
 string_to_affiliation("member") -> member;
 string_to_affiliation("outcast") -> outcast;
 string_to_affiliation("none") -> none;
 string_to_affiliation(_) -> false.
@ -2086,6 +2087,7 @@ string_to_subscription(_) -> false.
 %% @doc <p>Convert an affiliation type from atom to string.</p>
 affiliation_to_string(owner) -> "owner";
 affiliation_to_string(publisher) -> "publisher";
 affiliation_to_string(member) -> "member";
 affiliation_to_string(outcast) -> "outcast";
 affiliation_to_string(_) -> "none".
@ -2666,7 +2668,7 @@ features() ->
 	 "access-open",   % OPTIONAL this relates to access_model option in node_default
 	 "access-presence",   % OPTIONAL this relates to access_model option in node_pep
 	 %TODO "access-roster",   % OPTIONAL
-	 %TODO "access-whitelist",   % OPTIONAL
+	 "access-whitelist",   % OPTIONAL
 	 % see plugin "auto-create",   % OPTIONAL
 	 % see plugin "auto-subscribe",   % RECOMMENDED
 	 "collections",   % RECOMMENDED
@ -2683,7 +2685,7 @@ features() ->
 	 %TODO "cache-last-item",
 	 %TODO "leased-subscription",   % OPTIONAL
 	 % see plugin "manage-subscriptions",   % OPTIONAL
-	 %TODO "member-affiliation",   % RECOMMENDED
+	 "member-affiliation",   % RECOMMENDED
 	 %TODO "meta-data",   % RECOMMENDED
 	 % see plugin "modify-affiliations",   % OPTIONAL
 	 %TODO "multi-collection",   % OPTIONAL
--- a/src/mod_pubsub/node_default.erl
+++ b/src/mod_pubsub/node_default.erl
@ -282,6 +282,7 @@ subscribe_node(Host, Node, Sender, Subscriber, AccessModel,
    State = get_state(Host, Node, SubscriberKey),
    #pubsub_state{affiliation = Affiliation,
 		  subscription = Subscription} = State,
    Whitelisted = lists:member(Affiliation, [member, publisher, owner]),
    if
 	not Authorized ->
 	    %% JIDs do not match
@ -298,8 +299,8 @@ subscribe_node(Host, Node, Sender, Subscriber, AccessModel,
 	(AccessModel == roster) and (not RosterGroup) ->
 	    %% Entity is not authorized to create a subscription (not in roster group)
 	    {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")};
-	(AccessModel == whitelist) ->  % TODO: to be done
+	(AccessModel == whitelist) and (not Whitelisted) ->
-	    %% Node has whitelist access model
+	    %% Node has whitelist access model and entity lacks required affiliation
 	    {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")};
 	(AccessModel == authorize) -> % TODO: to be done
 	    %% Node has authorize access model
@ -667,6 +668,7 @@ get_items(Host, Node, JID, AccessModel, PresenceSubscription, RosterGroup, _SubI
    #pubsub_state{affiliation = Affiliation,
 		  subscription = Subscription} = State,
    Subscribed = not ((Subscription == none) or (Subscription == pending)),
    Whitelisted = lists:member(Affiliation, [member, publisher, owner]),
    if
 	%%SubID == "", ?? ->
 	    %% Entity has multiple subscriptions to the node but does not specify a subscription ID
@ -686,8 +688,8 @@ get_items(Host, Node, JID, AccessModel, PresenceSubscription, RosterGroup, _SubI
 	(AccessModel == roster) and (not RosterGroup) ->
 	    %% Entity is not authorized to create a subscription (not in roster group)
 	    {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")};
-	(AccessModel == whitelist) ->  % TODO: to be done
+	(AccessModel == whitelist) and (not Whitelisted) ->
-	    %% Node has whitelist access model
+	    %% Node has whitelist access model and entity lacks required affiliation
 	    {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")};
 	(AccessModel == authorize) -> % TODO: to be done
 	    %% Node has authorize access model
@ -717,6 +719,7 @@ get_item(Host, Node, ItemId, JID, AccessModel, PresenceSubscription, RosterGroup
    #pubsub_state{affiliation = Affiliation,
 		  subscription = Subscription} = State,
    Subscribed = not ((Subscription == none) or (Subscription == pending)),
    Whitelisted = lists:member(Affiliation, [member, publisher, owner]),
    if
 	%%SubID == "", ?? ->
 	    %% Entity has multiple subscriptions to the node but does not specify a subscription ID
@ -736,8 +739,8 @@ get_item(Host, Node, ItemId, JID, AccessModel, PresenceSubscription, RosterGroup
 	(AccessModel == roster) and (not RosterGroup) ->
 	    %% Entity is not authorized to create a subscription (not in roster group)
 	    {error, ?ERR_EXTENDED(?ERR_NOT_AUTHORIZED, "not-in-roster-group")};
-	(AccessModel == whitelist) ->  % TODO: to be done
+	(AccessModel == whitelist) and (not Whitelisted) ->
-	    %% Node has whitelist access model
+	    %% Node has whitelist access model and entity lacks required affiliation
 	    {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")};
 	(AccessModel == authorize) -> % TODO: to be done
 	    %% Node has authorize access model