mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-22 16:20:52 +01:00
mod_privilege: Don't fail to edit roster (#3942)
This commit is contained in:
Holger Weiss
Badlop
parent
9f08b4aa15
commit
2dc843cddd
@ -217,19 +217,24 @@ process_message(#message{from = #jid{luser = <<"">>, lresource = <<"">>} = From,
|
|||||||
process_message(_Stanza) ->
|
process_message(_Stanza) ->
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
-spec roster_access(boolean(), iq()) -> boolean().
|
-spec roster_access({true, iq()} | false, iq()) -> {true, iq()} | false.
|
||||||
roster_access(true, _) ->
|
roster_access({true, _IQ} = Acc, _) ->
|
||||||
true;
|
Acc;
|
||||||
roster_access(false, #iq{from = From, to = To, type = Type}) ->
|
roster_access(false, #iq{from = From, to = To, type = Type} = IQ) ->
|
||||||
Host = From#jid.lserver,
|
Host = From#jid.lserver,
|
||||||
ServerHost = To#jid.lserver,
|
ServerHost = To#jid.lserver,
|
||||||
Permissions = get_permissions(ServerHost),
|
Permissions = get_permissions(ServerHost),
|
||||||
case maps:find(Host, Permissions) of
|
case maps:find(Host, Permissions) of
|
||||||
{ok, Access} ->
|
{ok, Access} ->
|
||||||
Permission = proplists:get_value(roster, Access, none),
|
Permission = proplists:get_value(roster, Access, none),
|
||||||
(Permission == both)
|
case (Permission == both)
|
||||||
orelse (Permission == get andalso Type == get)
|
orelse (Permission == get andalso Type == get)
|
||||||
orelse (Permission == set andalso Type == set);
|
orelse (Permission == set andalso Type == set) of
|
||||||
|
true ->
|
||||||
|
{true, xmpp:put_meta(IQ, privilege_from, To)};
|
||||||
|
false ->
|
||||||
|
false
|
||||||
|
end;
|
||||||
error ->
|
error ->
|
||||||
%% Component is disconnected
|
%% Component is disconnected
|
||||||
false
|
false
|
||||||
|
|||||||
@ -128,8 +128,8 @@ process_iq(#iq{lang = Lang, to = To} = IQ) ->
|
|||||||
false ->
|
false ->
|
||||||
Txt = ?T("Query to another users is forbidden"),
|
Txt = ?T("Query to another users is forbidden"),
|
||||||
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang));
|
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang));
|
||||||
true ->
|
{true, IQ1} ->
|
||||||
process_local_iq(IQ)
|
process_local_iq(IQ1)
|
||||||
end.
|
end.
|
||||||
|
|
||||||
-spec process_local_iq(iq()) -> iq().
|
-spec process_local_iq(iq()) -> iq().
|
||||||
@ -147,7 +147,13 @@ process_local_iq(#iq{type = set, from = From, lang = Lang,
|
|||||||
Txt = ?T("Duplicated groups are not allowed by RFC6121"),
|
Txt = ?T("Duplicated groups are not allowed by RFC6121"),
|
||||||
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang));
|
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang));
|
||||||
false ->
|
false ->
|
||||||
#jid{lserver = LServer} = From,
|
From1 = case xmpp:get_meta(IQ, privilege_from, none) of
|
||||||
|
#jid{} = PrivFrom ->
|
||||||
|
PrivFrom;
|
||||||
|
none ->
|
||||||
|
From
|
||||||
|
end,
|
||||||
|
#jid{lserver = LServer} = From1,
|
||||||
Access = mod_roster_opt:access(LServer),
|
Access = mod_roster_opt:access(LServer),
|
||||||
case acl:match_rule(LServer, Access, From) of
|
case acl:match_rule(LServer, Access, From) of
|
||||||
deny ->
|
deny ->
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user