mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-24 16:23:40 +01:00
mod_privilege: Don't fail to edit roster (#3942)
This commit is contained in:
parent
9f08b4aa15
commit
2dc843cddd
@ -217,19 +217,24 @@ process_message(#message{from = #jid{luser = <<"">>, lresource = <<"">>} = From,
|
||||
process_message(_Stanza) ->
|
||||
ok.
|
||||
|
||||
-spec roster_access(boolean(), iq()) -> boolean().
|
||||
roster_access(true, _) ->
|
||||
true;
|
||||
roster_access(false, #iq{from = From, to = To, type = Type}) ->
|
||||
-spec roster_access({true, iq()} | false, iq()) -> {true, iq()} | false.
|
||||
roster_access({true, _IQ} = Acc, _) ->
|
||||
Acc;
|
||||
roster_access(false, #iq{from = From, to = To, type = Type} = IQ) ->
|
||||
Host = From#jid.lserver,
|
||||
ServerHost = To#jid.lserver,
|
||||
Permissions = get_permissions(ServerHost),
|
||||
case maps:find(Host, Permissions) of
|
||||
{ok, Access} ->
|
||||
Permission = proplists:get_value(roster, Access, none),
|
||||
(Permission == both)
|
||||
orelse (Permission == get andalso Type == get)
|
||||
orelse (Permission == set andalso Type == set);
|
||||
case (Permission == both)
|
||||
orelse (Permission == get andalso Type == get)
|
||||
orelse (Permission == set andalso Type == set) of
|
||||
true ->
|
||||
{true, xmpp:put_meta(IQ, privilege_from, To)};
|
||||
false ->
|
||||
false
|
||||
end;
|
||||
error ->
|
||||
%% Component is disconnected
|
||||
false
|
||||
|
@ -128,8 +128,8 @@ process_iq(#iq{lang = Lang, to = To} = IQ) ->
|
||||
false ->
|
||||
Txt = ?T("Query to another users is forbidden"),
|
||||
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang));
|
||||
true ->
|
||||
process_local_iq(IQ)
|
||||
{true, IQ1} ->
|
||||
process_local_iq(IQ1)
|
||||
end.
|
||||
|
||||
-spec process_local_iq(iq()) -> iq().
|
||||
@ -147,7 +147,13 @@ process_local_iq(#iq{type = set, from = From, lang = Lang,
|
||||
Txt = ?T("Duplicated groups are not allowed by RFC6121"),
|
||||
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang));
|
||||
false ->
|
||||
#jid{lserver = LServer} = From,
|
||||
From1 = case xmpp:get_meta(IQ, privilege_from, none) of
|
||||
#jid{} = PrivFrom ->
|
||||
PrivFrom;
|
||||
none ->
|
||||
From
|
||||
end,
|
||||
#jid{lserver = LServer} = From1,
|
||||
Access = mod_roster_opt:access(LServer),
|
||||
case acl:match_rule(LServer, Access, From) of
|
||||
deny ->
|
||||
|
Loading…
Reference in New Issue
Block a user