25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-24 17:29:28 +01:00

PubSub: enforce controls on publish and delete

This commit is contained in:
Christophe Romain 2017-09-27 17:37:38 +02:00
parent 1c6aa5e84e
commit 3c8308bb8d
2 changed files with 57 additions and 29 deletions

View File

@ -376,23 +376,26 @@ publish_item(Nidx, Publisher, PublishModel, MaxItems, ItemId, Payload,
true ->
if MaxItems > 0 ->
Now = p1_time_compat:timestamp(),
PubId = {Now, SubKey},
Item = case get_item(Nidx, ItemId) of
{result, OldItem} ->
OldItem#pubsub_item{modification = PubId,
payload = Payload};
case get_item(Nidx, ItemId) of
{result, #pubsub_item{creation = {_, GenKey}} = OldItem} ->
set_item(OldItem#pubsub_item{
modification = {Now, SubKey},
payload = Payload}),
{result, {default, broadcast, []}};
{result, _} ->
{error, xmpp:err_forbidden()};
_ ->
#pubsub_item{itemid = {ItemId, Nidx},
nodeidx = Nidx,
creation = {Now, GenKey},
modification = PubId,
payload = Payload}
end,
Items = [ItemId | GenState#pubsub_state.items -- [ItemId]],
{result, {NI, OI}} = remove_extra_items(Nidx, MaxItems, Items),
set_item(Item),
set_state(GenState#pubsub_state{items = NI}),
{result, {default, broadcast, OI}};
Items = [ItemId | GenState#pubsub_state.items],
{result, {NI, OI}} = remove_extra_items(Nidx, MaxItems, Items),
set_state(GenState#pubsub_state{items = NI}),
set_item(#pubsub_item{
itemid = {ItemId, Nidx},
nodeidx = Nidx,
creation = {Now, GenKey},
modification = {Now, SubKey},
payload = Payload}),
{result, {default, broadcast, OI}}
end;
true ->
{result, {default, broadcast, []}}
end

View File

@ -243,20 +243,31 @@ publish_item(Nidx, Publisher, PublishModel, MaxItems, ItemId, Payload,
if not ((PublishModel == open) or
(PublishModel == publishers) and
((Affiliation == owner)
or (Affiliation == publisher)
or (Affiliation == publish_only))
or (Affiliation == publisher)
or (Affiliation == publish_only))
or (Subscribed == true)) ->
{error, xmpp:err_forbidden()};
true ->
if MaxItems > 0 ->
PubId = {p1_time_compat:timestamp(), SubKey},
set_item(#pubsub_item{itemid = {ItemId, Nidx},
creation = {p1_time_compat:timestamp(), GenKey},
modification = PubId,
payload = Payload}),
Items = [ItemId | itemids(Nidx, GenKey) -- [ItemId]],
{result, {_, OI}} = remove_extra_items(Nidx, MaxItems, Items),
{result, {default, broadcast, OI}};
Now = p1_time_compat:timestamp(),
case get_item(Nidx, ItemId) of
{result, #pubsub_item{creation = {_, GenKey}} = OldItem} ->
set_item(OldItem#pubsub_item{
modification = {Now, SubKey},
payload = Payload}),
{result, {default, broadcast, []}};
{result, _} ->
{error, xmpp:err_forbidden()};
_ ->
Items = [ItemId | itemids(Nidx, GenKey)],
{result, {_NI, OI}} = remove_extra_items(Nidx, MaxItems, Items),
set_item(#pubsub_item{
itemid = {ItemId, Nidx},
creation = {Now, GenKey},
modification = {Now, SubKey},
payload = Payload}),
{result, {default, broadcast, OI}}
end;
true ->
{result, {default, broadcast, []}}
end
@ -284,9 +295,23 @@ delete_item(Nidx, Publisher, PublishModel, ItemId) ->
if not Allowed ->
{error, xmpp:err_forbidden()};
true ->
case del_item(Nidx, ItemId) of
{updated, 1} -> {result, {default, broadcast}};
_ -> {error, xmpp:err_item_not_found()}
Items = itemids(Nidx, GenKey),
case lists:member(ItemId, Items) of
true ->
case del_item(Nidx, ItemId) of
{updated, 1} -> {result, {default, broadcast}};
_ -> {error, xmpp:err_item_not_found()}
end;
false ->
case Affiliation of
owner ->
case del_item(Nidx, ItemId) of
{updated, 1} -> {result, {default, broadcast}};
_ -> {error, xmpp:err_item_not_found()}
end;
_ ->
{error, xmpp:err_forbidden()}
end
end
end.