From 64f294589285715e59ed95fe23efbb499ee6a9c1 Mon Sep 17 00:00:00 2001 From: Badlop Date: Fri, 27 Feb 2009 23:56:46 +0000 Subject: [PATCH] * src/mod_pubsub/node_default.erl: Fix that non-subscriber could fetch items from Authorize node (thanks to Brian Cully)(EJAB-873) SVN Revision: 1930 --- ChangeLog | 5 +++++ src/mod_pubsub/node_default.erl | 21 ++++++++++++++++++--- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9f9c06e83..9487d4b0d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2009-02-28 Badlop + + * src/mod_pubsub/node_default.erl: Fix that non-subscriber could + fetch items from Authorize node (thanks to Brian Cully)(EJAB-873) + 2009-02-27 Badlop * src/tls/tls_drv.c: S2S connection with STARTTLS fails to Gtalk diff --git a/src/mod_pubsub/node_default.erl b/src/mod_pubsub/node_default.erl index 42d53c2d2..37d18cd7d 100644 --- a/src/mod_pubsub/node_default.erl +++ b/src/mod_pubsub/node_default.erl @@ -305,7 +305,7 @@ subscribe_node(Host, Node, Sender, Subscriber, AccessModel, (AccessModel == whitelist) and (not Whitelisted) -> %% Node has whitelist access model and entity lacks required affiliation {error, ?ERR_EXTENDED(?ERR_NOT_ALLOWED, "closed-node")}; - (AccessModel == authorize) -> % TODO: to be done + (AccessModel == authorize) and (not Whitelisted) -> %% Node has authorize access model {error, ?ERR_FORBIDDEN}; %%MustPay -> @@ -702,7 +702,8 @@ get_items(Host, Node, JID, AccessModel, PresenceSubscription, RosterGroup, _SubI GenKey = jlib:jid_remove_resource(SubKey), GenState = get_state(Host, Node, GenKey), Affiliation = GenState#pubsub_state.affiliation, - Whitelisted = lists:member(Affiliation, [member, publisher, owner]), + Subscription = GenState#pubsub_state.subscription, + Whitelisted = can_fetch_item(Affiliation, Subscription), if %%SubID == "", ?? -> %% Entity has multiple subscriptions to the node but does not specify a subscription ID @@ -750,7 +751,8 @@ get_item(Host, Node, ItemId, JID, AccessModel, PresenceSubscription, RosterGroup GenKey = jlib:jid_remove_resource(SubKey), GenState = get_state(Host, Node, GenKey), Affiliation = GenState#pubsub_state.affiliation, - Whitelisted = lists:member(Affiliation, [member, publisher, owner]), + Subscription = GenState#pubsub_state.subscription, + Whitelisted = can_fetch_item(Affiliation, Subscription), if %%SubID == "", ?? -> %% Entity has multiple subscriptions to the node but does not specify a subscription ID @@ -804,3 +806,16 @@ del_items(Host, Node, ItemIds) -> %% node id.

get_item_name(_Host, _Node, Id) -> Id. + +%% @spec (Affiliation, Subscription) -> true | false +%% Affiliation = owner | member | publisher | outcast | none +%% Subscription = subscribed | none +%% @doc Determines if the combination of Affiliation and Subscribed +%% are allowed to get items from a node. +can_fetch_item(owner, _) -> true; +can_fetch_item(member, _) -> true; +can_fetch_item(publisher, _) -> true; +can_fetch_item(outcast, _) -> false; +can_fetch_item(none, subscribed) -> true; +can_fetch_item(none, none) -> false; +can_fetch_item(_Affiliation, _Subscription) -> false.