mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-22 16:20:52 +01:00
Merge lastest commits from master
This commit is contained in:
Mickael Remond
commit
7988e2e350
@ -23,8 +23,7 @@
|
|||||||
path = [] :: [binary()],
|
path = [] :: [binary()],
|
||||||
q = [] :: [{binary() | nokey, binary()}],
|
q = [] :: [{binary() | nokey, binary()}],
|
||||||
us = {<<>>, <<>>} :: {binary(), binary()},
|
us = {<<>>, <<>>} :: {binary(), binary()},
|
||||||
auth :: {binary(), binary()} |
|
auth :: {binary(), binary()} | {oauth, binary(), []} | undefined,
|
||||||
{auth_jid, {binary(), binary()}, jlib:jid()},
|
|
||||||
lang = <<"">> :: binary(),
|
lang = <<"">> :: binary(),
|
||||||
data = <<"">> :: binary(),
|
data = <<"">> :: binary(),
|
||||||
ip :: {inet:ip_address(), inet:port_number()},
|
ip :: {inet:ip_address(), inet:port_number()},
|
||||||
|
|||||||
@ -218,6 +218,7 @@
|
|||||||
get_command_format/1,
|
get_command_format/1,
|
||||||
get_command_format/2,
|
get_command_format/2,
|
||||||
get_command_format/3,
|
get_command_format/3,
|
||||||
|
get_command_policy/1,
|
||||||
get_command_definition/1,
|
get_command_definition/1,
|
||||||
get_command_definition/2,
|
get_command_definition/2,
|
||||||
get_tags_commands/0,
|
get_tags_commands/0,
|
||||||
@ -364,6 +365,17 @@ get_command_format(Name, Auth, Version) ->
|
|||||||
{Args, Result}
|
{Args, Result}
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
-spec get_command_policy(atom()) -> {ok, open|user|admin|restricted} | {error, command_not_found}.
|
||||||
|
|
||||||
|
%% @doc return command policy.
|
||||||
|
get_command_policy(Name) ->
|
||||||
|
case get_command_definition(Name) of
|
||||||
|
#ejabberd_commands{policy = Policy} ->
|
||||||
|
{ok, Policy};
|
||||||
|
command_not_found ->
|
||||||
|
{error, command_not_found}
|
||||||
|
end.
|
||||||
|
|
||||||
-spec get_command_definition(atom()) -> ejabberd_commands().
|
-spec get_command_definition(atom()) -> ejabberd_commands().
|
||||||
|
|
||||||
%% @doc Get the definition record of a command.
|
%% @doc Get the definition record of a command.
|
||||||
|
|||||||
@ -753,6 +753,7 @@ code_to_phrase(503) -> <<"Service Unavailable">>;
|
|||||||
code_to_phrase(504) -> <<"Gateway Timeout">>;
|
code_to_phrase(504) -> <<"Gateway Timeout">>;
|
||||||
code_to_phrase(505) -> <<"HTTP Version Not Supported">>.
|
code_to_phrase(505) -> <<"HTTP Version Not Supported">>.
|
||||||
|
|
||||||
|
-spec parse_auth(binary()) -> {binary(), binary()} | {oauth, binary(), []} | undefined.
|
||||||
parse_auth(<<"Basic ", Auth64/binary>>) ->
|
parse_auth(<<"Basic ", Auth64/binary>>) ->
|
||||||
Auth = jlib:decode_base64(Auth64),
|
Auth = jlib:decode_base64(Auth64),
|
||||||
%% Auth should be a string with the format: user@server:password
|
%% Auth should be a string with the format: user@server:password
|
||||||
|
|||||||
@ -123,7 +123,6 @@ start(_Host, _Opts) ->
|
|||||||
stop(_Host) ->
|
stop(_Host) ->
|
||||||
ok.
|
ok.
|
||||||
|
|
||||||
|
|
||||||
%% ----------
|
%% ----------
|
||||||
%% basic auth
|
%% basic auth
|
||||||
%% ----------
|
%% ----------
|
||||||
@ -131,12 +130,13 @@ stop(_Host) ->
|
|||||||
check_permissions(Request, Command) ->
|
check_permissions(Request, Command) ->
|
||||||
case catch binary_to_existing_atom(Command, utf8) of
|
case catch binary_to_existing_atom(Command, utf8) of
|
||||||
Call when is_atom(Call) ->
|
Call when is_atom(Call) ->
|
||||||
check_permissions2(Request, Call);
|
{ok, CommandPolicy} = ejabberd_commands:get_command_policy(Call),
|
||||||
|
check_permissions2(Request, Call, CommandPolicy);
|
||||||
_ ->
|
_ ->
|
||||||
unauthorized_response()
|
unauthorized_response()
|
||||||
end.
|
end.
|
||||||
|
|
||||||
check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call)
|
check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call, _)
|
||||||
when HTTPAuth /= undefined ->
|
when HTTPAuth /= undefined ->
|
||||||
Admin =
|
Admin =
|
||||||
case lists:keysearch(<<"X-Admin">>, 1, Headers) of
|
case lists:keysearch(<<"X-Admin">>, 1, Headers) of
|
||||||
@ -169,7 +169,9 @@ check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call)
|
|||||||
{ok, A} -> {allowed, Call, A};
|
{ok, A} -> {allowed, Call, A};
|
||||||
_ -> unauthorized_response()
|
_ -> unauthorized_response()
|
||||||
end;
|
end;
|
||||||
check_permissions2(#request{ip={IP, _Port}}, Call) ->
|
check_permissions2(_Request, Call, open) ->
|
||||||
|
{allowed, Call, noauth};
|
||||||
|
check_permissions2(#request{ip={IP, _Port}}, Call, _Policy) ->
|
||||||
Access = gen_mod:get_module_opt(global, ?MODULE, admin_ip_access,
|
Access = gen_mod:get_module_opt(global, ?MODULE, admin_ip_access,
|
||||||
mod_opt_type(admin_ip_access),
|
mod_opt_type(admin_ip_access),
|
||||||
none),
|
none),
|
||||||
@ -189,7 +191,9 @@ check_permissions2(#request{ip={IP, _Port}}, Call) ->
|
|||||||
_E ->
|
_E ->
|
||||||
?DEBUG("Unauthorized: ~p", [_E]),
|
?DEBUG("Unauthorized: ~p", [_E]),
|
||||||
unauthorized_response()
|
unauthorized_response()
|
||||||
end.
|
end;
|
||||||
|
check_permissions2(_Request, _Call, _Policy) ->
|
||||||
|
unauthorized_response().
|
||||||
|
|
||||||
oauth_check_token(Scope, Token) when is_atom(Scope) ->
|
oauth_check_token(Scope, Token) when is_atom(Scope) ->
|
||||||
oauth_check_token(atom_to_binary(Scope, utf8), Token);
|
oauth_check_token(atom_to_binary(Scope, utf8), Token);
|
||||||
@ -218,7 +222,8 @@ process([Call], #request{method = 'POST', data = Data, ip = IP} = Req) ->
|
|||||||
{allowed, Cmd, Auth} ->
|
{allowed, Cmd, Auth} ->
|
||||||
{Code, Result} = handle(Cmd, Auth, Args, Version),
|
{Code, Result} = handle(Cmd, Auth, Args, Version),
|
||||||
json_response(Code, jiffy:encode(Result));
|
json_response(Code, jiffy:encode(Result));
|
||||||
ErrorResponse -> %% Should we reply 403 ?
|
%% Warning: check_permission direcly formats 401 reply if not authorized
|
||||||
|
ErrorResponse ->
|
||||||
ErrorResponse
|
ErrorResponse
|
||||||
end
|
end
|
||||||
catch _:{error,{_,invalid_json}} = _Err ->
|
catch _:{error,{_,invalid_json}} = _Err ->
|
||||||
@ -240,6 +245,7 @@ process([Call], #request{method = 'GET', q = Data, ip = IP} = Req) ->
|
|||||||
{allowed, Cmd, Auth} ->
|
{allowed, Cmd, Auth} ->
|
||||||
{Code, Result} = handle(Cmd, Auth, Args, Version),
|
{Code, Result} = handle(Cmd, Auth, Args, Version),
|
||||||
json_response(Code, jiffy:encode(Result));
|
json_response(Code, jiffy:encode(Result));
|
||||||
|
%% Warning: check_permission direcly formats 401 reply if not authorized
|
||||||
ErrorResponse ->
|
ErrorResponse ->
|
||||||
ErrorResponse
|
ErrorResponse
|
||||||
end
|
end
|
||||||
@ -328,13 +334,7 @@ handle(Call, Auth, Args, Version) when is_atom(Call), is_list(Args) ->
|
|||||||
handle2(Call, Auth, Args, Version) when is_atom(Call), is_list(Args) ->
|
handle2(Call, Auth, Args, Version) when is_atom(Call), is_list(Args) ->
|
||||||
{ArgsF, _ResultF} = ejabberd_commands:get_command_format(Call, Auth, Version),
|
{ArgsF, _ResultF} = ejabberd_commands:get_command_format(Call, Auth, Version),
|
||||||
ArgsFormatted = format_args(Args, ArgsF),
|
ArgsFormatted = format_args(Args, ArgsF),
|
||||||
case ejabberd_commands:execute_command(undefined, Auth,
|
ejabberd_command(Auth, Call, ArgsFormatted, Version).
|
||||||
Call, ArgsFormatted, Version) of
|
|
||||||
{error, Error} ->
|
|
||||||
throw(Error);
|
|
||||||
Res ->
|
|
||||||
format_command_result(Call, Auth, Res, Version)
|
|
||||||
end.
|
|
||||||
|
|
||||||
get_elem_delete(A, L) ->
|
get_elem_delete(A, L) ->
|
||||||
case proplists:get_all_values(A, L) of
|
case proplists:get_all_values(A, L) of
|
||||||
@ -414,6 +414,17 @@ process_unicode_codepoints(Str) ->
|
|||||||
match(Args, Spec) ->
|
match(Args, Spec) ->
|
||||||
[{Key, proplists:get_value(Key, Args, Default)} || {Key, Default} <- Spec].
|
[{Key, proplists:get_value(Key, Args, Default)} || {Key, Default} <- Spec].
|
||||||
|
|
||||||
|
ejabberd_command(Auth, Cmd, Args, Version) ->
|
||||||
|
Access = case Auth of
|
||||||
|
admin -> [];
|
||||||
|
_ -> undefined
|
||||||
|
end,
|
||||||
|
case ejabberd_commands:execute_command(Access, Auth, Cmd, Args, Version) of
|
||||||
|
{error, Error} ->
|
||||||
|
throw(Error);
|
||||||
|
Res ->
|
||||||
|
format_command_result(Cmd, Auth, Res, Version)
|
||||||
|
end.
|
||||||
|
|
||||||
format_command_result(Cmd, Auth, Result, Version) ->
|
format_command_result(Cmd, Auth, Result, Version) ->
|
||||||
{_, ResultFormat} = ejabberd_commands:get_command_format(Cmd, Auth, Version),
|
{_, ResultFormat} = ejabberd_commands:get_command_format(Cmd, Auth, Version),
|
||||||
@ -486,7 +497,9 @@ json_response(Code, Body) when is_integer(Code) ->
|
|||||||
|
|
||||||
log(Call, Args, {Addr, Port}) ->
|
log(Call, Args, {Addr, Port}) ->
|
||||||
AddrS = jlib:ip_to_list({Addr, Port}),
|
AddrS = jlib:ip_to_list({Addr, Port}),
|
||||||
?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]).
|
?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]);
|
||||||
|
log(Call, Args, IP) ->
|
||||||
|
?INFO_MSG("API call ~s ~p (~p)", [Call, Args, IP]).
|
||||||
|
|
||||||
mod_opt_type(admin_ip_access) ->
|
mod_opt_type(admin_ip_access) ->
|
||||||
fun(Access) when is_atom(Access) -> Access end;
|
fun(Access) when is_atom(Access) -> Access end;
|
||||||
|
|||||||
@ -66,7 +66,9 @@ undefined_function(Module, Func, Args) ->
|
|||||||
error_handler:undefined_function(Module, Func,Args).
|
error_handler:undefined_function(Module, Func,Args).
|
||||||
|
|
||||||
run_elixir_test(Func) ->
|
run_elixir_test(Func) ->
|
||||||
'Elixir.ExUnit':start([]),
|
%% Elixir tests can be tagged as follow to be ignored (place before test start)
|
||||||
|
%% @tag pending: true
|
||||||
|
'Elixir.ExUnit':start([{exclude, [{pending, true}]}]),
|
||||||
filelib:fold_files(test_dir(), ".*\\.exs\$", true,
|
filelib:fold_files(test_dir(), ".*\\.exs\$", true,
|
||||||
fun (File, N) ->
|
fun (File, N) ->
|
||||||
'Elixir.Code':require_file(list_to_binary(File)),
|
'Elixir.Code':require_file(list_to_binary(File)),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user