Improve access_commands option backward compatibility

2024-11-24 16:23:40 +01:00 · 2015-10-19 20:16:04 +03:00 · 2015-10-19 20:16:04 +03:00 · 7c1e7e5b5f
commit 7c1e7e5b5f
parent 1f2b7e8f20
2 changed files with 14 additions and 4 deletions
--- a/src/ejabberd_commands.erl
+++ b/src/ejabberd_commands.erl
@ -226,6 +226,7 @@
 -include("ejabberd.hrl").
 -include("logger.hrl").

+-define(POLICY_ACCESS, '$policy').

 init() ->
    ets:new(ejabberd_commands, [named_table, set, public,
@ -483,7 +484,7 @@ check_auth(_Command, {User, Server, Password, _}) when is_binary(Password) ->
        _ -> throw({error, invalid_account_data})
    end.

-check_access(Command, all, _)
+check_access(Command, ?POLICY_ACCESS, _)
  when Command#ejabberd_commands.policy == open ->
    true;
 check_access(_Command, _Access, admin) ->
@ -491,7 +492,7 @@ check_access(_Command, _Access, admin) ->
 check_access(_Command, _Access, {_User, _Server, _, true}) ->
    false;
 check_access(Command, Access, Auth)
-  when Access =/= all;
+  when Access =/= ?POLICY_ACCESS;
       Command#ejabberd_commands.policy == open;
       Command#ejabberd_commands.policy == user ->
    case check_auth(Command, Auth) of
@ -503,6 +504,8 @@ check_access(Command, Access, Auth)
 check_access(_Command, _Access, _Auth) ->
    false.

+check_access2(?POLICY_ACCESS, _User, _Server) ->
+    true;
 check_access2(Access, User, Server) ->
    %% Check this user has access permission
    case acl:match_rule(Server, Access, jlib:make_jid(User, Server, <<"">>)) of
@ -536,9 +539,11 @@ tag_arguments(ArgsDefs, Args) ->
      Args).


+get_access_commands(unrestricted) ->
+    [];
 get_access_commands(undefined) ->
    Cmds = get_commands(),
-    [{all, Cmds, []}];
+    [{?POLICY_ACCESS, Cmds, []}];
 get_access_commands(AccessCommands) ->
    AccessCommands.

--- a/src/ejabberd_xmlrpc.erl
+++ b/src/ejabberd_xmlrpc.erl
@ -197,11 +197,14 @@ socket_type() -> raw.
 %% -----------------------------
 process(_, #request{method = 'POST', data = Data, opts = Opts}) ->
    AccessCommandsOpts = gen_mod:get_opt(access_commands, Opts,
-                                         fun(L) when is_list(L) -> L end,
+                                         fun(L) when is_list(L) -> L;
+                                            (unrestricted) -> unrestricted
+                                         end,
                                         undefined),
    AccessCommands =
        case AccessCommandsOpts of
            undefined -> undefined;
+            unrestricted -> unrestricted;
            _ ->
                lists:flatmap(
                  fun({Ac, AcOpts}) ->
@ -537,6 +540,8 @@ make_status(false) -> 1;
 make_status(error) -> 1;
 make_status(_) -> 1.

+transform_listen_option({access_commands, unrestricted} = Opt, Opts) ->
+    [Opt | Opts];
 transform_listen_option({access_commands, ACOpts}, Opts) ->
    NewACOpts = lists:map(
                  fun({AName, ACmds, AOpts}) ->