diff --git a/include/ejabberd_http.hrl b/include/ejabberd_http.hrl index b8cbe3708..25209f76c 100644 --- a/include/ejabberd_http.hrl +++ b/include/ejabberd_http.hrl @@ -23,8 +23,7 @@ path = [] :: [binary()], q = [] :: [{binary() | nokey, binary()}], us = {<<>>, <<>>} :: {binary(), binary()}, - auth :: {binary(), binary()} | - {auth_jid, {binary(), binary()}, jlib:jid()}, + auth :: {binary(), binary()} | {oauth, binary(), []} | undefined, lang = <<"">> :: binary(), data = <<"">> :: binary(), ip :: {inet:ip_address(), inet:port_number()}, diff --git a/src/ejabberd_commands.erl b/src/ejabberd_commands.erl index 21872aa33..57285d6c6 100644 --- a/src/ejabberd_commands.erl +++ b/src/ejabberd_commands.erl @@ -212,6 +212,7 @@ list_commands/0, get_command_format/1, get_command_format/2, + get_command_policy/1, get_command_definition/1, get_tags_commands/0, get_commands/0, @@ -338,6 +339,17 @@ get_command_format(Name, Auth) -> {Args, Result} end. +-spec get_command_policy(atom()) -> {ok, open|user|admin|restricted} | {error, command_not_found}. + +%% @doc return command policy. +get_command_policy(Name) -> + case get_command_definition(Name) of + #ejabberd_commands{policy = Policy} -> + {ok, Policy}; + command_not_found -> + {error, command_not_found} + end. + -spec get_command_definition(atom()) -> ejabberd_commands() | command_not_found. %% @doc Get the definition record of a command. diff --git a/src/ejabberd_http.erl b/src/ejabberd_http.erl index d8d1ddd44..6b53f46c6 100644 --- a/src/ejabberd_http.erl +++ b/src/ejabberd_http.erl @@ -753,6 +753,7 @@ code_to_phrase(503) -> <<"Service Unavailable">>; code_to_phrase(504) -> <<"Gateway Timeout">>; code_to_phrase(505) -> <<"HTTP Version Not Supported">>. +-spec parse_auth(binary()) -> {binary(), binary()} | {oauth, binary(), []} | undefined. parse_auth(<<"Basic ", Auth64/binary>>) -> Auth = jlib:decode_base64(Auth64), %% Auth should be a string with the format: user@server:password diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl index 15fe36364..c2b7d1100 100644 --- a/src/mod_http_api.erl +++ b/src/mod_http_api.erl @@ -116,7 +116,6 @@ start(_Host, _Opts) -> stop(_Host) -> ok. - %% ---------- %% basic auth %% ---------- @@ -124,12 +123,13 @@ stop(_Host) -> check_permissions(Request, Command) -> case catch binary_to_existing_atom(Command, utf8) of Call when is_atom(Call) -> - check_permissions2(Request, Call); + {ok, CommandPolicy} = ejabberd_commands:get_command_policy(Call), + check_permissions2(Request, Call, CommandPolicy); _ -> unauthorized_response() end. -check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call) +check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call, _) when HTTPAuth /= undefined -> Admin = case lists:keysearch(<<"X-Admin">>, 1, Headers) of @@ -162,7 +162,9 @@ check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call) {ok, A} -> {allowed, Call, A}; _ -> unauthorized_response() end; -check_permissions2(#request{ip={IP, _Port}}, Call) -> +check_permissions2(_Request, Call, open) -> + {allowed, Call, noauth}; +check_permissions2(#request{ip={IP, _Port}}, Call, _Policy) -> Access = gen_mod:get_module_opt(global, ?MODULE, admin_ip_access, mod_opt_type(admin_ip_access), none), @@ -181,7 +183,9 @@ check_permissions2(#request{ip={IP, _Port}}, Call) -> end; _ -> unauthorized_response() - end. + end; +check_permissions2(_Request, _Call, _Policy) -> + unauthorized_response(). oauth_check_token(Scope, Token) when is_atom(Scope) -> oauth_check_token(atom_to_binary(Scope, utf8), Token); @@ -207,7 +211,8 @@ process([Call], #request{method = 'POST', data = Data, ip = IP} = Req) -> {allowed, Cmd, Auth} -> {Code, Result} = handle(Cmd, Auth, Args), json_response(Code, jiffy:encode(Result)); - ErrorResponse -> %% Should we reply 403 ? + %% Warning: check_permission direcly formats 401 reply if not authorized + ErrorResponse -> ErrorResponse end catch _:Error -> @@ -225,6 +230,7 @@ process([Call], #request{method = 'GET', q = Data, ip = IP} = Req) -> {allowed, Cmd, Auth} -> {Code, Result} = handle(Cmd, Auth, Args), json_response(Code, jiffy:encode(Result)); + %% Warning: check_permission direcly formats 401 reply if not authorized ErrorResponse -> ErrorResponse end @@ -273,6 +279,7 @@ handle2(Call, Auth, Args) when is_atom(Call), is_list(Args) -> 0 -> {200, <<"OK">>}; 1 -> {500, <<"500 Internal server error">>}; 400 -> {400, <<"400 Bad Request">>}; + 401 -> {401, <<"401 Unauthorized">>}; 404 -> {404, <<"404 Not found">>}; Res -> format_command_result(Call, Auth, Res) end. @@ -360,6 +367,7 @@ ejabberd_command(Auth, Cmd, Args, Default) -> end, case catch ejabberd_commands:execute_command(Access, Auth, Cmd, Args) of {'EXIT', _} -> Default; + {error, account_unprivileged} -> 401; {error, _} -> Default; Result -> Result end. @@ -434,7 +442,9 @@ json_response(Code, Body) when is_integer(Code) -> log(Call, Args, {Addr, Port}) -> AddrS = jlib:ip_to_list({Addr, Port}), - ?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]). + ?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]); +log(Call, Args, IP) -> + ?INFO_MSG("API call ~s ~p (~p)", [Call, Args, IP]). mod_opt_type(admin_ip_access) -> fun(Access) when is_atom(Access) -> Access end; diff --git a/test/ejabberd_commands_test.exs b/test/ejabberd_commands_test.exs index 0c06fc2ca..db5b82cfc 100644 --- a/test/ejabberd_commands_test.exs +++ b/test/ejabberd_commands_test.exs @@ -36,6 +36,10 @@ defmodule EjabberdCommandsTest do assert Enum.member?(commands, {:test_user, [], "Test user"}) end + # TODO Test that we can add command to list of expose commands + # This can be done with: + # ejabberd_config:add_local_option(commands, [[{add_commands, [open_cmd]}]]). + # test "Check that a user can use a user command" do # [Command] = ets:lookup(ejabberd_commands, test_user), # AccessCommands = ejabberd_commands:get_access_commands(undefined), diff --git a/test/elixir_SUITE.erl b/test/elixir_SUITE.erl index b9a0b1a23..041d0603e 100644 --- a/test/elixir_SUITE.erl +++ b/test/elixir_SUITE.erl @@ -65,7 +65,9 @@ undefined_function(Module, Func, Args) -> error_handler:undefined_function(Module, Func,Args). run_elixir_test(Func) -> - 'Elixir.ExUnit':start([]), + %% Elixir tests can be tagged as follow to be ignored (place before test start) + %% @tag pending: true + 'Elixir.ExUnit':start([{exclude, [{pending, true}]}]), 'Elixir.Code':load_file(list_to_binary(filename:join(test_dir(), atom_to_list(Func)))), %% I did not use map syntax, so that this file can still be build under R16 ResultMap = 'Elixir.ExUnit':run(), diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs new file mode 100644 index 000000000..cc5aed5a8 --- /dev/null +++ b/test/mod_http_api_test.exs @@ -0,0 +1,88 @@ +# ---------------------------------------------------------------------- +# +# ejabberd, Copyright (C) 2002-2016 ProcessOne +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# ---------------------------------------------------------------------- + +defmodule ModHttpApiTest do + @author "mremond@process-one.net" + + use ExUnit.Case, async: true + + require Record + Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl") + Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl") + + setup_all do + :ok = :mnesia.start + :ok = :ejabberd_config.start(["localhost"], []) + + :ok = :ejabberd_commands.init + + :ok = :ejabberd_commands.register_commands(cmds) + on_exit fn -> unregister_commands(cmds) end + end + + test "We can call open commands without authentication" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd]}]]) + request = request(method: :POST, data: "[]") + {200, _, _} = :mod_http_api.process(["open_cmd"], request) + end + + # This related to the commands config file option + test "Attempting to access a command that is not exposed as HTTP API returns 401" do + :ejabberd_config.add_local_option(:commands, []) + request = request(method: :POST, data: "[]") + {401, _, _} = :mod_http_api.process(["open_cmd"], request) + end + + test "Call to user commands without authentication are rejected" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd]}]]) + request = request(method: :POST, data: "[]") + {401, _, _} = :mod_http_api.process(["user_cmd"], request) + end + + # Define a set of test commands that we expose through API + defp cmds do + # TODO Refactor + [ejabberd_commands(name: :open_cmd, tags: [:test], + policy: :open, + module: __MODULE__, + function: :open_cmd_fun, + args: [], + result: {:res, :rescode}), + ejabberd_commands(name: :user_cmd, tags: [:test], + policy: :user, + module: __MODULE__, + function: :user_cmd_fun, + args: [], + result: {:res, :rescode}) + ] + end + + def open_cmd_fun, do: :ok + def user_cmd_fun, do: :ok + + defp unregister_commands(commands) do + try do + :ejabberd_commands.unregister_commands(commands) + catch + _,_ -> :ok + end + end + +end