25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-20 17:27:00 +01:00

New allow_modules option to restrict registration modules

This commit is contained in:
Badlop 2021-12-03 12:16:20 +01:00
parent 0372878ba5
commit dab4c0cc10
2 changed files with 23 additions and 5 deletions

View File

@ -32,11 +32,13 @@
-behaviour(gen_mod).
-export([start/2, stop/1, reload/3, stream_feature_register/2,
c2s_unauthenticated_packet/2, try_register/4,
c2s_unauthenticated_packet/2, try_register/4, try_register/5,
process_iq/1, send_registration_notifications/3,
mod_opt_type/1, mod_options/1, depends/2,
format_error/1, mod_doc/0]).
-deprecated({try_register, 4}).
-include("logger.hrl").
-include_lib("xmpp/include/xmpp.hrl").
-include("translate.hrl").
@ -283,7 +285,7 @@ try_register_or_set_password(User, Server, Password,
_ when CaptchaSucceed ->
case check_from(From, Server) of
allow ->
case try_register(User, Server, Password, Source, Lang) of
case try_register(User, Server, Password, Source, ?MODULE, Lang) of
ok ->
xmpp:make_iq_result(IQ);
{error, Error} ->
@ -328,6 +330,13 @@ try_set_password(User, Server, Password, #iq{lang = Lang, meta = M} = IQ) ->
xmpp:make_error(IQ, xmpp:err_internal_server_error(format_error(Why), Lang))
end.
try_register(User, Server, Password, SourceRaw, Module) ->
Modules = mod_register_opt:allow_modules(Server),
case (Modules == all) orelse lists:member(Module, Modules) of
true -> try_register(User, Server, Password, SourceRaw);
false -> {error, eaccess}
end.
try_register(User, Server, Password, SourceRaw) ->
case jid:is_nodename(User) of
false ->
@ -363,8 +372,8 @@ try_register(User, Server, Password, SourceRaw) ->
end
end.
try_register(User, Server, Password, SourceRaw, Lang) ->
case try_register(User, Server, Password, SourceRaw) of
try_register(User, Server, Password, SourceRaw, Module, Lang) ->
case try_register(User, Server, Password, SourceRaw, Module) of
ok ->
JID = jid:make(User, Server),
Source = may_remove_resource(SourceRaw),
@ -597,6 +606,8 @@ mod_opt_type(access_from) ->
econf:acl();
mod_opt_type(access_remove) ->
econf:acl();
mod_opt_type(allow_modules) ->
econf:either(all, econf:list(econf:atom()));
mod_opt_type(captcha_protected) ->
econf:bool();
mod_opt_type(ip_access) ->
@ -623,6 +634,7 @@ mod_options(_Host) ->
[{access, all},
{access_from, none},
{access_remove, all},
{allow_modules, all},
{captcha_protected, false},
{ip_access, all},
{password_strength, 0},
@ -661,6 +673,12 @@ mod_doc() ->
desc =>
?T("Specify rules to restrict access for user unregistration. "
"By default any user is able to unregister their account.")}},
{allow_modules,
#{value => "all | [Module, ...]",
desc =>
?T("List of modules that can register accounts, or 'all'. "
"The default value is 'all', which is equivalent to "
"something like '[mod_register, mod_register_web]'.")}},
{captcha_protected,
#{value => "true | false",
desc =>

View File

@ -521,7 +521,7 @@ register_account(Username, Host, Password, Ip) ->
end.
register_account2(Username, Host, Password, Ip) ->
case mod_register:try_register(Username, Host, Password, Ip)
case mod_register:try_register(Username, Host, Password, Ip, ?MODULE)
of
ok ->
{success, ok, {Username, Host, Password}};