25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-20 16:15:59 +01:00

acl for mam_preferences

This commit is contained in:
Christoph Scholz 2019-01-13 11:37:08 +01:00 committed by Holger Weiss
parent bc38afa8b8
commit e257bc3d32
2 changed files with 21 additions and 11 deletions

View File

@ -1,6 +1,6 @@
# Version NEXT # Version NEXT
* * New acl `access_preferences` for mam preferences
# Version 18.12 # Version 18.12

View File

@ -631,15 +631,22 @@ process_iq(#iq{from = #jid{luser = LUser, lserver = LServer},
default = Default, default = Default,
always = Always0, always = Always0,
never = Never0}]} = IQ) -> never = Never0}]} = IQ) ->
Always = lists:usort(get_jids(Always0)), Access = gen_mod:get_module_opt(LServer, ?MODULE, access_preferences),
Never = lists:usort(get_jids(Never0)), case acl:match_rule(LServer, Access, jid:make(LUser, LServer)) of
case write_prefs(LUser, LServer, LServer, Default, Always, Never) of allow ->
ok -> Always = lists:usort(get_jids(Always0)),
NewPrefs = prefs_el(Default, Always, Never, NS), Never = lists:usort(get_jids(Never0)),
xmpp:make_iq_result(IQ, NewPrefs); case write_prefs(LUser, LServer, LServer, Default, Always, Never) of
_Err -> ok ->
Txt = <<"Database failure">>, NewPrefs = prefs_el(Default, Always, Never, NS),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang)) xmpp:make_iq_result(IQ, NewPrefs);
_Err ->
Txt = <<"Database failure">>,
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end;
deny ->
Txt = <<"MAM preference modification denied by service policy">>,
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang))
end; end;
process_iq(#iq{from = #jid{luser = LUser, lserver = LServer}, process_iq(#iq{from = #jid{luser = LUser, lserver = LServer},
to = #jid{lserver = LServer}, lang = Lang, to = #jid{lserver = LServer}, lang = Lang,
@ -1257,7 +1264,9 @@ mod_opt_type(default) ->
mod_opt_type(request_activates_archiving) -> mod_opt_type(request_activates_archiving) ->
fun (B) when is_boolean(B) -> B end; fun (B) when is_boolean(B) -> B end;
mod_opt_type(clear_archive_on_room_destroy) -> mod_opt_type(clear_archive_on_room_destroy) ->
fun (B) when is_boolean(B) -> B end. fun (B) when is_boolean(B) -> B end;
mod_opt_type(access_preferences) ->
fun acl:access_rules_validator/1.
mod_options(Host) -> mod_options(Host) ->
[{assume_mam_usage, false}, [{assume_mam_usage, false},
@ -1265,6 +1274,7 @@ mod_options(Host) ->
{request_activates_archiving, false}, {request_activates_archiving, false},
{compress_xml, false}, {compress_xml, false},
{clear_archive_on_room_destroy, true}, {clear_archive_on_room_destroy, true},
{access_preferences, all},
{db_type, ejabberd_config:default_db(Host, ?MODULE)}, {db_type, ejabberd_config:default_db(Host, ?MODULE)},
{use_cache, ejabberd_config:use_cache(Host)}, {use_cache, ejabberd_config:use_cache(Host)},
{cache_size, ejabberd_config:cache_size(Host)}, {cache_size, ejabberd_config:cache_size(Host)},