26
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-30 17:43:57 +01:00

Merge branch 'pr/2764'

* pr/2764:
  acl for mam_preferences
This commit is contained in:
Holger Weiss 2019-02-25 22:22:02 +01:00
commit fb068557b2
2 changed files with 21 additions and 11 deletions

View File

@ -1,6 +1,6 @@
# Version NEXT # Version NEXT
* * New acl `access_preferences` for mam preferences
# Version 18.12 # Version 18.12

View File

@ -631,6 +631,9 @@ process_iq(#iq{from = #jid{luser = LUser, lserver = LServer},
default = Default, default = Default,
always = Always0, always = Always0,
never = Never0}]} = IQ) -> never = Never0}]} = IQ) ->
Access = gen_mod:get_module_opt(LServer, ?MODULE, access_preferences),
case acl:match_rule(LServer, Access, jid:make(LUser, LServer)) of
allow ->
Always = lists:usort(get_jids(Always0)), Always = lists:usort(get_jids(Always0)),
Never = lists:usort(get_jids(Never0)), Never = lists:usort(get_jids(Never0)),
case write_prefs(LUser, LServer, LServer, Default, Always, Never) of case write_prefs(LUser, LServer, LServer, Default, Always, Never) of
@ -641,6 +644,10 @@ process_iq(#iq{from = #jid{luser = LUser, lserver = LServer},
Txt = <<"Database failure">>, Txt = <<"Database failure">>,
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang)) xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end; end;
deny ->
Txt = <<"MAM preference modification denied by service policy">>,
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang))
end;
process_iq(#iq{from = #jid{luser = LUser, lserver = LServer}, process_iq(#iq{from = #jid{luser = LUser, lserver = LServer},
to = #jid{lserver = LServer}, lang = Lang, to = #jid{lserver = LServer}, lang = Lang,
type = get, sub_els = [#mam_prefs{xmlns = NS}]} = IQ) -> type = get, sub_els = [#mam_prefs{xmlns = NS}]} = IQ) ->
@ -1257,7 +1264,9 @@ mod_opt_type(default) ->
mod_opt_type(request_activates_archiving) -> mod_opt_type(request_activates_archiving) ->
fun (B) when is_boolean(B) -> B end; fun (B) when is_boolean(B) -> B end;
mod_opt_type(clear_archive_on_room_destroy) -> mod_opt_type(clear_archive_on_room_destroy) ->
fun (B) when is_boolean(B) -> B end. fun (B) when is_boolean(B) -> B end;
mod_opt_type(access_preferences) ->
fun acl:access_rules_validator/1.
mod_options(Host) -> mod_options(Host) ->
[{assume_mam_usage, false}, [{assume_mam_usage, false},
@ -1265,6 +1274,7 @@ mod_options(Host) ->
{request_activates_archiving, false}, {request_activates_archiving, false},
{compress_xml, false}, {compress_xml, false},
{clear_archive_on_room_destroy, true}, {clear_archive_on_room_destroy, true},
{access_preferences, all},
{db_type, ejabberd_config:default_db(Host, ?MODULE)}, {db_type, ejabberd_config:default_db(Host, ?MODULE)},
{use_cache, ejabberd_config:use_cache(Host)}, {use_cache, ejabberd_config:use_cache(Host)},
{cache_size, ejabberd_config:cache_size(Host)}, {cache_size, ejabberd_config:cache_size(Host)},