Paweł Chmielowski
bbffd396f6
Produce better error for http_api request with extra parameters
2019-01-30 16:35:06 +01:00
Paweł Chmielowski
56baa07d48
Reject request http_api request that have malformed Authentication header
2019-01-30 16:34:29 +01:00
Paweł Chmielowski
62ad1e5e4f
Allow specifying tag for listener for api_permission purposes
...
This commit will allow adding tag to http listeners:
listener:
- port: 4000
- module: ejabberd_http
- tag: "magic_listener"
that later can be used to have special api_permission just for it:
api_permissions:
"magic_access":
from:
- tag: "magic_listener"
who: all
what: "*"
2019-01-30 12:57:03 +01:00
Badlop
55417dfb37
Update copyright to 2019 ( #2756 )
2019-01-08 22:53:27 +01:00
Paweł Chmielowski
c88a2d0569
Add code for handling deprecations of get_stacktrace()
2018-12-13 11:46:53 +01:00
Paweł Chmielowski
9139ea86fb
Format list of {{name,string}, {value, _}} as json struct name/val
2018-12-03 13:53:07 +01:00
Paweł Chmielowski
59a148d80b
Make mod_http_api assume that missing args of type list are empty list
2018-12-03 13:53:07 +01:00
Badlop
a73aac691e
Don't preprocess arguments, format_args verifies and prepares them ( #2629 )
2018-10-31 01:34:04 +01:00
Paweł Chmielowski
5181983d97
Recognize not_exists error in http_api
2018-10-19 10:30:05 +02:00
Evgeniy Khramtsov
88d0b71d58
Get stacktrace out of lager context
...
Calling erlang:get_stacktrace() inside lager functions produces
stacktraces of the logging function itself, not the function which has failed.
2018-09-01 19:37:26 +03:00
Evgeniy Khramtsov
fd8e07af47
Get rid of ejabberd.hrl header
...
The header consisted of too many unrelated stuff and macros misuse.
Some stuff is moved into scram.hrl and type_compat.hrl.
All macros have been replaced with the corresponding function calls.
TODO: probably type_compat.hrl is not even needed anymore since
we support only Erlang >= OTP 17.5
2018-06-14 14:00:47 +03:00
Evgeniy Khramtsov
6e5439db5c
Find and fix typos using 'codespell'
2018-01-27 19:35:38 +03:00
Evgeniy Khramtsov
ba2b650464
Introduce new gen_mod callback: mod_options/1
...
The callback is supposed to provide known options and their default
values, as long as the documentation. Passing default values into
get_mod functions is now deprecated: all defaults should be provided
by the Mod:mod_options/1 callback.
2018-01-23 10:54:52 +03:00
Evgeniy Khramtsov
cdc7c1d1ed
Update copyright dates
2018-01-05 23:18:58 +03:00
Marco Adkins
ea96615460
Ability to filter passwords from the log in mod_http_api ( #1888 )
...
* Ability to filter passwords from the log when creating users through the mod_http_api
2017-07-27 15:30:56 +02:00
Evgeniy Khramtsov
fddd6110e0
Don't validate an option in gen_mod:get*opt() functions
...
The changes are very similar to those from previous commit:
* Now there is no need to pass validating function in
gen_mod:get_opt() and gen_mod:get_module_opt() functions,
because the modules' configuration keeps already validated values.
* New functions gen_mod:get_opt/2 and gen_mod:get_module_opt/3 are
introduced.
* Functions gen_mod:get_opt/4 and get_module_opt/5 are deprecated.
If the functions are still called, the "function" argument is
simply ignored.
* Validating callback Mod:listen_opt_type/1 is introduced to validate
listening options at startup.
2017-04-30 19:01:47 +03:00
Christophe Romain
b1acd1183f
Rename aux.erl as misc.erl
...
Thanks Microsoft Windows to not support some filenames
2017-04-11 12:13:58 +02:00
Evgeniy Khramtsov
7bcbea2108
Deprecate jlib.erl in favor of aux.erl
...
Since the main goal of jlib.erl is lost, all auxiliary functions
are now moved to aux.erl, and the whole jlib.erl is now deprecated.
2017-03-30 14:17:13 +03:00
Evgeniy Khramtsov
c1439ddd5b
Get rid of jid:to_string/1 and jid:from_string/1
2017-02-26 10:07:12 +03:00
Badlop
4294ba6b52
Separate list of strings with \n for srg_get_info in mod_http_api ( #1500 )
2017-02-23 19:23:24 +01:00
Evgeniy Khramtsov
3c4057ff55
Reload modules when reloading configuration file
2017-02-22 19:46:47 +03:00
Paweł Chmielowski
1f02567507
Make shim for mod_http_api admin_ip_access more robust
2017-01-20 10:19:09 +01:00
Badlop
5fdd1c39fe
Update copyright date automatically ( #1442 )
2017-01-02 21:42:06 +01:00
Mickael Remond
fdf69dcd0d
API call does not necessary use token, it could use basic auth
2016-12-08 16:28:47 +01:00
Evgeniy Khramtsov
e1539e5769
Get rid of compile warnings
2016-11-25 09:48:26 +03:00
Paweł Chmielowski
717159a98f
Make string args in http_api be list strings
2016-11-15 10:02:21 +01:00
Evgeniy Khramtsov
78a44e0176
Merge branch 'master' into xml-ng
...
Conflicts:
src/adhoc.erl
src/cyrsasl_oauth.erl
src/ejabberd_c2s.erl
src/ejabberd_config.erl
src/ejabberd_service.erl
src/gen_mod.erl
src/mod_admin_extra.erl
src/mod_announce.erl
src/mod_carboncopy.erl
src/mod_client_state.erl
src/mod_configure.erl
src/mod_echo.erl
src/mod_mam.erl
src/mod_muc.erl
src/mod_muc_room.erl
src/mod_offline.erl
src/mod_pubsub.erl
src/mod_stats.erl
src/node_flat_sql.erl
src/randoms.erl
2016-11-12 13:27:15 +03:00
Paweł Chmielowski
98e0123ca4
New api permissions framework
2016-10-05 13:21:11 +02:00
Badlop
6f538545b4
Fix 404 response formatting (thanks to Kaggggggga)( #1306 )
2016-09-28 11:03:46 +02:00
Evgeniy Khramtsov
fa31e3ef23
Deprecate jlib:integer_to_binary/1 and jlib:binary_to_integer/1
2016-09-24 23:34:28 +03:00
Paweł Chmielowski
2f596b0e10
Expand parsing of json input to be able to handle update_roster command
2016-09-13 11:27:59 +02:00
Paweł Chmielowski
054382f074
Add X-Admin and basic auth header to CORS allowed headers in http_api
2016-09-12 15:40:38 +02:00
Paweł Chmielowski
96d05dad8f
Properly process OPTIONS header in http_api for all paths
2016-09-12 15:40:38 +02:00
Mickael Remond
90ea3ca361
Improve error message when try to call api on api root
2016-08-01 15:29:47 +02:00
Mickael Remond
c5c394e929
Fix HTTP process return formatting
2016-08-01 08:58:49 +02:00
Mickael Remond
6ea7153e31
Improve error handling
2016-07-31 22:48:24 +02:00
Mickael Remond
674a8039ef
Add support for sending back missing scope error to API ReST command calls
2016-07-30 18:51:54 +02:00
Mickael Remond
39640b67c7
Add support for rich error reporting for API
2016-07-30 13:08:30 +02:00
Mickael Remond
fb2603d3cd
Return 409 conflict error code on register if user already exists
2016-07-30 11:50:04 +02:00
Evgeniy Khramtsov
f91f2bc3d2
Rewrite several modules to use XML generator
2016-07-29 13:21:00 +03:00
Mickael Remond
d7ad99f147
Initial attempt on access on commands
...
May change and will require more work / test / refactor
2016-07-25 11:43:49 +02:00
Mickael Remond
68555ff466
Add support for checking access rules conformance for commands
2016-07-23 18:21:45 +02:00
Mickael Remond
2c70c572c8
Clean-up of error codes and format json structure
2016-07-23 18:21:45 +02:00
Paweł Chmielowski
bdfef09c0f
Fix handling of complex values as arguments in http_api
2016-07-22 15:26:27 +02:00
Pablo Polvorin
33e0283f0d
Add 'ejabberd:user' and 'ejabberd:admin' oauth scopes
...
'ejabberd:user' includes all commands defined with policy "user".
'ejabberd:admin' includes commands defined with policy "admin".
2016-07-19 00:24:06 -03:00
Pablo Polvorin
673a654c47
Fix ce0d1704c6
...
Original request was to allow ejabberd sysadmin to generate
tokens for specific users. JIDs must not be passed as argument
when requesting the tokens.
2016-07-18 20:25:23 -03:00
Evgeniy Khramtsov
4220a2b98c
Make modules loading in a dependent order ( #1191 )
2016-07-06 14:58:48 +03:00
Pablo Polvorin
ce0d1704c6
Allow generation of oauth tokens from command line
...
Oauth tokens can be generated for commands (scopes) having admin|user|open
policy. Restricted commands are not available as those are only usable
from ejabberdctl command line.
Four new commands are available:
$ejabberdctl oauth_issue_token "stats;get_roster"
Generates a token authorized to call both stats and get_roster
commands. Note scopes must be separated by semicolon.
$ejabberdctl oauth_list_tokens
List tokens generated from the command line, with their scope
and expirity time.
$ejabberdctl oauth_list_scopes
List scopes available
$ejabberdctl oauth_revoke_token "Lbs7qdJfdKXOWzVrArgyckY055tE1xnt"
Revokes the given token
2016-06-29 00:22:28 -03:00
Paweł Chmielowski
52d45604ba
Use new access_rules_validator in couple places
2016-06-21 12:28:53 +02:00
Paweł Chmielowski
1981e13326
Allow passing username and ip to ejabberd_comamnds, and use it in mod_http_api
2016-05-26 11:08:53 +02:00