mirror of
https://github.com/processone/ejabberd.git
synced 2024-10-19 15:32:08 +02:00
0cc168a9aa
reconfigured to be member-only or when membership is revoked in member-only room, allowed "true" and "false" in x:data forms (thanks to Sergei Golovan) * src/mod_configure.erl: Added "Host" parameter to get_form and set_form functions (thanks to Sergei Golovan) * src/ejabberd_s2s_out.erl: Bugfix * src/msgs/es.msg: Updated (thanks to Badlop) * src/web/ejabberd_web.erl: Bugfix (thanks to Badlop) * src/mod_irc/mod_irc.erl: Updated copyright dates * src/mod_muc/mod_muc.erl: Likewise * src/mod_pubsub/mod_pubsub.erl: Likewise * src/mod_vcard.erl: Likewise * src/mod_vcard_ldap.erl: Likewise * src/mod_vcard_odbc.erl: Likewise * src/web/ejabberd_web_admin.erl: Likewise SVN Revision: 500
146 lines
3.9 KiB
Erlang
146 lines
3.9 KiB
Erlang
%%%----------------------------------------------------------------------
|
|
%%% File : ejabberd_web.erl
|
|
%%% Author : Alexey Shchepin <alexey@sevcom.net>
|
|
%%% Purpose :
|
|
%%% Created : 28 Feb 2004 by Alexey Shchepin <alexey@sevcom.net>
|
|
%%% Id : $Id$
|
|
%%%----------------------------------------------------------------------
|
|
|
|
-module(ejabberd_web).
|
|
-author('alexey@sevcom.net').
|
|
-vsn('$Revision$ ').
|
|
|
|
%% External exports
|
|
-export([make_xhtml/1,
|
|
process_get/2]).
|
|
|
|
-include("ejabberd.hrl").
|
|
-include("jlib.hrl").
|
|
-include("ejabberd_http.hrl").
|
|
|
|
|
|
make_xhtml(Els) ->
|
|
{xmlelement, "html", [{"xmlns", "http://www.w3.org/1999/xhtml"},
|
|
{"xml:lang", "en"},
|
|
{"lang", "en"}],
|
|
[{xmlelement, "head", [],
|
|
[{xmlelement, "meta", [{"http-equiv", "Content-Type"},
|
|
{"content", "text/html; charset=utf-8"}], []}]},
|
|
{xmlelement, "body", [], Els}
|
|
]}.
|
|
|
|
|
|
-define(X(Name), {xmlelement, Name, [], []}).
|
|
-define(XA(Name, Attrs), {xmlelement, Name, Attrs, []}).
|
|
-define(XE(Name, Els), {xmlelement, Name, [], Els}).
|
|
-define(XAE(Name, Attrs, Els), {xmlelement, Name, Attrs, Els}).
|
|
-define(C(Text), {xmlcdata, Text}).
|
|
-define(XC(Name, Text), ?XE(Name, [?C(Text)])).
|
|
-define(XAC(Name, Attrs, Text), ?XAE(Name, Attrs, [?C(Text)])).
|
|
|
|
-define(LI(Els), ?XE("li", Els)).
|
|
-define(A(URL, Els), ?XAE("a", [{"href", URL}], Els)).
|
|
-define(AC(URL, Text), ?A(URL, [?C(Text)])).
|
|
-define(P, ?X("p")).
|
|
-define(BR, ?X("br")).
|
|
-define(INPUT(Type, Name, Value),
|
|
?XA("input", [{"type", Type},
|
|
{"name", Name},
|
|
{"value", Value}])).
|
|
|
|
|
|
process_get({_, true},
|
|
#request{auth = Auth,
|
|
path = ["admin", "server", SHost | RPath],
|
|
q = Query,
|
|
lang = Lang} = Request) ->
|
|
Host = jlib:nameprep(SHost),
|
|
case lists:member(Host, ?MYHOSTS) of
|
|
true ->
|
|
US = case Auth of
|
|
{SJID, P} ->
|
|
case jlib:string_to_jid(SJID) of
|
|
error ->
|
|
unauthorized;
|
|
#jid{user = U, server = S} ->
|
|
case ejabberd_auth:check_password(U, S, P) of
|
|
true ->
|
|
{U, S};
|
|
false ->
|
|
unauthorized
|
|
end
|
|
end;
|
|
_ ->
|
|
unauthorized
|
|
end,
|
|
case US of
|
|
{User, Server} ->
|
|
case acl:match_rule(
|
|
Host, configure, jlib:make_jid(User, Server, "")) of
|
|
deny ->
|
|
{401, [], make_xhtml([?XC("h1", "Not Allowed")])};
|
|
allow ->
|
|
ejabberd_web_admin:process_admin(
|
|
Host, Request#request{path = RPath,
|
|
us = US})
|
|
end;
|
|
unauthorized ->
|
|
{401,
|
|
[{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
|
|
ejabberd_web:make_xhtml([{xmlelement, "h1", [],
|
|
[{xmlcdata, "401 Unauthorized"}]}])}
|
|
end;
|
|
false ->
|
|
{404, [], make_xhtml([?XC("h1", "Not found")])}
|
|
end;
|
|
|
|
process_get({_, true},
|
|
#request{auth = Auth,
|
|
path = ["admin" | RPath],
|
|
q = Query,
|
|
lang = Lang} = Request) ->
|
|
US = case Auth of
|
|
{SJID, P} ->
|
|
case jlib:string_to_jid(SJID) of
|
|
error ->
|
|
unauthorized;
|
|
#jid{user = U, server = S} ->
|
|
case ejabberd_auth:check_password(U, S, P) of
|
|
true ->
|
|
{U, S};
|
|
false ->
|
|
unauthorized
|
|
end
|
|
end;
|
|
_ ->
|
|
unauthorized
|
|
end,
|
|
case US of
|
|
{User, Server} ->
|
|
case acl:match_rule(
|
|
global, configure, jlib:make_jid(User, Server, "")) of
|
|
deny ->
|
|
{401, [], make_xhtml([?XC("h1", "Not Allowed")])};
|
|
allow ->
|
|
ejabberd_web_admin:process_admin(
|
|
global, Request#request{path = RPath,
|
|
us = US})
|
|
end;
|
|
unauthorized ->
|
|
{401,
|
|
[{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
|
|
ejabberd_web:make_xhtml([{xmlelement, "h1", [],
|
|
[{xmlcdata, "401 Unauthorized"}]}])}
|
|
end;
|
|
|
|
process_get({true, _},
|
|
#request{path = ["http-poll" | RPath],
|
|
q = _Query,
|
|
lang = _Lang} = Request) ->
|
|
ejabberd_http_poll:process_request(Request#request{path = RPath});
|
|
|
|
process_get(_, _Request) ->
|
|
{404, [], make_xhtml([?XC("h1", "Not found")])}.
|
|
|
|
|