26
1
mirror of https://github.com/processone/ejabberd.git synced 2025-01-03 18:02:28 +01:00
xmpp.chapril.org-ejabberd/src/mod_privacy.erl
2022-02-11 09:39:25 +01:00

912 lines
30 KiB
Erlang

%%%----------------------------------------------------------------------
%%% File : mod_privacy.erl
%%% Author : Alexey Shchepin <alexey@process-one.net>
%%% Purpose : jabber:iq:privacy support
%%% Created : 21 Jul 2003 by Alexey Shchepin <alexey@process-one.net>
%%%
%%%
%%% ejabberd, Copyright (C) 2002-2022 ProcessOne
%%%
%%% This program is free software; you can redistribute it and/or
%%% modify it under the terms of the GNU General Public License as
%%% published by the Free Software Foundation; either version 2 of the
%%% License, or (at your option) any later version.
%%%
%%% This program is distributed in the hope that it will be useful,
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
%%% General Public License for more details.
%%%
%%% You should have received a copy of the GNU General Public License along
%%% with this program; if not, write to the Free Software Foundation, Inc.,
%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
%%%
%%%----------------------------------------------------------------------
-module(mod_privacy).
-author('alexey@process-one.net').
-protocol({xep, 16, '1.6'}).
-behaviour(gen_mod).
-export([start/2, stop/1, reload/3, process_iq/1, export/1,
c2s_copy_session/2, push_list_update/2, disco_features/5,
check_packet/4, remove_user/2, encode_list_item/1,
get_user_lists/2, get_user_list/3,
set_list/1, set_list/4, set_default_list/3,
user_send_packet/1, mod_doc/0,
import_start/2, import_stop/2, import/5, import_info/0,
mod_opt_type/1, mod_options/1, depends/2]).
-include("logger.hrl").
-include_lib("xmpp/include/xmpp.hrl").
-include("mod_privacy.hrl").
-include("translate.hrl").
-define(PRIVACY_CACHE, privacy_cache).
-define(PRIVACY_LIST_CACHE, privacy_list_cache).
-type c2s_state() :: ejabberd_c2s:state().
-callback init(binary(), gen_mod:opts()) -> any().
-callback import(#privacy{}) -> ok.
-callback set_default(binary(), binary(), binary()) ->
ok | {error, notfound | any()}.
-callback unset_default(binary(), binary()) -> ok | {error, any()}.
-callback remove_list(binary(), binary(), binary()) ->
ok | {error, notfound | conflict | any()}.
-callback remove_lists(binary(), binary()) -> ok | {error, any()}.
-callback set_lists(#privacy{}) -> ok | {error, any()}.
-callback set_list(binary(), binary(), binary(), [listitem()]) ->
ok | {error, any()}.
-callback get_list(binary(), binary(), binary() | default) ->
{ok, {binary(), [listitem()]}} | error | {error, any()}.
-callback get_lists(binary(), binary()) ->
{ok, #privacy{}} | error | {error, any()}.
-callback use_cache(binary()) -> boolean().
-callback cache_nodes(binary()) -> [node()].
-optional_callbacks([use_cache/1, cache_nodes/1]).
start(Host, Opts) ->
Mod = gen_mod:db_mod(Opts, ?MODULE),
Mod:init(Host, Opts),
init_cache(Mod, Host, Opts),
ejabberd_hooks:add(disco_local_features, Host, ?MODULE,
disco_features, 50),
ejabberd_hooks:add(c2s_copy_session, Host, ?MODULE,
c2s_copy_session, 50),
ejabberd_hooks:add(user_send_packet, Host, ?MODULE,
user_send_packet, 50),
ejabberd_hooks:add(privacy_check_packet, Host, ?MODULE,
check_packet, 50),
ejabberd_hooks:add(remove_user, Host, ?MODULE,
remove_user, 50),
gen_iq_handler:add_iq_handler(ejabberd_sm, Host,
?NS_PRIVACY, ?MODULE, process_iq).
stop(Host) ->
ejabberd_hooks:delete(disco_local_features, Host, ?MODULE,
disco_features, 50),
ejabberd_hooks:delete(c2s_copy_session, Host, ?MODULE,
c2s_copy_session, 50),
ejabberd_hooks:delete(user_send_packet, Host, ?MODULE,
user_send_packet, 50),
ejabberd_hooks:delete(privacy_check_packet, Host,
?MODULE, check_packet, 50),
ejabberd_hooks:delete(remove_user, Host, ?MODULE,
remove_user, 50),
gen_iq_handler:remove_iq_handler(ejabberd_sm, Host,
?NS_PRIVACY).
reload(Host, NewOpts, OldOpts) ->
NewMod = gen_mod:db_mod(NewOpts, ?MODULE),
OldMod = gen_mod:db_mod(OldOpts, ?MODULE),
if NewMod /= OldMod ->
NewMod:init(Host, NewOpts);
true ->
ok
end,
init_cache(NewMod, Host, NewOpts).
-spec disco_features({error, stanza_error()} | {result, [binary()]} | empty,
jid(), jid(), binary(), binary()) ->
{error, stanza_error()} | {result, [binary()]}.
disco_features({error, Err}, _From, _To, _Node, _Lang) ->
{error, Err};
disco_features(empty, _From, _To, <<"">>, _Lang) ->
{result, [?NS_PRIVACY]};
disco_features({result, Feats}, _From, _To, <<"">>, _Lang) ->
{result, [?NS_PRIVACY|Feats]};
disco_features(Acc, _From, _To, _Node, _Lang) ->
Acc.
-spec process_iq(iq()) -> iq().
process_iq(#iq{type = Type,
from = #jid{luser = U, lserver = S},
to = #jid{luser = U, lserver = S}} = IQ) ->
case Type of
get -> process_iq_get(IQ);
set -> process_iq_set(IQ)
end;
process_iq(#iq{lang = Lang} = IQ) ->
Txt = ?T("Query to another users is forbidden"),
xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang)).
-spec process_iq_get(iq()) -> iq().
process_iq_get(#iq{lang = Lang,
sub_els = [#privacy_query{default = Default,
active = Active}]} = IQ)
when Default /= undefined; Active /= undefined ->
Txt = ?T("Only <list/> element is allowed in this query"),
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang));
process_iq_get(#iq{lang = Lang,
sub_els = [#privacy_query{lists = Lists}]} = IQ) ->
case Lists of
[] ->
process_lists_get(IQ);
[#privacy_list{name = ListName}] ->
process_list_get(IQ, ListName);
_ ->
Txt = ?T("Too many <list/> elements"),
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang))
end;
process_iq_get(#iq{lang = Lang} = IQ) ->
Txt = ?T("No module is handling this query"),
xmpp:make_error(IQ, xmpp:err_service_unavailable(Txt, Lang)).
-spec process_lists_get(iq()) -> iq().
process_lists_get(#iq{from = #jid{luser = LUser, lserver = LServer},
lang = Lang} = IQ) ->
case get_user_lists(LUser, LServer) of
{ok, #privacy{default = Default, lists = Lists}} ->
Active = xmpp:get_meta(IQ, privacy_active_list, none),
xmpp:make_iq_result(
IQ, #privacy_query{active = Active,
default = Default,
lists = [#privacy_list{name = Name}
|| {Name, _} <- Lists]});
error ->
xmpp:make_iq_result(
IQ, #privacy_query{active = none, default = none});
{error, _} ->
Txt = ?T("Database failure"),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end.
-spec process_list_get(iq(), binary()) -> iq().
process_list_get(#iq{from = #jid{luser = LUser, lserver = LServer},
lang = Lang} = IQ, Name) ->
case get_user_list(LUser, LServer, Name) of
{ok, {_, List}} ->
Items = lists:map(fun encode_list_item/1, List),
xmpp:make_iq_result(
IQ,
#privacy_query{
lists = [#privacy_list{name = Name, items = Items}]});
error ->
Txt = ?T("No privacy list with this name found"),
xmpp:make_error(IQ, xmpp:err_item_not_found(Txt, Lang));
{error, _} ->
Txt = ?T("Database failure"),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end.
-spec encode_list_item(listitem()) -> privacy_item().
encode_list_item(#listitem{action = Action,
order = Order,
type = Type,
match_all = MatchAll,
match_iq = MatchIQ,
match_message = MatchMessage,
match_presence_in = MatchPresenceIn,
match_presence_out = MatchPresenceOut,
value = Value}) ->
Item = #privacy_item{action = Action,
order = Order,
type = case Type of
none -> undefined;
Type -> Type
end,
value = encode_value(Type, Value)},
case MatchAll of
true ->
Item;
false ->
Item#privacy_item{message = MatchMessage,
iq = MatchIQ,
presence_in = MatchPresenceIn,
presence_out = MatchPresenceOut}
end.
-spec encode_value(listitem_type(), listitem_value()) -> binary().
encode_value(Type, Val) ->
case Type of
jid -> jid:encode(Val);
group -> Val;
subscription ->
case Val of
both -> <<"both">>;
to -> <<"to">>;
from -> <<"from">>;
none -> <<"none">>
end;
none -> <<"">>
end.
-spec decode_value(jid | subscription | group | undefined, binary()) ->
listitem_value().
decode_value(Type, Value) ->
case Type of
jid -> jid:tolower(jid:decode(Value));
subscription ->
case Value of
<<"from">> -> from;
<<"to">> -> to;
<<"both">> -> both;
<<"none">> -> none
end;
group when Value /= <<"">> -> Value;
undefined -> none
end.
-spec process_iq_set(iq()) -> iq().
process_iq_set(#iq{lang = Lang,
sub_els = [#privacy_query{default = Default,
active = Active,
lists = Lists}]} = IQ) ->
case Lists of
[#privacy_list{items = Items, name = ListName}]
when Default == undefined, Active == undefined ->
process_lists_set(IQ, ListName, Items);
[] when Default == undefined, Active /= undefined ->
process_active_set(IQ, Active);
[] when Active == undefined, Default /= undefined ->
process_default_set(IQ, Default);
_ ->
Txt = ?T("The stanza MUST contain only one <active/> element, "
"one <default/> element, or one <list/> element"),
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang))
end;
process_iq_set(#iq{lang = Lang} = IQ) ->
Txt = ?T("No module is handling this query"),
xmpp:make_error(IQ, xmpp:err_service_unavailable(Txt, Lang)).
-spec process_default_set(iq(), none | binary()) -> iq().
process_default_set(#iq{from = #jid{luser = LUser, lserver = LServer},
lang = Lang} = IQ, Value) ->
case set_default_list(LUser, LServer, Value) of
ok ->
xmpp:make_iq_result(IQ);
{error, notfound} ->
Txt = ?T("No privacy list with this name found"),
xmpp:make_error(IQ, xmpp:err_item_not_found(Txt, Lang));
{error, _} ->
Txt = ?T("Database failure"),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end.
-spec process_active_set(IQ, none | binary()) -> IQ.
process_active_set(IQ, none) ->
xmpp:make_iq_result(xmpp:put_meta(IQ, privacy_active_list, none));
process_active_set(#iq{from = #jid{luser = LUser, lserver = LServer},
lang = Lang} = IQ, Name) ->
case get_user_list(LUser, LServer, Name) of
{ok, _} ->
xmpp:make_iq_result(xmpp:put_meta(IQ, privacy_active_list, Name));
error ->
Txt = ?T("No privacy list with this name found"),
xmpp:make_error(IQ, xmpp:err_item_not_found(Txt, Lang));
{error, _} ->
Txt = ?T("Database failure"),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end.
-spec set_list(privacy()) -> ok | {error, any()}.
set_list(#privacy{us = {LUser, LServer}, lists = Lists} = Privacy) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
case Mod:set_lists(Privacy) of
ok ->
Names = [Name || {Name, _} <- Lists],
delete_cache(Mod, LUser, LServer, Names);
{error, _} = Err ->
Err
end.
-spec process_lists_set(iq(), binary(), [privacy_item()]) -> iq().
process_lists_set(#iq{from = #jid{luser = LUser, lserver = LServer},
lang = Lang} = IQ, Name, []) ->
case xmpp:get_meta(IQ, privacy_active_list, none) of
Name ->
Txt = ?T("Cannot remove active list"),
xmpp:make_error(IQ, xmpp:err_conflict(Txt, Lang));
_ ->
case remove_list(LUser, LServer, Name) of
ok ->
xmpp:make_iq_result(IQ);
{error, conflict} ->
Txt = ?T("Cannot remove default list"),
xmpp:make_error(IQ, xmpp:err_conflict(Txt, Lang));
{error, notfound} ->
Txt = ?T("No privacy list with this name found"),
xmpp:make_error(IQ, xmpp:err_item_not_found(Txt, Lang));
{error, _} ->
Txt = ?T("Database failure"),
Err = xmpp:err_internal_server_error(Txt, Lang),
xmpp:make_error(IQ, Err)
end
end;
process_lists_set(#iq{from = #jid{luser = LUser, lserver = LServer} = From,
lang = Lang} = IQ, Name, Items) ->
case catch lists:map(fun decode_item/1, Items) of
{error, Why} ->
Txt = xmpp:io_format_error(Why),
xmpp:make_error(IQ, xmpp:err_bad_request(Txt, Lang));
List ->
case set_list(LUser, LServer, Name, List) of
ok ->
push_list_update(From, Name),
xmpp:make_iq_result(IQ);
{error, _} ->
Txt = ?T("Database failure"),
xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang))
end
end.
-spec push_list_update(jid(), binary()) -> ok.
push_list_update(From, Name) ->
BareFrom = jid:remove_resource(From),
lists:foreach(
fun(R) ->
To = jid:replace_resource(From, R),
IQ = #iq{type = set, from = BareFrom, to = To,
id = <<"push", (p1_rand:get_string())/binary>>,
sub_els = [#privacy_query{
lists = [#privacy_list{name = Name}]}]},
ejabberd_router:route(IQ)
end, ejabberd_sm:get_user_resources(From#jid.luser, From#jid.lserver)).
-spec decode_item(privacy_item()) -> listitem().
decode_item(#privacy_item{order = Order,
action = Action,
type = T,
value = V,
message = MatchMessage,
iq = MatchIQ,
presence_in = MatchPresenceIn,
presence_out = MatchPresenceOut}) ->
Value = try decode_value(T, V)
catch _:_ ->
throw({error, {bad_attr_value, <<"value">>,
<<"item">>, ?NS_PRIVACY}})
end,
Type = case T of
undefined -> none;
_ -> T
end,
ListItem = #listitem{order = Order,
action = Action,
type = Type,
value = Value},
if not (MatchMessage or MatchIQ or MatchPresenceIn or MatchPresenceOut) ->
ListItem#listitem{match_all = true};
true ->
ListItem#listitem{match_iq = MatchIQ,
match_message = MatchMessage,
match_presence_in = MatchPresenceIn,
match_presence_out = MatchPresenceOut}
end.
-spec c2s_copy_session(c2s_state(), c2s_state()) -> c2s_state().
c2s_copy_session(State, #{privacy_active_list := List}) ->
State#{privacy_active_list => List};
c2s_copy_session(State, _) ->
State.
%% Adjust the client's state, so next packets (which can be already queued)
%% will take the active list into account.
-spec update_c2s_state_with_privacy_list(stanza(), c2s_state()) -> c2s_state().
update_c2s_state_with_privacy_list(#iq{type = set,
to = #jid{luser = U, lserver = S,
lresource = <<"">>} = To} = IQ,
State) ->
%% Match a IQ set containing a new active privacy list
case xmpp:get_subtag(IQ, #privacy_query{}) of
#privacy_query{default = undefined, active = Active} ->
case Active of
none ->
?DEBUG("Removing active privacy list for user: ~ts",
[jid:encode(To)]),
State#{privacy_active_list => none};
undefined ->
State;
_ ->
case get_user_list(U, S, Active) of
{ok, _} ->
?DEBUG("Setting active privacy list '~ts' for user: ~ts",
[Active, jid:encode(To)]),
State#{privacy_active_list => Active};
_ ->
%% unknown privacy list name
State
end
end;
_ ->
State
end;
update_c2s_state_with_privacy_list(_Packet, State) ->
State.
%% Add the active privacy list to packet metadata
-spec user_send_packet({stanza(), c2s_state()}) -> {stanza(), c2s_state()}.
user_send_packet({#iq{type = Type,
to = #jid{luser = U, lserver = S, lresource = <<"">>},
from = #jid{luser = U, lserver = S},
sub_els = [_]} = IQ,
#{privacy_active_list := Name} = State})
when Type == get; Type == set ->
NewIQ = case xmpp:has_subtag(IQ, #privacy_query{}) of
true -> xmpp:put_meta(IQ, privacy_active_list, Name);
false -> IQ
end,
{NewIQ, update_c2s_state_with_privacy_list(IQ, State)};
%% For client with no active privacy list, see if there is
%% one about to be activated in this packet and update client state
user_send_packet({Packet, State}) ->
{Packet, update_c2s_state_with_privacy_list(Packet, State)}.
-spec set_list(binary(), binary(), binary(), [listitem()]) -> ok | {error, any()}.
set_list(LUser, LServer, Name, List) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
case Mod:set_list(LUser, LServer, Name, List) of
ok ->
delete_cache(Mod, LUser, LServer, [Name]);
{error, _} = Err ->
Err
end.
-spec remove_list(binary(), binary(), binary()) ->
ok | {error, conflict | notfound | any()}.
remove_list(LUser, LServer, Name) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
case Mod:remove_list(LUser, LServer, Name) of
ok ->
delete_cache(Mod, LUser, LServer, [Name]);
Err ->
Err
end.
-spec get_user_lists(binary(), binary()) -> {ok, privacy()} | error | {error, any()}.
get_user_lists(User, Server) ->
LUser = jid:nodeprep(User),
LServer = jid:nameprep(Server),
Mod = gen_mod:db_mod(LServer, ?MODULE),
case use_cache(Mod, LServer) of
true ->
ets_cache:lookup(
?PRIVACY_CACHE, {LUser, LServer},
fun() -> Mod:get_lists(LUser, LServer) end);
false ->
Mod:get_lists(LUser, LServer)
end.
-spec get_user_list(binary(), binary(), binary() | default) ->
{ok, {binary(), [listitem()]}} | error | {error, any()}.
get_user_list(LUser, LServer, Name) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
case use_cache(Mod, LServer) of
true ->
ets_cache:lookup(
?PRIVACY_LIST_CACHE, {LUser, LServer, Name},
fun() ->
case ets_cache:lookup(
?PRIVACY_CACHE, {LUser, LServer}) of
{ok, Privacy} ->
get_list_by_name(Privacy, Name);
error ->
Mod:get_list(LUser, LServer, Name)
end
end);
false ->
Mod:get_list(LUser, LServer, Name)
end.
-spec get_list_by_name(#privacy{}, binary() | default) ->
{ok, {binary(), [listitem()]}} | error.
get_list_by_name(#privacy{default = Default} = Privacy, default) ->
get_list_by_name(Privacy, Default);
get_list_by_name(#privacy{lists = Lists}, Name) ->
case lists:keyfind(Name, 1, Lists) of
{_, List} -> {ok, {Name, List}};
false -> error
end.
-spec set_default_list(binary(), binary(), binary() | none) ->
ok | {error, notfound | any()}.
set_default_list(LUser, LServer, Name) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
Res = case Name of
none -> Mod:unset_default(LUser, LServer);
_ -> Mod:set_default(LUser, LServer, Name)
end,
case Res of
ok ->
delete_cache(Mod, LUser, LServer, []);
Err ->
Err
end.
-spec check_packet(allow | deny, c2s_state() | jid(), stanza(), in | out) -> allow | deny.
check_packet(Acc, #{jid := JID} = State, Packet, Dir) ->
case maps:get(privacy_active_list, State, none) of
none ->
check_packet(Acc, JID, Packet, Dir);
ListName ->
#jid{luser = LUser, lserver = LServer} = JID,
case get_user_list(LUser, LServer, ListName) of
{ok, {_, List}} ->
do_check_packet(JID, List, Packet, Dir);
_ ->
?DEBUG("Non-existing active list '~ts' is set "
"for user '~ts'", [ListName, jid:encode(JID)]),
check_packet(Acc, JID, Packet, Dir)
end
end;
check_packet(_, JID, Packet, Dir) ->
#jid{luser = LUser, lserver = LServer} = JID,
case get_user_list(LUser, LServer, default) of
{ok, {_, List}} ->
do_check_packet(JID, List, Packet, Dir);
_ ->
allow
end.
%% From is the sender, To is the destination.
%% If Dir = out, User@Server is the sender account (From).
%% If Dir = in, User@Server is the destination account (To).
-spec do_check_packet(jid(), [listitem()], stanza(), in | out) -> allow | deny.
do_check_packet(_, [], _, _) ->
allow;
do_check_packet(#jid{luser = LUser, lserver = LServer}, List, Packet, Dir) ->
From = xmpp:get_from(Packet),
To = xmpp:get_to(Packet),
case {From, To} of
{#jid{luser = <<"">>, lserver = LServer},
#jid{lserver = LServer}} when Dir == in ->
%% Allow any packets from local server
allow;
{#jid{lserver = LServer},
#jid{luser = <<"">>, lserver = LServer}} when Dir == out ->
%% Allow any packets to local server
allow;
{#jid{luser = LUser, lserver = LServer, lresource = <<"">>},
#jid{luser = LUser, lserver = LServer}} when Dir == in ->
%% Allow incoming packets from user's bare jid to his full jid
allow;
{#jid{luser = LUser, lserver = LServer},
#jid{luser = LUser, lserver = LServer, lresource = <<"">>}} when Dir == out ->
%% Allow outgoing packets from user's full jid to his bare JID
allow;
_ ->
PType = case Packet of
#message{} -> message;
#iq{} -> iq;
#presence{type = available} -> presence;
#presence{type = unavailable} -> presence;
_ -> other
end,
PType2 = case {PType, Dir} of
{message, in} -> message;
{iq, in} -> iq;
{presence, in} -> presence_in;
{presence, out} -> presence_out;
{_, _} -> other
end,
LJID = case Dir of
in -> jid:tolower(From);
out -> jid:tolower(To)
end,
check_packet_aux(List, PType2, LJID, [LUser, LServer])
end.
-spec check_packet_aux([listitem()],
message | iq | presence_in | presence_out | other,
ljid(), [binary()] | {none | both | from | to, [binary()]}) ->
allow | deny.
%% Ptype = message | iq | presence_in | presence_out | other
check_packet_aux([], _PType, _JID, _RosterInfo) ->
allow;
check_packet_aux([Item | List], PType, JID, RosterInfo) ->
#listitem{type = Type, value = Value, action = Action} =
Item,
case is_ptype_match(Item, PType) of
true ->
case is_type_match(Type, Value, JID, RosterInfo) of
{true, _} -> Action;
{false, RI} ->
check_packet_aux(List, PType, JID, RI)
end;
false ->
check_packet_aux(List, PType, JID, RosterInfo)
end.
-spec is_ptype_match(listitem(),
message | iq | presence_in | presence_out | other) ->
boolean().
is_ptype_match(Item, PType) ->
case Item#listitem.match_all of
true -> true;
false ->
case PType of
message -> Item#listitem.match_message;
iq -> Item#listitem.match_iq;
presence_in -> Item#listitem.match_presence_in;
presence_out -> Item#listitem.match_presence_out;
other -> false
end
end.
-spec is_type_match(none | jid | subscription | group, listitem_value(),
ljid(), [binary()] | {none | both | from | to, [binary()]}) ->
{boolean(), [binary()] | {none | both | from | to, [binary()]}}.
is_type_match(none, _Value, _JID, RosterInfo) ->
{true, RosterInfo};
is_type_match(jid, Value, JID, RosterInfo) ->
case Value of
{<<"">>, Server, <<"">>} ->
case JID of
{_, Server, _} -> {true, RosterInfo};
_ -> {false, RosterInfo}
end;
{User, Server, <<"">>} ->
case JID of
{User, Server, _} -> {true, RosterInfo};
_ -> {false, RosterInfo}
end;
{<<"">>, Server, Resource} ->
case JID of
{_, Server, Resource} -> {true, RosterInfo};
_ -> {false, RosterInfo}
end;
_ -> {Value == JID, RosterInfo}
end;
is_type_match(subscription, Value, JID, RosterInfo) ->
{Subscription, _} = RI = resolve_roster_info(JID, RosterInfo),
{Value == Subscription, RI};
is_type_match(group, Group, JID, RosterInfo) ->
{_, Groups} = RI = resolve_roster_info(JID, RosterInfo),
{lists:member(Group, Groups), RI}.
-spec resolve_roster_info(ljid(), [binary()] | {none | both | from | to, [binary()]}) ->
{none | both | from | to, [binary()]}.
resolve_roster_info(JID, [LUser, LServer]) ->
{Subscription, _Ask, Groups} =
ejabberd_hooks:run_fold(
roster_get_jid_info, LServer,
{none, none, []},
[LUser, LServer, JID]),
{Subscription, Groups};
resolve_roster_info(_, RosterInfo) ->
RosterInfo.
-spec remove_user(binary(), binary()) -> ok.
remove_user(User, Server) ->
LUser = jid:nodeprep(User),
LServer = jid:nameprep(Server),
Privacy = get_user_lists(LUser, LServer),
Mod = gen_mod:db_mod(LServer, ?MODULE),
Mod:remove_lists(LUser, LServer),
case Privacy of
{ok, #privacy{lists = Lists}} ->
Names = [Name || {Name, _} <- Lists],
delete_cache(Mod, LUser, LServer, Names);
_ ->
ok
end.
-spec init_cache(module(), binary(), gen_mod:opts()) -> ok.
init_cache(Mod, Host, Opts) ->
case use_cache(Mod, Host) of
true ->
CacheOpts = cache_opts(Opts),
ets_cache:new(?PRIVACY_CACHE, CacheOpts),
ets_cache:new(?PRIVACY_LIST_CACHE, CacheOpts);
false ->
ets_cache:delete(?PRIVACY_CACHE),
ets_cache:delete(?PRIVACY_LIST_CACHE)
end.
-spec cache_opts(gen_mod:opts()) -> [proplists:property()].
cache_opts(Opts) ->
MaxSize = mod_privacy_opt:cache_size(Opts),
CacheMissed = mod_privacy_opt:cache_missed(Opts),
LifeTime = mod_privacy_opt:cache_life_time(Opts),
[{max_size, MaxSize}, {cache_missed, CacheMissed}, {life_time, LifeTime}].
-spec use_cache(module(), binary()) -> boolean().
use_cache(Mod, Host) ->
case erlang:function_exported(Mod, use_cache, 1) of
true -> Mod:use_cache(Host);
false -> mod_privacy_opt:use_cache(Host)
end.
-spec cache_nodes(module(), binary()) -> [node()].
cache_nodes(Mod, Host) ->
case erlang:function_exported(Mod, cache_nodes, 1) of
true -> Mod:cache_nodes(Host);
false -> ejabberd_cluster:get_nodes()
end.
-spec delete_cache(module(), binary(), binary(), [binary()]) -> ok.
delete_cache(Mod, LUser, LServer, Names) ->
case use_cache(Mod, LServer) of
true ->
Nodes = cache_nodes(Mod, LServer),
ets_cache:delete(?PRIVACY_CACHE, {LUser, LServer}, Nodes),
lists:foreach(
fun(Name) ->
ets_cache:delete(
?PRIVACY_LIST_CACHE,
{LUser, LServer, Name},
Nodes)
end, [default|Names]);
false ->
ok
end.
numeric_to_binary(<<0, 0, _/binary>>) ->
<<"0">>;
numeric_to_binary(<<0, _, _:6/binary, T/binary>>) ->
Res = lists:foldl(
fun(X, Sum) ->
Sum*10000 + X
end, 0, [X || <<X:16>> <= T]),
integer_to_binary(Res).
bool_to_binary(<<0>>) -> <<"0">>;
bool_to_binary(<<1>>) -> <<"1">>.
prepare_list_data(mysql, [ID|Row]) ->
[binary_to_integer(ID)|Row];
prepare_list_data(pgsql, [<<ID:64>>,
SType, SValue, SAction, SOrder, SMatchAll,
SMatchIQ, SMatchMessage, SMatchPresenceIn,
SMatchPresenceOut]) ->
[ID, SType, SValue, SAction,
numeric_to_binary(SOrder),
bool_to_binary(SMatchAll),
bool_to_binary(SMatchIQ),
bool_to_binary(SMatchMessage),
bool_to_binary(SMatchPresenceIn),
bool_to_binary(SMatchPresenceOut)].
prepare_id(mysql, ID) ->
binary_to_integer(ID);
prepare_id(pgsql, <<ID:32>>) ->
ID.
import_info() ->
[{<<"privacy_default_list">>, 2},
{<<"privacy_list_data">>, 10},
{<<"privacy_list">>, 4}].
import_start(LServer, DBType) ->
ets:new(privacy_default_list_tmp, [private, named_table]),
ets:new(privacy_list_data_tmp, [private, named_table, bag]),
ets:new(privacy_list_tmp, [private, named_table, bag,
{keypos, #privacy.us}]),
Mod = gen_mod:db_mod(DBType, ?MODULE),
Mod:init(LServer, []).
import(LServer, {sql, _}, _DBType, <<"privacy_default_list">>, [LUser, Name]) ->
US = {LUser, LServer},
ets:insert(privacy_default_list_tmp, {US, Name}),
ok;
import(LServer, {sql, SQLType}, _DBType, <<"privacy_list_data">>, Row1) ->
[ID|Row] = prepare_list_data(SQLType, Row1),
case mod_privacy_sql:raw_to_item(Row) of
[Item] ->
IS = {ID, LServer},
ets:insert(privacy_list_data_tmp, {IS, Item}),
ok;
[] ->
ok
end;
import(LServer, {sql, SQLType}, _DBType, <<"privacy_list">>,
[LUser, Name, ID, _TimeStamp]) ->
US = {LUser, LServer},
IS = {prepare_id(SQLType, ID), LServer},
Default = case ets:lookup(privacy_default_list_tmp, US) of
[{_, Name}] -> Name;
_ -> none
end,
case [Item || {_, Item} <- ets:lookup(privacy_list_data_tmp, IS)] of
[_|_] = Items ->
Privacy = #privacy{us = {LUser, LServer},
default = Default,
lists = [{Name, Items}]},
ets:insert(privacy_list_tmp, Privacy),
ets:delete(privacy_list_data_tmp, IS),
ok;
_ ->
ok
end.
import_stop(_LServer, DBType) ->
import_next(DBType, ets:first(privacy_list_tmp)),
ets:delete(privacy_default_list_tmp),
ets:delete(privacy_list_data_tmp),
ets:delete(privacy_list_tmp),
ok.
import_next(_DBType, '$end_of_table') ->
ok;
import_next(DBType, US) ->
[P|_] = Ps = ets:lookup(privacy_list_tmp, US),
Lists = lists:flatmap(
fun(#privacy{lists = Lists}) ->
Lists
end, Ps),
Privacy = P#privacy{lists = Lists},
Mod = gen_mod:db_mod(DBType, ?MODULE),
Mod:import(Privacy),
import_next(DBType, ets:next(privacy_list_tmp, US)).
export(LServer) ->
Mod = gen_mod:db_mod(LServer, ?MODULE),
Mod:export(LServer).
depends(_Host, _Opts) ->
[].
mod_opt_type(db_type) ->
econf:db_type(?MODULE);
mod_opt_type(use_cache) ->
econf:bool();
mod_opt_type(cache_size) ->
econf:pos_int(infinity);
mod_opt_type(cache_missed) ->
econf:bool();
mod_opt_type(cache_life_time) ->
econf:timeout(second, infinity).
mod_options(Host) ->
[{db_type, ejabberd_config:default_db(Host, ?MODULE)},
{use_cache, ejabberd_option:use_cache(Host)},
{cache_size, ejabberd_option:cache_size(Host)},
{cache_missed, ejabberd_option:cache_missed(Host)},
{cache_life_time, ejabberd_option:cache_life_time(Host)}].
mod_doc() ->
#{desc =>
[?T("This module implements "
"https://xmpp.org/extensions/xep-0016.html"
"[XEP-0016: Privacy Lists]."), "",
?T("NOTE: Nowadays modern XMPP clients rely on "
"https://xmpp.org/extensions/xep-0191.html"
"[XEP-0191: Blocking Command] which is implemented by "
"'mod_blocking' module. However, you still need "
"'mod_privacy' loaded in order for _`mod_blocking`_ to work.")],
opts =>
[{db_type,
#{value => "mnesia | sql",
desc =>
?T("Same as top-level _`default_db`_ option, but applied to this module only.")}},
{use_cache,
#{value => "true | false",
desc =>
?T("Same as top-level _`use_cache`_ option, but applied to this module only.")}},
{cache_size,
#{value => "pos_integer() | infinity",
desc =>
?T("Same as top-level _`cache_size`_ option, but applied to this module only.")}},
{cache_missed,
#{value => "true | false",
desc =>
?T("Same as top-level _`cache_missed`_ option, but applied to this module only.")}},
{cache_life_time,
#{value => "timeout()",
desc =>
?T("Same as top-level _`cache_life_time`_ option, but applied to this module only.")}}]}.