mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-22 16:20:52 +01:00
4b012a99d2
When the option is set to `true`, the module will generate CAPTCHA challenges for incoming subscription requests. The option also implies that option `drop` is set to `true`. Note that the module won't generate CAPTCHA challenges for messages: they will still be rejected if `drop` is set to `true`. Fixes #2246
378 lines
12 KiB
Erlang
378 lines
12 KiB
Erlang
%%%-------------------------------------------------------------------
|
|
%%% File : mod_roster_sql.erl
|
|
%%% Author : Evgeny Khramtsov <ekhramtsov@process-one.net>
|
|
%%% Created : 14 Apr 2016 by Evgeny Khramtsov <ekhramtsov@process-one.net>
|
|
%%%
|
|
%%%
|
|
%%% ejabberd, Copyright (C) 2002-2018 ProcessOne
|
|
%%%
|
|
%%% This program is free software; you can redistribute it and/or
|
|
%%% modify it under the terms of the GNU General Public License as
|
|
%%% published by the Free Software Foundation; either version 2 of the
|
|
%%% License, or (at your option) any later version.
|
|
%%%
|
|
%%% This program is distributed in the hope that it will be useful,
|
|
%%% but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
%%% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
%%% General Public License for more details.
|
|
%%%
|
|
%%% You should have received a copy of the GNU General Public License along
|
|
%%% with this program; if not, write to the Free Software Foundation, Inc.,
|
|
%%% 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
%%%
|
|
%%%----------------------------------------------------------------------
|
|
|
|
-module(mod_roster_sql).
|
|
|
|
-compile([{parse_transform, ejabberd_sql_pt}]).
|
|
|
|
-behaviour(mod_roster).
|
|
|
|
%% API
|
|
-export([init/2, read_roster_version/2, write_roster_version/4,
|
|
get_roster/2, get_roster_item/3, roster_subscribe/4,
|
|
read_subscription_and_groups/3, remove_user/2,
|
|
update_roster/4, del_roster/3, transaction/2,
|
|
import/3, export/1, raw_to_record/2]).
|
|
|
|
-include("mod_roster.hrl").
|
|
-include("ejabberd_sql_pt.hrl").
|
|
-include("logger.hrl").
|
|
|
|
%%%===================================================================
|
|
%%% API
|
|
%%%===================================================================
|
|
init(_Host, _Opts) ->
|
|
ok.
|
|
|
|
read_roster_version(LUser, LServer) ->
|
|
case ejabberd_sql:sql_query(
|
|
LServer,
|
|
?SQL("select @(version)s from roster_version"
|
|
" where username = %(LUser)s and %(LServer)H")) of
|
|
{selected, [{Version}]} -> {ok, Version};
|
|
{selected, []} -> error;
|
|
_ -> {error, db_failure}
|
|
end.
|
|
|
|
write_roster_version(LUser, LServer, InTransaction, Ver) ->
|
|
if InTransaction ->
|
|
set_roster_version(LUser, LServer, Ver);
|
|
true ->
|
|
transaction(
|
|
LServer,
|
|
fun () -> set_roster_version(LUser, LServer, Ver) end)
|
|
end.
|
|
|
|
get_roster(LUser, LServer) ->
|
|
case ejabberd_sql:sql_query(
|
|
LServer,
|
|
?SQL("select @(username)s, @(jid)s, @(nick)s, @(subscription)s, "
|
|
"@(ask)s, @(askmessage)s, @(server)s, @(subscribe)s, "
|
|
"@(type)s from rosterusers "
|
|
"where username=%(LUser)s and %(LServer)H")) of
|
|
{selected, Items} when is_list(Items) ->
|
|
JIDGroups = case get_roster_jid_groups(LServer, LUser) of
|
|
{selected, JGrps} when is_list(JGrps) ->
|
|
JGrps;
|
|
_ ->
|
|
[]
|
|
end,
|
|
GroupsDict = lists:foldl(fun({J, G}, Acc) ->
|
|
dict:append(J, G, Acc)
|
|
end,
|
|
dict:new(), JIDGroups),
|
|
{ok, lists:flatmap(
|
|
fun(I) ->
|
|
case raw_to_record(LServer, I) of
|
|
%% Bad JID in database:
|
|
error -> [];
|
|
R ->
|
|
SJID = jid:encode(R#roster.jid),
|
|
Groups = case dict:find(SJID, GroupsDict) of
|
|
{ok, Gs} -> Gs;
|
|
error -> []
|
|
end,
|
|
[R#roster{groups = Groups}]
|
|
end
|
|
end, Items)};
|
|
_ ->
|
|
error
|
|
end.
|
|
|
|
roster_subscribe(_LUser, _LServer, _LJID, Item) ->
|
|
ItemVals = record_to_row(Item),
|
|
roster_subscribe(ItemVals).
|
|
|
|
transaction(LServer, F) ->
|
|
ejabberd_sql:sql_transaction(LServer, F).
|
|
|
|
get_roster_item(LUser, LServer, LJID) ->
|
|
SJID = jid:encode(LJID),
|
|
case get_roster_by_jid(LServer, LUser, SJID) of
|
|
{selected, [I]} ->
|
|
case raw_to_record(LServer, I) of
|
|
error ->
|
|
error;
|
|
R ->
|
|
Groups = case get_roster_groups(LServer, LUser, SJID) of
|
|
{selected, JGrps} when is_list(JGrps) ->
|
|
[JGrp || {JGrp} <- JGrps];
|
|
_ -> []
|
|
end,
|
|
{ok, R#roster{groups = Groups}}
|
|
end;
|
|
{selected, []} ->
|
|
error
|
|
end.
|
|
|
|
remove_user(LUser, LServer) ->
|
|
transaction(
|
|
LServer,
|
|
fun () ->
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("delete from rosterusers"
|
|
" where username=%(LUser)s and %(LServer)H")),
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("delete from rostergroups"
|
|
" where username=%(LUser)s and %(LServer)H"))
|
|
end),
|
|
ok.
|
|
|
|
update_roster(LUser, LServer, LJID, Item) ->
|
|
SJID = jid:encode(LJID),
|
|
ItemVals = record_to_row(Item),
|
|
ItemGroups = Item#roster.groups,
|
|
roster_subscribe(ItemVals),
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("delete from rostergroups"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")),
|
|
lists:foreach(
|
|
fun(ItemGroup) ->
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL_INSERT(
|
|
"rostergroups",
|
|
["username=%(LUser)s",
|
|
"server_host=%(LServer)s",
|
|
"jid=%(SJID)s",
|
|
"grp=%(ItemGroup)s"]))
|
|
end,
|
|
ItemGroups).
|
|
|
|
del_roster(LUser, LServer, LJID) ->
|
|
SJID = jid:encode(LJID),
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("delete from rosterusers"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")),
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("delete from rostergroups"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")).
|
|
|
|
read_subscription_and_groups(LUser, LServer, LJID) ->
|
|
SJID = jid:encode(LJID),
|
|
case get_subscription(LServer, LUser, SJID) of
|
|
{selected, [{SSubscription, SAsk}]} ->
|
|
Subscription = decode_subscription(LUser, LServer, SSubscription),
|
|
Ask = decode_ask(LUser, LServer, SAsk),
|
|
Groups = case get_rostergroup_by_jid(LServer, LUser, SJID) of
|
|
{selected, JGrps} when is_list(JGrps) ->
|
|
[JGrp || {JGrp} <- JGrps];
|
|
_ -> []
|
|
end,
|
|
{ok, {Subscription, Ask, Groups}};
|
|
_ ->
|
|
error
|
|
end.
|
|
|
|
export(_Server) ->
|
|
[{roster,
|
|
fun(Host, #roster{usj = {_LUser, LServer, _LJID}} = R)
|
|
when LServer == Host ->
|
|
ItemVals = record_to_row(R),
|
|
ItemGroups = R#roster.groups,
|
|
update_roster_sql(ItemVals, ItemGroups);
|
|
(_Host, _R) ->
|
|
[]
|
|
end},
|
|
{roster_version,
|
|
fun(Host, #roster_version{us = {LUser, LServer}, version = Ver})
|
|
when LServer == Host ->
|
|
[?SQL("delete from roster_version"
|
|
" where username=%(LUser)s and %(LServer)H;"),
|
|
?SQL_INSERT(
|
|
"roster_version",
|
|
["username=%(LUser)s",
|
|
"server_host=%(LServer)s",
|
|
"version=%(Ver)s"])];
|
|
(_Host, _R) ->
|
|
[]
|
|
end}].
|
|
|
|
import(_, _, _) ->
|
|
ok.
|
|
|
|
%%%===================================================================
|
|
%%% Internal functions
|
|
%%%===================================================================
|
|
set_roster_version(LUser, LServer, Version) ->
|
|
?SQL_UPSERT_T(
|
|
"roster_version",
|
|
["!username=%(LUser)s",
|
|
"!server_host=%(LServer)s",
|
|
"version=%(Version)s"]).
|
|
|
|
get_roster_jid_groups(LServer, LUser) ->
|
|
ejabberd_sql:sql_query(
|
|
LServer,
|
|
?SQL("select @(jid)s, @(grp)s from rostergroups where "
|
|
"username=%(LUser)s and %(LServer)H")).
|
|
|
|
get_roster_groups(LServer, LUser, SJID) ->
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("select @(grp)s from rostergroups"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")).
|
|
|
|
roster_subscribe({LUser, LServer, SJID, Name, SSubscription, SAsk, AskMessage}) ->
|
|
?SQL_UPSERT_T(
|
|
"rosterusers",
|
|
["!username=%(LUser)s",
|
|
"!server_host=%(LServer)s",
|
|
"!jid=%(SJID)s",
|
|
"nick=%(Name)s",
|
|
"subscription=%(SSubscription)s",
|
|
"ask=%(SAsk)s",
|
|
"askmessage=%(AskMessage)s",
|
|
"server='N'",
|
|
"subscribe=''",
|
|
"type='item'"]).
|
|
|
|
get_roster_by_jid(LServer, LUser, SJID) ->
|
|
ejabberd_sql:sql_query_t(
|
|
?SQL("select @(username)s, @(jid)s, @(nick)s, @(subscription)s,"
|
|
" @(ask)s, @(askmessage)s, @(server)s, @(subscribe)s,"
|
|
" @(type)s from rosterusers"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")).
|
|
|
|
get_rostergroup_by_jid(LServer, LUser, SJID) ->
|
|
ejabberd_sql:sql_query(
|
|
LServer,
|
|
?SQL("select @(grp)s from rostergroups"
|
|
" where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")).
|
|
|
|
get_subscription(LServer, LUser, SJID) ->
|
|
ejabberd_sql:sql_query(
|
|
LServer,
|
|
?SQL("select @(subscription)s, @(ask)s from rosterusers "
|
|
"where username=%(LUser)s and %(LServer)H and jid=%(SJID)s")).
|
|
|
|
update_roster_sql({LUser, LServer, SJID, Name, SSubscription, SAsk, AskMessage},
|
|
ItemGroups) ->
|
|
[?SQL("delete from rosterusers where"
|
|
" username=%(LUser)s and %(LServer)H and jid=%(SJID)s;"),
|
|
?SQL_INSERT(
|
|
"rosterusers",
|
|
["username=%(LUser)s",
|
|
"server_host=%(LServer)s",
|
|
"jid=%(SJID)s",
|
|
"nick=%(Name)s",
|
|
"subscription=%(SSubscription)s",
|
|
"ask=%(SAsk)s",
|
|
"askmessage=%(AskMessage)s",
|
|
"server='N'",
|
|
"subscribe=''",
|
|
"type='item'"]),
|
|
?SQL("delete from rostergroups where"
|
|
" username=%(LUser)s and %(LServer)H and jid=%(SJID)s;")]
|
|
++
|
|
[?SQL_INSERT(
|
|
"rostergroups",
|
|
["username=%(LUser)s",
|
|
"server_host=%(LServer)s",
|
|
"jid=%(SJID)s",
|
|
"grp=%(ItemGroup)s"])
|
|
|| ItemGroup <- ItemGroups].
|
|
|
|
raw_to_record(LServer,
|
|
[User, LServer, SJID, Nick, SSubscription, SAsk, SAskMessage,
|
|
_SServer, _SSubscribe, _SType]) ->
|
|
raw_to_record(LServer,
|
|
{User, LServer, SJID, Nick, SSubscription, SAsk, SAskMessage,
|
|
_SServer, _SSubscribe, _SType});
|
|
raw_to_record(LServer,
|
|
{User, SJID, Nick, SSubscription, SAsk, SAskMessage,
|
|
_SServer, _SSubscribe, _SType}) ->
|
|
raw_to_record(LServer,
|
|
{User, LServer, SJID, Nick, SSubscription, SAsk, SAskMessage,
|
|
_SServer, _SSubscribe, _SType});
|
|
raw_to_record(LServer,
|
|
{User, LServer, SJID, Nick, SSubscription, SAsk, SAskMessage,
|
|
_SServer, _SSubscribe, _SType}) ->
|
|
try jid:decode(SJID) of
|
|
JID ->
|
|
LJID = jid:tolower(JID),
|
|
Subscription = decode_subscription(User, LServer, SSubscription),
|
|
Ask = decode_ask(User, LServer, SAsk),
|
|
#roster{usj = {User, LServer, LJID},
|
|
us = {User, LServer}, jid = LJID, name = Nick,
|
|
subscription = Subscription, ask = Ask,
|
|
askmessage = SAskMessage}
|
|
catch _:{bad_jid, _} ->
|
|
?ERROR_MSG("~s", [format_row_error(User, LServer, {jid, SJID})]),
|
|
error
|
|
end.
|
|
|
|
record_to_row(
|
|
#roster{us = {LUser, LServer},
|
|
jid = JID, name = Name, subscription = Subscription,
|
|
ask = Ask, askmessage = AskMessage}) ->
|
|
SJID = jid:encode(jid:tolower(JID)),
|
|
SSubscription = case Subscription of
|
|
both -> <<"B">>;
|
|
to -> <<"T">>;
|
|
from -> <<"F">>;
|
|
none -> <<"N">>
|
|
end,
|
|
SAsk = case Ask of
|
|
subscribe -> <<"S">>;
|
|
unsubscribe -> <<"U">>;
|
|
both -> <<"B">>;
|
|
out -> <<"O">>;
|
|
in -> <<"I">>;
|
|
none -> <<"N">>
|
|
end,
|
|
{LUser, LServer, SJID, Name, SSubscription, SAsk, AskMessage}.
|
|
|
|
decode_subscription(User, Server, S) ->
|
|
case S of
|
|
<<"B">> -> both;
|
|
<<"T">> -> to;
|
|
<<"F">> -> from;
|
|
<<"N">> -> none;
|
|
<<"">> -> none;
|
|
_ ->
|
|
?ERROR_MSG("~s", [format_row_error(User, Server, {subscription, S})]),
|
|
none
|
|
end.
|
|
|
|
decode_ask(User, Server, A) ->
|
|
case A of
|
|
<<"S">> -> subscribe;
|
|
<<"U">> -> unsubscribe;
|
|
<<"B">> -> both;
|
|
<<"O">> -> out;
|
|
<<"I">> -> in;
|
|
<<"N">> -> none;
|
|
<<"">> -> none;
|
|
_ ->
|
|
?ERROR_MSG("~s", [format_row_error(User, Server, {ask, A})]),
|
|
none
|
|
end.
|
|
|
|
format_row_error(User, Server, Why) ->
|
|
[case Why of
|
|
{jid, JID} -> ["Malformed 'jid' field with value '", JID, "'"];
|
|
{subscription, Sub} -> ["Malformed 'subscription' field with value '", Sub, "'"];
|
|
{ask, Ask} -> ["Malformed 'ask' field with value '", Ask, "'"]
|
|
end,
|
|
" detected for ", User, "@", Server, " in table 'rosterusers'"].
|