"Fossies" - the Fresh Open Source Software Archive 
Member "jitsi-meet-7319/resources/prosody-plugins/mod_muc_allowners.lua" (6 Jun 2023, 6870 Bytes) of package /linux/misc/jitsi-meet-7319.tar.gz:
As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Lua source code syntax highlighting (style:
standard) with prefixed line numbers and
code folding option.
Alternatively you can here
view or
download the uninterpreted source code file.
1 local filters = require 'util.filters';
2 local jid = require "util.jid";
3 local jid_bare = require "util.jid".bare;
4 local jid_host = require "util.jid".host;
5 local st = require "util.stanza";
6 local um_is_admin = require "core.usermanager".is_admin;
7 local util = module:require "util";
8 local is_healthcheck_room = util.is_healthcheck_room;
9 local extract_subdomain = util.extract_subdomain;
10 local get_room_from_jid = util.get_room_from_jid;
11 local presence_check_status = util.presence_check_status;
12 local MUC_NS = 'http://jabber.org/protocol/muc';
13
14 local moderated_subdomains;
15 local moderated_rooms;
16 local disable_revoke_owners;
17
18 local function load_config()
19 moderated_subdomains = module:get_option_set("allowners_moderated_subdomains", {})
20 moderated_rooms = module:get_option_set("allowners_moderated_rooms", {})
21 disable_revoke_owners = module:get_option_boolean("allowners_disable_revoke_owners", false);
22 end
23 load_config();
24
25 local function is_admin(_jid)
26 return um_is_admin(_jid, module.host);
27 end
28
29 -- List of the bare_jids of all occupants that are currently joining (went through pre-join) and will be promoted
30 -- as moderators. As pre-join (where added) and joined event (where removed) happen one after another this list should
31 -- have length of 1
32 local joining_moderator_participants = {};
33
34 -- Checks whether the jid is moderated, the room name is in moderated_rooms
35 -- or if the subdomain is in the moderated_subdomains
36 -- @return returns on of the:
37 -- -> false
38 -- -> true, room_name, subdomain
39 -- -> true, room_name, nil (if no subdomain is used for the room)
40 local function is_moderated(room_jid)
41 if moderated_subdomains:empty() and moderated_rooms:empty() then
42 return false;
43 end
44
45 local room_node = jid.node(room_jid);
46 -- parses bare room address, for multidomain expected format is:
47 -- [subdomain]roomName@conference.domain
48 local target_subdomain, target_room_name = extract_subdomain(room_node);
49 if target_subdomain then
50 if moderated_subdomains:contains(target_subdomain) then
51 return true, target_room_name, target_subdomain;
52 end
53 elseif moderated_rooms:contains(room_node) then
54 return true, room_node, nil;
55 end
56
57 return false;
58 end
59
60 module:hook("muc-occupant-pre-join", function (event)
61 local room, occupant = event.room, event.occupant;
62
63 if is_healthcheck_room(room.jid) or is_admin(occupant.bare_jid) then
64 return;
65 end
66
67 local moderated, room_name, subdomain = is_moderated(room.jid);
68 if moderated then
69 local session = event.origin;
70 local token = session.auth_token;
71
72 if not token then
73 module:log('debug', 'skip allowners for non-auth user subdomain:%s room_name:%s', subdomain, room_name);
74 return;
75 end
76
77 if not (room_name == session.jitsi_meet_room or session.jitsi_meet_room == '*') then
78 module:log('debug', 'skip allowners for auth user and non matching room name: %s, jwt room name: %s',
79 room_name, session.jitsi_meet_room);
80 return;
81 end
82
83 -- FIX ME: luacheck warning 581
84 -- not (x == y)' can be replaced by 'x ~= y' (if neither side is a table or NaN)
85 if not (subdomain == session.jitsi_meet_context_group) then
86 module:log('debug', 'skip allowners for auth user and non matching room subdomain: %s, jwt subdomain: %s',
87 subdomain, session.jitsi_meet_context_group);
88 return;
89 end
90 end
91
92 -- mark this participant that it will be promoted and is currently joining
93 joining_moderator_participants[occupant.bare_jid] = true;
94 end, 2);
95
96 module:hook("muc-occupant-joined", function (event)
97 local room, occupant = event.room, event.occupant;
98
99 local promote_to_moderator = joining_moderator_participants[occupant.bare_jid];
100 -- clear it
101 joining_moderator_participants[occupant.bare_jid] = nil;
102
103 if promote_to_moderator ~= nil then
104 room:set_affiliation(true, occupant.bare_jid, "owner");
105 end
106 end, 2);
107
108 module:hook_global('config-reloaded', load_config);
109
110 -- Filters self-presences to a jid that exist in joining_participants array
111 -- We want to filter those presences where we send first `participant` and just after it `moderator`
112 function filter_stanza(stanza)
113 -- when joining_moderator_participants is empty there is nothing to filter
114 if next(joining_moderator_participants) == nil
115 or not stanza.attr
116 or not stanza.attr.to
117 or stanza.name ~= "presence" then
118 return stanza;
119 end
120
121 -- we want to filter presences only on this host for allowners and skip anything like lobby etc.
122 local host_from = jid_host(stanza.attr.from);
123 if host_from ~= module.host then
124 return stanza;
125 end
126
127 local bare_to = jid_bare(stanza.attr.to);
128 if stanza:get_error() and joining_moderator_participants[bare_to] then
129 -- pre-join succeeded but joined did not so we need to clear cache
130 joining_moderator_participants[bare_to] = nil;
131 return stanza;
132 end
133
134 local muc_x = stanza:get_child('x', MUC_NS..'#user');
135 if not muc_x then
136 return stanza;
137 end
138
139 if joining_moderator_participants[bare_to] and presence_check_status(muc_x, '110') then
140 -- skip the local presence for participant
141 return nil;
142 end
143
144 -- skip sending the 'participant' presences to all other people in the room
145 for item in muc_x:childtags('item') do
146 if joining_moderator_participants[jid_bare(item.attr.jid)] then
147 return nil;
148 end
149 end
150
151 return stanza;
152 end
153 function filter_session(session)
154 -- domain mapper is filtering on default priority 0, and we need it after that
155 filters.add_filter(session, 'stanzas/out', filter_stanza, -1);
156 end
157
158 -- enable filtering presences
159 filters.add_filter_hook(filter_session);
160
161 -- filters any attempt to revoke owner rights on non moderated rooms
162 function filter_admin_set_query(event)
163 local origin, stanza = event.origin, event.stanza;
164 local room_jid = jid_bare(stanza.attr.to);
165 local room = get_room_from_jid(room_jid);
166
167 local item = stanza.tags[1].tags[1];
168 local _aff = item.attr.affiliation;
169
170 -- if it is a moderated room we skip it
171 if is_moderated(room.jid) then
172 return nil;
173 end
174
175 -- any revoking is disabled, everyone should be owners
176 if _aff == 'none' or _aff == 'outcast' or _aff == 'member' then
177 origin.send(st.error_reply(stanza, "auth", "forbidden"));
178 return true;
179 end
180 end
181
182 if not disable_revoke_owners then
183 -- default prosody priority for handling these is -2
184 module:hook("iq-set/bare/http://jabber.org/protocol/muc#admin:query", filter_admin_set_query, 5);
185 module:hook("iq-set/host/http://jabber.org/protocol/muc#admin:query", filter_admin_set_query, 5);
186 end