"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-6316/resources/prosody-plugins/mod_muc_allowners.lua" (5 Jul 2022, 6753 Bytes) of package /linux/misc/jitsi-meet-6316.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Lua source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 local filters = require 'util.filters';
    2 local jid = require "util.jid";
    3 local jid_bare = require "util.jid".bare;
    4 local jid_host = require "util.jid".host;
    5 local st = require "util.stanza";
    6 local um_is_admin = require "core.usermanager".is_admin;
    7 local util = module:require "util";
    8 local is_healthcheck_room = util.is_healthcheck_room;
    9 local extract_subdomain = util.extract_subdomain;
   10 local get_room_from_jid = util.get_room_from_jid;
   11 local presence_check_status = util.presence_check_status;
   12 local MUC_NS = 'http://jabber.org/protocol/muc';
   13 
   14 local moderated_subdomains;
   15 local moderated_rooms;
   16 local disable_revoke_owners;
   17 
   18 local function load_config()
   19     moderated_subdomains = module:get_option_set("allowners_moderated_subdomains", {})
   20     moderated_rooms = module:get_option_set("allowners_moderated_rooms", {})
   21     disable_revoke_owners = module:get_option_boolean("allowners_disable_revoke_owners", false);
   22 end
   23 load_config();
   24 
   25 local function is_admin(_jid)
   26     return um_is_admin(_jid, module.host);
   27 end
   28 
   29 -- List of the bare_jids of all occupants that are currently joining (went through pre-join) and will be promoted
   30 -- as moderators. As pre-join (where added) and joined event (where removed) happen one after another this list should
   31 -- have length of 1
   32 local joining_moderator_participants = {};
   33 
   34 -- Checks whether the jid is moderated, the room name is in moderated_rooms
   35 -- or if the subdomain is in the moderated_subdomains
   36 -- @return returns on of the:
   37 --      -> false
   38 --      -> true, room_name, subdomain
   39 --      -> true, room_name, nil (if no subdomain is used for the room)
   40 local function is_moderated(room_jid)
   41     if moderated_subdomains:empty() and moderated_rooms:empty() then
   42         return false;
   43     end
   44 
   45     local room_node = jid.node(room_jid);
   46     -- parses bare room address, for multidomain expected format is:
   47     -- [subdomain]roomName@conference.domain
   48     local target_subdomain, target_room_name = extract_subdomain(room_node);
   49     if target_subdomain then
   50         if moderated_subdomains:contains(target_subdomain) then
   51             return true, target_room_name, target_subdomain;
   52         end
   53     elseif moderated_rooms:contains(room_node) then
   54         return true, room_node, nil;
   55     end
   56 
   57     return false;
   58 end
   59 
   60 module:hook("muc-occupant-pre-join", function (event)
   61     local room, occupant = event.room, event.occupant;
   62 
   63     if is_healthcheck_room(room.jid) or is_admin(occupant.bare_jid) then
   64         return;
   65     end
   66 
   67     local moderated, room_name, subdomain = is_moderated(room.jid);
   68     if moderated then
   69         local session = event.origin;
   70         local token = session.auth_token;
   71 
   72         if not token then
   73             module:log('debug', 'skip allowners for non-auth user subdomain:%s room_name:%s', subdomain, room_name);
   74             return;
   75         end
   76 
   77         if not (room_name == session.jitsi_meet_room or session.jitsi_meet_room == '*') then
   78             module:log('debug', 'skip allowners for auth user and non matching room name: %s, jwt room name: %s',
   79                 room_name, session.jitsi_meet_room);
   80             return;
   81         end
   82 
   83         if not (subdomain == session.jitsi_meet_context_group) then
   84             module:log('debug', 'skip allowners for auth user and non matching room subdomain: %s, jwt subdomain: %s',
   85                 subdomain, session.jitsi_meet_context_group);
   86             return;
   87         end
   88     end
   89 
   90     -- mark this participant that it will be promoted and is currently joining
   91     joining_moderator_participants[occupant.bare_jid] = true;
   92 end, 2);
   93 
   94 module:hook("muc-occupant-joined", function (event)
   95     local room, occupant = event.room, event.occupant;
   96 
   97     local promote_to_moderator = joining_moderator_participants[occupant.bare_jid];
   98     -- clear it
   99     joining_moderator_participants[occupant.bare_jid] = nil;
  100 
  101     if promote_to_moderator ~= nil then
  102         room:set_affiliation(true, occupant.bare_jid, "owner");
  103     end
  104 end, 2);
  105 
  106 module:hook_global('config-reloaded', load_config);
  107 
  108 -- Filters self-presences to a jid that exist in joining_participants array
  109 -- We want to filter those presences where we send first `participant` and just after it `moderator`
  110 function filter_stanza(stanza)
  111     -- when joining_moderator_participants is empty there is nothing to filter
  112     if next(joining_moderator_participants) == nil
  113             or not stanza.attr
  114             or not stanza.attr.to
  115             or stanza.name ~= "presence" then
  116         return stanza;
  117     end
  118 
  119     -- we want to filter presences only on this host for allowners and skip anything like lobby etc.
  120     local host_from = jid_host(stanza.attr.from);
  121     if host_from ~= module.host then
  122         return stanza;
  123     end
  124 
  125     local bare_to = jid_bare(stanza.attr.to);
  126     if stanza:get_error() and joining_moderator_participants[bare_to] then
  127         -- pre-join succeeded but joined did not so we need to clear cache
  128         joining_moderator_participants[bare_to] = nil;
  129         return stanza;
  130     end
  131 
  132     local muc_x = stanza:get_child('x', MUC_NS..'#user');
  133     if not muc_x then
  134         return stanza;
  135     end
  136 
  137     if joining_moderator_participants[bare_to] and presence_check_status(muc_x, '110') then
  138         -- skip the local presence for participant
  139         return nil;
  140     end
  141 
  142     -- skip sending the 'participant' presences to all other people in the room
  143     for item in muc_x:childtags('item') do
  144         if joining_moderator_participants[jid_bare(item.attr.jid)] then
  145             return nil;
  146         end
  147     end
  148 
  149     return stanza;
  150 end
  151 function filter_session(session)
  152     -- domain mapper is filtering on default priority 0, and we need it after that
  153     filters.add_filter(session, 'stanzas/out', filter_stanza, -1);
  154 end
  155 
  156 -- enable filtering presences
  157 filters.add_filter_hook(filter_session);
  158 
  159 -- filters any attempt to revoke owner rights on non moderated rooms
  160 function filter_admin_set_query(event)
  161     local origin, stanza = event.origin, event.stanza;
  162     local room_jid = jid_bare(stanza.attr.to);
  163     local room = get_room_from_jid(room_jid);
  164 
  165     local item = stanza.tags[1].tags[1];
  166     local _aff = item.attr.affiliation;
  167 
  168     -- if it is a moderated room we skip it
  169     if is_moderated(room.jid) then
  170         return nil;
  171     end
  172 
  173     -- any revoking is disabled, everyone should be owners
  174     if _aff == 'none' or _aff == 'outcast' or _aff == 'member' then
  175         origin.send(st.error_reply(stanza, "auth", "forbidden"));
  176         return true;
  177     end
  178 end
  179 
  180 if not disable_revoke_owners then
  181     -- default prosody priority for handling these is -2
  182     module:hook("iq-set/bare/http://jabber.org/protocol/muc#admin:query", filter_admin_set_query, 5);
  183     module:hook("iq-set/host/http://jabber.org/protocol/muc#admin:query", filter_admin_set_query, 5);
  184 end