apitech
/
prosody
mirror of https://github.com/bjc/prosody
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
IMPORTANT: due to a drive failure, as of 13-Mar-2021, the Mercurial repository had to be re-mirrored, which changed every commit SHA. The old SHAs and trees are backed up in the vault branches. Please migrate to the new branches as soon as you can.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13792 Commits
12 Branches
101 Tags
54 MiB
Tag: Branch: Tree: ea2f97e9ed
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ea2f97e9ed'
${ noResults }
prosody/core/moduleapi.lua

816 lines
25 KiB
Raw Normal View History Unescape

modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
-- Prosody IM
-- Copyright (C) 2008-2012 Matthew Wild
-- Copyright (C) 2008-2012 Waqas Hussain
Remove all trailing whitespace
13 years ago
--
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
core: Prefix module imports with prosody namespace
3 years ago
local array = require "prosody.util.array";
local set = require "prosody.util.set";
local it = require "prosody.util.iterators";
local logger = require "prosody.util.logger";
local timer = require "prosody.util.timer";
local resolve_relative_path = require"prosody.util.paths".resolve_relative_path;
local st = require "prosody.util.stanza";
local cache = require "prosody.util.cache";
local errors = require "prosody.util.error";
local promise = require "prosody.util.promise";
local time_now = require "prosody.util.time".now;
local format = require "prosody.util.format".format;
local jid_node = require "prosody.util.jid".node;
local jid_split = require "prosody.util.jid".split;
local jid_resource = require "prosody.util.jid".resource;
core.moduleapi: Add :get_option_period for parsing time intervals E.g. for use in mod_mam and others that take an amount of time before some (usually cleanup) action is taken.
2 years ago
local human_io = require "prosody.util.human.io";
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
local t_insert, t_remove, t_concat = table.insert, table.remove, table.concat;
Eliminate direct setfenv usage
14 years ago
local error, setmetatable, type = error, setmetatable, type;
core.moduleapi: Fix some global accesses.
12 years ago
local ipairs, pairs, select = ipairs, pairs, select;
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
local tonumber, tostring = tonumber, tostring;
core.moduleapi: Use require instead of global to get storagemanager in module:open_store()
11 years ago
local require = require;
compat: Use table.pack (there since Lua 5.2) over our util.table Added in d278a770eddc avoid having to deal with its absence in Lua 5.1. No longer needed when Lua 5.1 support is dropped.
4 years ago
local pack = table.pack;
compat: Remove handling of Lua 5.1 location of 'unpack' function
4 years ago
local unpack = table.unpack;
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
local prosody = prosody;
local hosts = prosody.hosts;
moduleapi: assert() that prosody.core_post_stanza is not nil
13 years ago
-- FIXME: This assert() is to try and catch an obscure bug (2013-04-05)
local core_post_stanza = assert(prosody.core_post_stanza,
"prosody.core_post_stanza is nil, please report this as a bug");
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
-- Registry of shared module data
local shared_data = setmetatable({}, { __mode = "v" });
local NULL = {};
local api = {};
-- Returns the name of the current module
function api:get_name()
return self.name;
end
-- Returns the host that the current module is serving
function api:get_host()
return self.host;
end
function api:get_host_type()
moduleapi: module:get_host_type() now returns 'global' for * and 'local' for non-components
13 years ago
return (self.host == "*" and "global") or hosts[self.host].type or "local";
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
function api:set_global()
self.host = "*";
-- Update the logger
local _log = logger.init("mod_"..self.name);
moduleapi: Add luacheck annotation
11 years ago
self.log = function (self, ...) return _log(...); end; --luacheck: ignore self
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
self._log = _log;
moduleapi: Set module.global = true when module:set_global() is called
14 years ago
self.global = true;
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
function api:add_feature(xmlns)
self:add_item("feature", xmlns);
end
moduleapi: Minor variable renaming to avoid clashes with the 'type' function
11 years ago
function api:add_identity(category, identity_type, name)
self:add_item("identity", {category = category, type = identity_type, name = name});
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
function api:add_extension(data)
self:add_item("extension", data);
end
function api:fire_event(...)
return (hosts[self.host] or prosody).events.fire_event(...);
end
modulemanager, moduleapi: Replace hooks multitable with an event_handlers map stored in individual modules. Also adds module:hook_object_event() to hook events on any util.events compatible object.
14 years ago
function api:hook_object_event(object, event, handler, priority)
modulemanager, moduleapi: Turn module.event_handlers into a multitable and track object->event->handler associations correctly (thanks Zash)
14 years ago
self.event_handlers:set(object, event, handler, true);
modulemanager, moduleapi: Replace hooks multitable with an event_handlers map stored in individual modules. Also adds module:hook_object_event() to hook events on any util.events compatible object.
14 years ago
return object.add_handler(event, handler, priority);
end
moduleapi: Fix parameters to unhook_object_event()
14 years ago
function api:unhook_object_event(object, event, handler)
moduleapi: Clear self.event_handlers when unhooking an event, to prevent leaks
11 years ago
self.event_handlers:set(object, event, handler, nil);
moduleapi: Add module:unhook_object_event()
14 years ago
return object.remove_handler(event, handler);
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
function api:hook(event, handler, priority)
modulemanager, moduleapi: Replace hooks multitable with an event_handlers map stored in individual modules. Also adds module:hook_object_event() to hook events on any util.events compatible object.
14 years ago
return self:hook_object_event((hosts[self.host] or prosody).events, event, handler, priority);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
function api:hook_global(event, handler, priority)
modulemanager, moduleapi: Replace hooks multitable with an event_handlers map stored in individual modules. Also adds module:hook_object_event() to hook events on any util.events compatible object.
14 years ago
return self:hook_object_event(prosody.events, event, handler, priority);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
moduleapi: Rename module:hook_stanza() -> module:hook_tag() (hook_stanza works for compat)
14 years ago
function api:hook_tag(xmlns, name, handler, priority)
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if not handler and type(name) == "function" then
-- If only 2 options then they specified no xmlns
xmlns, name, handler, priority = nil, xmlns, name, handler;
elseif not (handler and name) then
core.moduleapi: Fix name of renamed API in log message hook_stanza was renamed hook_tag in 2012 in 2087d42f1e77 Why do we still have hook_stanza? Why is this only a warning anyway?
4 years ago
self:log("warn", "Error: Insufficient parameters to module:hook_tag()");
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
return;
end
core: Split some very long lines [luacheck]
9 years ago
return self:hook("stanza/"..(xmlns and (xmlns..":") or "")..name,
function (data) return handler(data.origin, data.stanza, data); end, priority);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
moduleapi: Rename module:hook_stanza() -> module:hook_tag() (hook_stanza works for compat)
14 years ago
api.hook_stanza = api.hook_tag; -- COMPAT w/pre-0.9
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
moduleapi: Add module:unhook()
12 years ago
function api:unhook(event, handler)
return self:unhook_object_event((hosts[self.host] or prosody).events, event, handler);
end
moduleapi: New methods for modules to conveniently wrap events
11 years ago
function api:wrap_object_event(events_object, event, handler)
return self:hook_object_event(assert(events_object.wrappers, "no wrappers"), event, handler);
end
function api:wrap_event(event, handler)
return self:wrap_object_event((hosts[self.host] or prosody).events, event, handler);
end
function api:wrap_global(event, handler)
moduleapi: Remove accidental use of undefined and unnecessary 'priority' variable
11 years ago
return self:hook_object_event(prosody.events, event, handler);
moduleapi: New methods for modules to conveniently wrap events
11 years ago
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
function api:require(lib)
core: Prefix module imports with prosody namespace
3 years ago
local modulemanager = require"prosody.core.modulemanager";
modulemanager, moduleapi: Switch to new pluginloader interface
4 years ago
local f, n = modulemanager.loader:load_code_ext(self.name, lib, "lib.lua", self.environment);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if not f then error("Failed to load plugin library '"..lib.."', error: "..n); end -- FIXME better error message
return f();
end
moduleapi: Allow soft dependencies via module:depends(mod, true)
10 months ago
function api:depends(name, soft)
core: Prefix module imports with prosody namespace
3 years ago
local modulemanager = require"prosody.core.modulemanager";
moduleapi: Prevent loading disabled module as dependency of enabled one Explicitly disabled module should stay disabled.
7 years ago
if self:get_option_inherited_set("modules_disabled", {}):contains(name) then
moduleapi: Allow soft dependencies via module:depends(mod, true)
10 months ago
if not soft then
error("Dependency on disabled module mod_"..name);
end
self:log("debug", "Not loading disabled soft dependency mod_%s", name);
return nil, "disabled";
moduleapi: Prevent loading disabled module as dependency of enabled one Explicitly disabled module should stay disabled.
7 years ago
end
moduleapi: Add module:depends(), a way to safely depend upon another module at runtime
14 years ago
if not self.dependencies then
self.dependencies = {};
self:hook("module-reloaded", function (event)
moduleapi: Don't auto-reload self when already reloading (fixes reload of modules with cyclic dependencies)
14 years ago
if self.dependencies[event.module] and not self.reloading then
moduleapi: Add module:depends(), a way to safely depend upon another module at runtime
14 years ago
self:log("info", "Auto-reloading due to reload of %s:%s", event.host, event.module);
modulemanager.reload(self.host, self.name);
return;
end
end);
self:hook("module-unloaded", function (event)
if self.dependencies[event.module] then
self:log("info", "Auto-unloading due to unload of %s:%s", event.host, event.module);
modulemanager.unload(self.host, self.name);
end
end);
end
local mod = modulemanager.get_module(self.host, name) or modulemanager.get_module("*", name);
moduleapi: module:depends(): Don't load shared modules onto the current host if the current host is '*'...
14 years ago
if mod and mod.module.host == "*" and self.host ~= "*"
and modulemanager.module_has_method(mod, "add_host") then
moduleapi: Clarify comment
14 years ago
mod = nil; -- Target is a shared module, so we still want to load it on our host
moduleapi: module:depends(): Load shared modules onto the current host even if they are loaded globally already
14 years ago
end
moduleapi: Add module:depends(), a way to safely depend upon another module at runtime
14 years ago
if not mod then
local err;
mod, err = modulemanager.load(self.host, name);
if not mod then
return error(("Unable to load required module, mod_%s: %s"):format(name, ((err or "unknown error"):gsub("%-", " ")) ));
end
end
self.dependencies[name] = true;
core.moduleapi: Record reverse dependencies Useful to know why a module was auto-loaded without having to dig trough all other modules for the one that depends on it.
3 years ago
if not mod.module.reverse_dependencies then
mod.module.reverse_dependencies = {};
end
mod.module.reverse_dependencies[self.name] = true;
moduleapi: Add module:depends(), a way to safely depend upon another module at runtime
14 years ago
return mod;
end
moduleapi: Remove multiple-parameters feature from module:shared() Multiple paths are rarely used, and leads to less clear code than just calling module:shared() once per shared table. It also prevents us from extending the API with new parameters in the future.
7 years ago
local function get_shared_table_from_path(module, tables, path)
if path:sub(1,1) ~= "/" then -- Prepend default components
local default_path_components = { module.host, module.name };
local n_components = select(2, path:gsub("/", "%1"));
path = (n_components<#default_path_components and "/" or "")
..t_concat(default_path_components, "/", 1, #default_path_components-n_components).."/"..path;
end
local shared = tables[path];
if not shared then
shared = {};
if path:match("%-cache$") then
setmetatable(shared, { __mode = "kv" });
moduleapi: Add module:shared(), a way to easily share data between multiple loaded modules
14 years ago
end
moduleapi: Remove multiple-parameters feature from module:shared() Multiple paths are rarely used, and leads to less clear code than just calling module:shared() once per shared table. It also prevents us from extending the API with new parameters in the future.
7 years ago
tables[path] = shared;
moduleapi: Add module:shared(), a way to easily share data between multiple loaded modules
14 years ago
end
moduleapi: Remove multiple-parameters feature from module:shared() Multiple paths are rarely used, and leads to less clear code than just calling module:shared() once per shared table. It also prevents us from extending the API with new parameters in the future.
7 years ago
return shared;
end
-- Returns a shared table at the specified virtual path
-- Intentionally does not allow the table to be _set_, it
-- is auto-created if it does not exist.
function api:shared(path)
if not self.shared_data then self.shared_data = {}; end
local shared = get_shared_table_from_path(self, shared_data, path);
self.shared_data[path] = shared;
return shared;
moduleapi: Add module:shared(), a way to easily share data between multiple loaded modules
14 years ago
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
function api:get_option(name, default_value)
core: Prefix module imports with prosody namespace
3 years ago
local config = require "prosody.core.configmanager";
core.*: Complete removal of all traces of the "core" section and section-related code.
13 years ago
local value = config.get(self.host, name);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if value == nil then
core.*: Complete removal of all traces of the "core" section and section-related code.
13 years ago
value = default_value;
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
return value;
end
core.moduleapi: Factor out code for getting a scalar config option
9 years ago
function api:get_option_scalar(name, default_value)
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
local value = self:get_option(name, default_value);
if type(value) == "table" then
if #value > 1 then
self:log("error", "Config option '%s' does not take a list, using just the first item", name);
end
value = value[1];
end
core.moduleapi: Factor out code for getting a scalar config option
9 years ago
return value;
end
function api:get_option_string(name, default_value)
local value = self:get_option_scalar(name, default_value);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if value == nil then
return nil;
end
return tostring(value);
end
core.moduleapi: Allow specifying an acceptable range for number options
4 years ago
function api:get_option_number(name, default_value, min, max)
local value = self:get_option_scalar(name, default_value);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
local ret = tonumber(value);
if value ~= nil and ret == nil then
self:log("error", "Config option '%s' not understood, expecting a number", name);
end
core.moduleapi: Allow specifying an acceptable range for number options
4 years ago
if ret == default_value then
-- skip interval checks for default or nil
return ret;
end
if min and ret < min then
self:log("warn", "Config option '%s' out of bounds %g < %g", name, ret, min);
return min;
end
if max and ret > max then
self:log("warn", "Config option '%s' out of bounds %g > %g", name, ret, max);
return max;
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
return ret;
end
moduleapi: Add :get_option_integer() Many options in Prosody that are treated as numbers don't make sense as floats, e.g. sizes and limits measured in bytes. Simplified implementation based on an earlier attempt dating back to 2020
2 years ago
function api:get_option_integer(name, default_value, min, max)
core.moduleapi: Fix min/maxinteger fallback for Lua 5.2 Maybe these should live in util.mathcompat?
2 years ago
local value = self:get_option_number(name, default_value, min or math.mininteger or -2 ^ 52, max or math.maxinteger or 2 ^ 53);
moduleapi: Add :get_option_integer() Many options in Prosody that are treated as numbers don't make sense as floats, e.g. sizes and limits measured in bytes. Simplified implementation based on an earlier attempt dating back to 2020
2 years ago
if value == default_value then
-- pass default trough unaltered, violates ranges sometimes
return value;
end
if math.type(value) == "float" then
self:log("warn", "Config option '%s' expected an integer, not a float (%g)", name, value)
return math.floor(value);
end
-- nil or an integer
return value;
end
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
function api:get_option_period(name, default_value, min, max)
core.moduleapi: Add :get_option_period for parsing time intervals E.g. for use in mod_mam and others that take an amount of time before some (usually cleanup) action is taken.
2 years ago
local value = self:get_option_scalar(name, default_value);
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
local ret;
if value == "never" or value == false then
core.moduleapi: Turn negative periods or "never" into infinity As a way to signal that the periodic thing should be disabled, matching existing mod_mam usage
2 years ago
-- usually for disabling some periodic thing
return math.huge;
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
elseif type(value) == "number" then
-- assume seconds
ret = value;
core.moduleapi: Improve handling of different types in :get_option_period Pass positive numbers trough unharmed, parse strings as periods, discard anything else.
2 years ago
elseif type(value) == "string" then
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
ret = human_io.parse_duration(value);
core.moduleapi: Improve handling of different types in :get_option_period Pass positive numbers trough unharmed, parse strings as periods, discard anything else.
2 years ago
if value ~= nil and ret == nil then
moduleapi: Log error message when ambiguous period spec is found in config
2 years ago
ret = human_io.parse_duration_lax(value);
if ret then
local num = value:match("%d+");
self:log("error", "Config option '%s' is set to ambiguous period '%s' - use full syntax e.g. '%s months' or '%s minutes'", name, value, num, num);
-- COMPAT: w/more relaxed behaviour in post-0.12 trunk. Return nil for this case too, eventually.
else
self:log("error", "Config option '%s' not understood, expecting a period (e.g. \"2 days\")", name);
return nil;
end
core.moduleapi: Improve handling of different types in :get_option_period Pass positive numbers trough unharmed, parse strings as periods, discard anything else.
2 years ago
end
core.moduleapi: Log error for unexpected types (booleans?) set as periods
2 years ago
elseif value ~= nil then
self:log("error", "Config option '%s' expects a number or a period description string (e.g. \"3 hours\"), not %s", name, type(value));
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
return nil;
else
return nil;
end
if ret < 0 then
self:log("debug", "Treating negative period as infinity");
return math.huge;
core.moduleapi: Add :get_option_period for parsing time intervals E.g. for use in mod_mam and others that take an amount of time before some (usually cleanup) action is taken.
2 years ago
end
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
core.moduleapi: Parse period min/max arguments Allows specifying them the same way as the default and in the config, for consistency
2 years ago
if type(min) == "string" then
min = human_io.parse_duration(min);
end
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
if min and ret < min then
self:log("warn", "Config option '%s' out of bounds %g < %g", name, ret, min);
return min;
end
core.moduleapi: Parse period min/max arguments Allows specifying them the same way as the default and in the config, for consistency
2 years ago
if type(max) == "string" then
max = human_io.parse_duration(max);
end
core.moduleapi: Add min/max range support to :get_option_period To match :get_option_number etc, specifying the allowed interval. Default is essentially (0, inf].
2 years ago
if max and ret > max then
self:log("warn", "Config option '%s' out of bounds %g > %g", name, ret, max);
return max;
end
return ret;
core.moduleapi: Add :get_option_period for parsing time intervals E.g. for use in mod_mam and others that take an amount of time before some (usually cleanup) action is taken.
2 years ago
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
function api:get_option_boolean(name, ...)
core.moduleapi: Factor out code for getting a scalar config option
9 years ago
local value = self:get_option_scalar(name, ...);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if value == nil then
return nil;
end
local ret = value == true or value == "true" or value == 1 or nil;
if ret == nil then
ret = (value == false or value == "false" or value == 0);
if ret then
ret = false;
else
ret = nil;
end
end
if ret == nil then
self:log("error", "Config option '%s' not understood, expecting true/false", name);
end
return ret;
end
function api:get_option_array(name, ...)
local value = self:get_option(name, ...);
if value == nil then
return nil;
end
Remove all trailing whitespace
13 years ago
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if type(value) ~= "table" then
return array{ value }; -- Assume any non-list is a single-item list
end
Remove all trailing whitespace
13 years ago
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
return array():append(value); -- Clone
end
function api:get_option_set(name, ...)
local value = self:get_option_array(name, ...);
Remove all trailing whitespace
13 years ago
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if value == nil then
return nil;
end
Remove all trailing whitespace
13 years ago
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
return set.new(value);
end
moduleapi: Add module:get_option_inherited_set() to return a set that inherits items from a globally set set, if set
13 years ago
function api:get_option_inherited_set(name, ...)
local value = self:get_option_set(name, ...);
local global_value = self:context("*"):get_option_set(name, ...);
if not value then
return global_value;
elseif not global_value then
return value;
end
value:include(global_value);
return value;
end
moduleapi: Add API method for getting a file path
10 years ago
function api:get_option_path(name, default, parent)
if parent == nil then
core.moduleapi: Remove redundant condition
7 years ago
parent = self:get_directory();
moduleapi: Add API method for getting a file path
10 years ago
elseif prosody.paths[parent] then
parent = prosody.paths[parent];
end
local value = self:get_option_string(name, default);
if value == nil then
return nil;
end
return resolve_relative_path(parent, value);
end
moduleapi: Add enum config option method For when a setting has a few fixed values it can take
5 years ago
function api:get_option_enum(name, default, ...)
local value = self:get_option_scalar(name, default);
if value == nil then return nil; end
local options = set.new{default, ...};
if not options:contains(value) then
self:log("error", "Config option '%s' not in set of allowed values (one of: %s)", name, options);
end
return value;
end
moduleapi: Add API method for getting a file path
10 years ago
moduleapi: Add module:context(host) to produce a fake API context for a given host (or global). module:context("*"):get_option("foo") to get global options.
13 years ago
function api:context(host)
core.moduleapi: Fix 'global' property via :context() - #1748 The 'global' property should reflect whether the module API instance represents the global context or a VirtualHost or Component context. However the module:context() method did not override this, leading the property of the previous module shining trough, leading to bugs in code relying on the 'global' property. See also #1736
4 years ago
return setmetatable({ host = host or "*", global = "*" == host }, { __index = self, __newindex = self });
moduleapi: Add module:context(host) to produce a fake API context for a given host (or global). module:context("*"):get_option("foo") to get global options.
13 years ago
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
function api:add_item(key, value)
self.items = self.items or {};
self.items[key] = self.items[key] or {};
t_insert(self.items[key], value);
self:fire_event("item-added/"..key, {source = self, item = value});
end
function api:remove_item(key, value)
local t = self.items and self.items[key] or NULL;
for i = #t,1,-1 do
if t[i] == value then
t_remove(self.items[key], i);
self:fire_event("item-removed/"..key, {source = self, item = value});
return value;
end
end
end
function api:get_host_items(key)
core: Prefix module imports with prosody namespace
3 years ago
local modulemanager = require"prosody.core.modulemanager";
moduleapi: have get_host_items wrap on get_items from modulemanager, also add has_{feature/identity} to the API.
13 years ago
local result = modulemanager.get_items(key, self.host) or {};
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
return result;
end
moduleapi: Minor variable renaming to avoid clashes with the 'type' function
11 years ago
function api:handle_items(item_type, added_cb, removed_cb, existing)
self:hook("item-added/"..item_type, added_cb);
self:hook("item-removed/"..item_type, removed_cb);
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
if existing ~= false then
core.moduleapi: Include source modules when handling items This improves consistency. Previously the 'source' field was only provided in the original event when an item was added. It is used to report the name of the module providing the item in a few places. Also considered adding a new API to modulemanager returning a mapping of items per module and then using that here.
12 months ago
local modulemanager = require"prosody.core.modulemanager";
local modules = modulemanager.get_modules(self.host);
for _, module in pairs(modules) do
local mod = module.module;
if mod.items and mod.items[item_type] then
for _, item in ipairs(mod.items[item_type]) do
added_cb({ source = mod; item = item });
end
end
modulemanager: Move in-module API functions to core.moduleapi (half the file size, yay)
14 years ago
end
end
end
moduleapi: Add module:provides(), a shortcut to add an item with the current module's name
14 years ago
function api:provides(name, item)
moduleapi: module:provides called without an item makes a copy of the environment instead. Fixes warnings about non-existent globals
13 years ago
-- if not item then item = setmetatable({}, { __index = function(t,k) return rawget(self.environment, k); end }); end
if not item then
item = {}
for k,v in pairs(self.environment) do
if k ~= "module" then item[k] = v; end
end
end
moduleapi: Add module:provides(), a shortcut to add an item with the current module's name
14 years ago
if not item.name then
moduleapi: module:provides(): Fix usage of wrong table
14 years ago
local item_name = self.name;
moduleapi: Add module:provides(), a shortcut to add an item with the current module's name
14 years ago
-- Strip a provider prefix to find the item name
-- (e.g. "auth_foo" -> "foo" for an auth provider)
moduleapi: Support stripping of multi-word from module names The goal is to allow module:provides("foo-bar") with a mod_foo_bar_ prefix being stripped. It will break any existing modules that use a prefix and have hyphens instead of underscores. No such modules are known.
4 years ago
if item_name:find((name:gsub("%-", "_")).."_", 1, true) == 1 then
moduleapi: Add module:provides(), a shortcut to add an item with the current module's name
14 years ago
item_name = item_name:sub(#name+2);
end
item.name = item_name;
end
moduleapi: in module:provides(), add the name of the module in item._provided_by
13 years ago
item._provided_by = self.name;
moduleapi: module:provides(): Add "-provider" onto the key name
14 years ago
self:add_item(name.."-provider", item);
moduleapi: Add module:provides(), a shortcut to add an item with the current module's name
14 years ago
end
moduleapi: Allow an origin session to be passed to module:send()
10 years ago
function api:send(stanza, origin)
return core_post_stanza(origin or hosts[self.host], stanza);
moduleapi: Add module:send() as an alias for core_post_stanza() from the current host's origin
14 years ago
end
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
function api:send_iq(stanza, origin, timeout)
local iq_cache = self._iq_cache;
if not iq_cache then
core.moduleapi: Move util imports to top
7 years ago
iq_cache = cache.new(256, function (_, iq)
core.moduleapi: Rename local name for util.error for consistency It's called 'errors' everywhere else except here.
6 years ago
iq.reject(errors.new({
core.moduleapi: Use util.error for :send_iq errors
7 years ago
type = "wait", condition = "resource-constraint",
text = "evicted from iq tracking cache"
}));
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
end);
self._iq_cache = iq_cache;
end
core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
6 years ago
local event_type;
core.moduleapi: Hook correct event type in some cases In rare cases, module.host can be a bare JID, in which case this test did the wrong thing.
6 years ago
if not jid_node(stanza.attr.from) then
core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
6 years ago
event_type = "host";
core.moduleapi: Enable full JID origin queries with module:send_iq() Since we don't currently have hooks that includes type and id here, we need to check those attributes in the handlers.
4 years ago
elseif jid_resource(stanza.attr.from) then
event_type = "full";
core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
6 years ago
else -- assume bare since we can't hook full jids
event_type = "bare";
end
local result_event = "iq-result/"..event_type.."/"..stanza.attr.id;
local error_event = "iq-error/"..event_type.."/"..stanza.attr.id;
local cache_key = event_type.."/"..stanza.attr.id;
core.moduleapi: Enable full JID origin queries with module:send_iq() Since we don't currently have hooks that includes type and id here, we need to check those attributes in the handlers.
4 years ago
if event_type == "full" then
result_event = "iq/" .. event_type;
error_event = "iq/" .. event_type;
end
core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
6 years ago
local p = promise.new(function (resolve, reject)
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
local function result_handler(event)
core.moduleapi: Enable full JID origin queries with module:send_iq() Since we don't currently have hooks that includes type and id here, we need to check those attributes in the handlers.
4 years ago
local response = event.stanza;
if response.attr.type == "result" and response.attr.from == stanza.attr.to and response.attr.id == stanza.attr.id then
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
resolve(event);
return true;
end
end
local function error_handler(event)
core.moduleapi: Enable full JID origin queries with module:send_iq() Since we don't currently have hooks that includes type and id here, we need to check those attributes in the handlers.
4 years ago
local response = event.stanza;
if response.attr.type == "error" and response.attr.from == stanza.attr.to and response.attr.id == stanza.attr.id then
core.moduleapi: Rename local name for util.error for consistency It's called 'errors' everywhere else except here.
6 years ago
reject(errors.from_stanza(event.stanza, event));
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
return true;
end
end
if iq_cache:get(cache_key) then
core.moduleapi: Rename local name for util.error for consistency It's called 'errors' everywhere else except here.
6 years ago
reject(errors.new({
core.moduleapi: Use util.error for :send_iq errors
7 years ago
type = "modify", condition = "conflict",
core.moduleapi: Uppercase "IQ stanza" for consistency It's written like that elsewhere in the send_iq method
6 years ago
text = "IQ stanza id attribute already used",
core.moduleapi: Use util.error for :send_iq errors
7 years ago
}));
return;
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
end
core.moduleapi: Ensure module:send_iq() handler priority over mod_iq To prevent a situation where you for whatever reason use a full JID that is currently online and the response ends up routed there instead of the module:send_iq() handlers.
4 years ago
self:hook(result_event, result_handler, 1);
self:hook(error_event, error_handler, 1);
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
local timeout_handle = self:add_timer(timeout or 120, function ()
core.moduleapi: Rename local name for util.error for consistency It's called 'errors' everywhere else except here.
6 years ago
reject(errors.new({
core.moduleapi: Use util.error for :send_iq errors
7 years ago
type = "wait", condition = "remote-server-timeout",
text = "IQ stanza timed out",
}));
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
end);
local ok = iq_cache:set(cache_key, {
reject = reject, resolve = resolve,
timeout_handle = timeout_handle,
result_handler = result_handler, error_handler = error_handler;
});
if not ok then
core.moduleapi: Rename local name for util.error for consistency It's called 'errors' everywhere else except here.
6 years ago
reject(errors.new({
core.moduleapi: Use util.error for :send_iq errors
7 years ago
type = "wait", condition = "internal-server-error",
text = "Could not store IQ tracking data"
}));
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
return;
end
moduleapi: Fix handling of replies to :send_iq from internal modules Unclear exactly why, but replies to some queries to local modules would be discarded by stanza_router. This appears to fix it.
6 years ago
local wrapped_origin = setmetatable({
-- XXX Needed in some cases for replies to work correctly when sending queries internally.
moduleapi: Rename argument to silence luacheck
6 years ago
send = function (reply)
core.moduleapi: Filter out unrelated direct replies to module:send_iq This is primarily something that happens with an internal query to mod_mam, which calls origin.send() several times with results, leading to the first such result being treated as the final response and resolving the promise. Now, these responses pass trough to the underlying origin.send(), where they can be caught. Tricky but not impossible. For remote queries, it's even trickier, you would likely need to bind a resource or similar.
4 years ago
if reply.name == stanza.name and reply.attr.id == stanza.attr.id then
resolve({ stanza = reply });
end
return (origin or hosts[self.host]).send(reply)
moduleapi: Fix handling of replies to :send_iq from internal modules Unclear exactly why, but replies to some queries to local modules would be discarded by stanza_router. This appears to fix it.
6 years ago
end;
}, {
__index = origin or hosts[self.host];
});
self:send(stanza, wrapped_origin);
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
end);
core.moduleapi: Restructure send_iq method for more atomic cleanup All cleanup in one spot instead of two, and at the end which fits with cleanup happening afterwards.
6 years ago
p:finally(function ()
local iq = iq_cache:get(cache_key);
if iq then
self:unhook(result_event, iq.result_handler);
self:unhook(error_event, iq.error_handler);
iq.timeout_handle:stop();
iq_cache:set(cache_key, nil);
end
end);
return p;
core.moduleapi: Add a promise-based API for tracking IQ stanzas (fixes #714)
7 years ago
end
moduleapi: Add module:broadcast() to send a stanza to a list of JIDs
11 years ago
function api:broadcast(jids, stanza, iter)
for jid in (iter or it.values)(jids) do
local new_stanza = st.clone(stanza);
new_stanza.attr.to = jid;
moduleapi: Use :send API from :broadcast for compactness
8 years ago
self:send(new_stanza);
moduleapi: Add module:broadcast() to send a stanza to a list of JIDs
11 years ago
end
end
core/moduleapi: Return timer object from module:add_timer
12 years ago
local timer_methods = { }
local timer_mt = {
__index = timer_methods;
}
function timer_methods:stop( )
timer.stop(self.id);
end
timer_methods.disarm = timer_methods.stop
function timer_methods:reschedule(delay)
timer.reschedule(self.id, delay)
end
moduleapi: Silence luacheck warning about unused 'id' parameter
10 years ago
local function timer_callback(now, id, t) --luacheck: ignore 212/id
core/moduleapi: Return timer object from module:add_timer
12 years ago
if t.module_env.loaded == false then return; end
return t.callback(now, unpack(t, 1, t.n));
end
function api:add_timer(delay, callback, ...)
local t = pack(...)
t.module_env = self;
t.callback = callback;
t.id = timer.add_task(delay, timer_callback, t);
return setmetatable(t, timer_mt);
moduleapi: Add module:add_timer(delay, callback) - automatically halts the timer on module unload
14 years ago
end
core.moduleapi: Add API for adding daily or hourly tasks via mod_cron
4 years ago
function api:cron(task_spec)
self:depends("cron");
self:add_item("task", task_spec);
end
function api:hourly(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "hourly"; run = fun });
end
function api:daily(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "daily"; run = fun });
end
mod_cron: Add a 'weekly' job frequency
4 years ago
function api:weekly(name, fun)
if type(name) == "function" then fun, name = name, nil; end
self:cron({ name = name; when = "weekly"; run = fun });
end
moduleapi: Add module:get_directory() to get module file's directory, and module:load_resource() to load a file relative to that directory
14 years ago
local path_sep = package.config:sub(1,1);
function api:get_directory()
core.moduleapi: Return resource path from module:get_directory() (API BC) :get_directory has so far returned the base directory of the current module source code. This has worked well so far to load resources which tend to be included in the same directory, but with the plugin installer using LuaRocks, extra resources (e.g. templates and other assets) these are saved in a completely different directory. In be73df6765b9 core.modulemanager gained some code for finding that directory and saving it in module.resource_path but now the question is how this should be reflected in the API. A survey of community modules suggest the vast majority use the :get_directory method for locating templates and other assets, rather than the code (which would use module:require instead). Therefore this commit changes :get_directory to return the resource_path when available. This should work for most modules.
5 years ago
return self.resource_path or self.path and (self.path:gsub("%"..path_sep.."[^"..path_sep.."]*$", "")) or nil;
moduleapi: Add module:get_directory() to get module file's directory, and module:load_resource() to load a file relative to that directory
14 years ago
end
function api:load_resource(path, mode)
core.moduleapi: Return resource path from module:get_directory() (API BC) :get_directory has so far returned the base directory of the current module source code. This has worked well so far to load resources which tend to be included in the same directory, but with the plugin installer using LuaRocks, extra resources (e.g. templates and other assets) these are saved in a completely different directory. In be73df6765b9 core.modulemanager gained some code for finding that directory and saving it in module.resource_path but now the question is how this should be reflected in the API. A survey of community modules suggest the vast majority use the :get_directory method for locating templates and other assets, rather than the code (which would use module:require instead). Therefore this commit changes :get_directory to return the resource_path when available. This should work for most modules.
5 years ago
path = resolve_relative_path(self:get_directory(), path);
moduleapi: Add module:get_directory() to get module file's directory, and module:load_resource() to load a file relative to that directory
14 years ago
return io.open(path, mode);
end
moduleapi: Minor variable renaming to avoid clashes with the 'type' function
11 years ago
function api:open_store(name, store_type)
mod_authz_internal, and more: New iteration of role API These changes to the API (hopefully the last) introduce a cleaner separation between the user's primary (default) role, and their secondary (optional) roles. To keep the code sane and reduce complexity, a data migration is needed for people using stored roles in 0.12. This can be performed with prosodyctl mod_authz_internal migrate <host>
3 years ago
if self.host == "*" then return nil, "global-storage-not-supported"; end
core: Prefix module imports with prosody namespace
3 years ago
return require"prosody.core.storagemanager".open(self.host, name or self.name, store_type);
moduleapi: Add module:open_store() as a front-end to storagemanager.open()
13 years ago
end
core.moduleapi: Allow passing a config table trough :measure
7 years ago
function api:measure(name, stat_type, conf)
core: Prefix module imports with prosody namespace
3 years ago
local measure = require "prosody.core.statsmanager".measure;
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
local fixed_label_key, fixed_label_value
if self.host ~= "*" then
fixed_label_key = "host"
fixed_label_value = self.host
moduleapi: Experimental API for modules to measure the rate+duration of events
11 years ago
end
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
-- new_legacy_metric takes care of scoping for us, as it does not accept
-- an array of labels
-- the prosody_ prefix is automatically added by statsmanager for legacy
-- metrics.
mod_admin_shell: List collected metrics in module:info Lets you know what to look for with stats:show()
4 years ago
self:add_item("measure", { name = name, type = stat_type, conf = conf });
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
return measure(stat_type, "mod_"..self.name.."/"..name, conf, fixed_label_key, fixed_label_value)
end
function api:metric(type_, name, unit, description, label_keys, conf)
core: Prefix module imports with prosody namespace
3 years ago
local metric = require "prosody.core.statsmanager".metric;
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
local is_scoped = self.host ~= "*"
core.moduleapi: Default labels to empty list to fix error if omitted In a host-scoped module in the `if is_scoped` clause the resulting `array:append(nil)` call throws.
1 year ago
label_keys = label_keys or {};
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
if is_scoped then
-- prepend `host` label to label keys if this is not a global module
local orig_labels = label_keys
label_keys = array { "host" }
label_keys:append(orig_labels)
end
local mf = metric(type_, "prosody_mod_"..self.name.."/"..name, unit, description, label_keys, conf)
mod_admin_shell: List collected metrics in module:info Lets you know what to look for with stats:show()
4 years ago
self:add_item("metric", { name = name, mf = mf });
Statistics: Rewrite statistics backends to use OpenMetrics The metric subsystem of Prosody has had some shortcomings from the perspective of the current state-of-the-art in metric observability. The OpenMetrics standard [0] is a formalization of the data model (and serialization format) of the well-known and widely-used Prometheus [1] software stack. The previous stats subsystem of Prosody did not map well to that format (see e.g. [2] and [3]); the key reason is that it was trying to do too much math on its own ([2]) while lacking first-class support for "families" of metrics ([3]) and structured metric metadata (despite the `extra` argument to metrics, there was no standard way of representing common things like "tags" or "labels"). Even though OpenMetrics has grown from the Prometheus world of monitoring, it maps well to other popular monitoring stacks such as: - InfluxDB (labels can be mapped to tags and fields as necessary) - Carbon/Graphite (labels can be attached to the metric name with dot-separation) - StatsD (see graphite when assuming that graphite is used as backend, which is the default) The util.statsd module has been ported to use the OpenMetrics model as a proof of concept. An implementation which exposes the util.statistics backend data as Prometheus metrics is ready for publishing in prosody-modules (most likely as mod_openmetrics_prometheus to avoid breaking existing 0.11 deployments). At the same time, the previous measure()-based API had one major advantage: It is really simple and easy to use without requiring lots of knowledge about OpenMetrics or similar concepts. For that reason as well as compatibility with existing code, it is preserved and may even be extended in the future. However, code relying on the `stats-updated` event as well as `get_stats` from `statsmanager` will break because the data model has changed completely; in case of `stats-updated`, the code will simply not run (as the event was renamed in order to avoid conflicts); the `get_stats` function has been removed completely (so it will cause a traceback when it is attempted to be used). Note that the measure_*_event methods have been removed from the module API. I was unable to find any uses or documentation and thus deemed they should not be ported. Re-implementation is possible when necessary. [0]: https://openmetrics.io/ [1]: https://prometheus.io/ [2]: #959 [3]: #960
5 years ago
if is_scoped then
-- make sure to scope the returned metric family to the current host
return mf:with_partial_label(self.host)
end
return mf
moduleapi: Experimental API for modules to measure the rate+duration of events
11 years ago
end
moduleapi: New API for modules to set a status
7 years ago
local status_priorities = { error = 3, warn = 2, info = 1, core = 0 };
function api:set_status(status_type, status_message, override)
local priority = status_priorities[status_type];
if not priority then
core.moduleapi: Fix passing variable to logging
3 years ago
self:log("error", "set_status: Invalid status type '%s', assuming 'info'", status_type);
moduleapi: New API for modules to set a status
7 years ago
status_type, priority = "info", status_priorities.info;
end
local current_priority = status_priorities[self.status_type] or 0;
-- By default an 'error' status can only be overwritten by another 'error' status
if (current_priority >= status_priorities.error and priority < current_priority and override ~= true)
or (override == false and current_priority > priority) then
moduleapi: Log suppressed status priority and message when not overriding
7 years ago
self:log("debug", "moduleapi: ignoring status [prio %d override %s]: %s", priority, override, status_message);
moduleapi: New API for modules to set a status
7 years ago
return;
end
self.status_type, self.status_message, self.status_time = status_type, status_message, time_now();
self:fire_event("module-status/updated", { name = self.name });
end
function api:log_status(level, msg, ...)
self:set_status(level, format(msg, ...));
return self:log(level, msg, ...);
end
function api:get_status()
return self.status_type, self.status_message, self.status_time;
end
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
function api:default_permission(role_name, permission)
permission = permission:gsub("^:", self.name..":");
moduleapi: Distribute permissions set from global modules to all hosts Roles and permissions will always happen in the context of a host. Prevents error upon indexing since `hosts["*"] == nil`
3 years ago
if self.host == "*" then
for _, host in pairs(hosts) do
if host.authz then
host.authz.add_default_permission(role_name, permission);
end
end
return
end
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
hosts[self.host].authz.add_default_permission(role_name, permission);
end
function api:default_permissions(role_name, permissions)
for _, permission in ipairs(permissions) do
self:default_permission(role_name, permission);
end
end
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
function api:could(action, context)
return self:may(action, context, true);
end
function api:may(action, context, peek)
core.moduleapi: Expand permission name ':' prefix earlier Ensures it applies to the context as string case Somehow this fixes everything
4 years ago
if action:byte(1) == 58 then -- action begins with ':'
action = self.name..action; -- prepend module name
end
moduleapi: may(): Support explicit actor_jid in context object
2 years ago
do
-- JID-based actor
local actor_jid = type(context) == "string" and context or context.actor_jid;
if actor_jid then -- check JID permissions
local role;
local node, host = jid_split(actor_jid);
if host == self.host then
role = hosts[host].authz.get_user_role(node);
else
role = hosts[self.host].authz.get_jid_role(actor_jid);
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
end
moduleapi: may(): Support explicit actor_jid in context object
2 years ago
if not role then
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);
end
return false;
end
local permit = role:may(action);
if not permit then
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", actor_jid, action, role.name);
end
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
end
moduleapi: may(): Support explicit actor_jid in context object
2 years ago
return permit;
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
end
end
moduleapi: may(): Support explicit actor_jid in context object
2 years ago
-- Session-based actor
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
local session = context.origin or context.session;
moduleapi: Stricter type check for actor in permission check Non-table but truthy values would trigger "attempt to index a foo value" on the next line otherwise
3 years ago
if type(session) ~= "table" then
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
error("Unable to identify actor session from context");
end
moduleapi: may: Fail early if a local session has no role assigned We expect every session to explicitly have a role assigned. Falling back to any kind of "default" role (even the user's default role) in the absence of an explicit role could open up the possibility of accidental privilege escalation.
3 years ago
if session.type == "c2s" and session.host == self.host then
local role = session.role;
if not role then
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
if not peek then
self:log("warn", "Access denied: session %s has no role assigned");
end
moduleapi: may: Fail early if a local session has no role assigned We expect every session to explicitly have a role assigned. Falling back to any kind of "default" role (even the user's default role) in the absence of an explicit role could open up the possibility of accidental privilege escalation.
3 years ago
return false;
end
local permit = role:may(action, context);
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
if not permit and not peek then
core.moduleapi: Check for local role-aware sessions before e.g. s2s The condition checked for s2sin but not s2sout, so would have ignored bidi-enabled s2sout sessions. Components as well.
3 years ago
self:log("debug", "Access denied: session %s (%s) may not %s (not permitted by role %s)",
moduleapi: may: Fail early if a local session has no role assigned We expect every session to explicitly have a role assigned. Falling back to any kind of "default" role (even the user's default role) in the absence of an explicit role could open up the possibility of accidental privilege escalation.
3 years ago
session.id, session.full_jid, action, role.name
core.moduleapi: Check for local role-aware sessions before e.g. s2s The condition checked for s2sin but not s2sout, so would have ignored bidi-enabled s2sout sessions. Components as well.
3 years ago
);
end
return permit;
else
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
local actor_jid = context.stanza.attr.from;
local role = hosts[self.host].authz.get_jid_role(actor_jid);
if not role then
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
if not peek then
self:log("debug", "Access denied: JID <%s> may not %s (no role found)", actor_jid, action);
end
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
return false;
end
local permit = role:may(action, context);
moduleapi: Add 'peek' to :may() and new :could() helper to suppress logging The current method logs scary "access denied" messages on failure - this is generally very useful when debugging access control stuff, but in some cases the call is simply a check to see if someone *could* perform an action, even if they haven't requested it yet. One example is determining whether to show the user as an admin in disco. The 'peek' parameter, if true, will suppress such logging. The :could() method is just a simple helper that can make the calling code a bit more readable (suggested by Zash).
3 years ago
if not permit and not peek then
Switch to a new role-based authorization framework, removing is_admin() We began moving away from simple "is this user an admin?" permission checks before 0.12, with the introduction of mod_authz_internal and the ability to dynamically change the roles of individual users. The approach in 0.12 still had various limitations however, and apart from the introduction of roles other than "admin" and the ability to pull that info from storage, not much actually changed. This new framework shakes things up a lot, though aims to maintain the same functionality and behaviour on the surface for a default Prosody configuration. That is, if you don't take advantage of any of the new features, you shouldn't notice any change. The biggest change visible to developers is that usermanager.is_admin() (and the auth provider is_admin() method) have been removed. Gone. Completely. Permission checks should now be performed using a new module API method: module:may(action_name, context) This method accepts an action name, followed by either a JID (string) or (preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g. the standard object passed to most events). It will return true if the action should be permitted, or false/nil otherwise. Modules should no longer perform permission checks based on the role name. E.g. a lot of code previously checked if the user's role was prosody:admin before permitting some action. Since many roles might now exist with similar permissions, and the permissions of prosody:admin may be redefined dynamically, it is no longer suitable to use this method for permission checks. Use module:may(). If you start an action name with ':' (recommended) then the current module's name will automatically be used as a prefix. To define a new permission, use the new module API: module:default_permission(role_name, action_name) module:default_permissions(role_name, { action_name[, action_name...] }) This grants the specified role permission to execute the named action(s) by default. This may be overridden via other mechanisms external to your module. The built-in roles that developers should use are: - prosody:user (normal user) - prosody:admin (host admin) - prosody:operator (global admin) The new prosody:operator role is intended for server-wide actions (such as shutting down Prosody). Finally, all usage of is_admin() in modules has been fixed by this commit. Some of these changes were trickier than others, but no change is expected to break existing deployments. EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's very possible nobody is using this, but if someone is then we can later update it to pull roles from LDAP somehow.
4 years ago
self:log("debug", "Access denied: JID <%s> may not %s (not permitted by role %s)", actor_jid, action, role.name);
end
return permit;
end
end
moduleapi: Add module:once() to execute a function after module load/startup It is a common pattern for modules to do something like check for prosody.start_time, and execute code immediately if it is present, or wait for the server-started event if it isn't yet. For example, this allows you to run code after all other modules/hosts have been loaded, that are going to be loaded. Such code can now be replaced with a simple call to this method.
3 years ago
-- Execute a function, once, but only after startup is complete
moduleapi: Rename :once() to :on_ready() for clarity 'Once' is ambiguous - once per what? on_ready() executes its parameter when the module is loaded *and* the server has finished starting.
2 years ago
function api:on_ready(f) --luacheck: ignore 212/self
moduleapi: Add module:once() to execute a function after module load/startup It is a common pattern for modules to do something like check for prosody.start_time, and execute code immediately if it is present, or wait for the server-started event if it isn't yet. For example, this allows you to run code after all other modules/hosts have been loaded, that are going to be loaded. Such code can now be replaced with a simple call to this method.
3 years ago
return prosody.started:next(f);
end
moduleapi: Rename :once() to :on_ready() for clarity 'Once' is ambiguous - once per what? on_ready() executes its parameter when the module is loaded *and* the server has finished starting.
2 years ago
-- COMPAT w/post 0.12 trunk
function api:once(f)
self:log("warn", "This module uses deprecated module:once() - switch to module:on_ready() or (better) expose function module.ready()");
return self:on_ready(f);
end
core.module{manager,api}: Fix for 010b141e91ed (Thanks v1ct0r)
11 years ago
return api;