Mercurial > prosody-hg
comparison plugins/mod_admin_adhoc.lua @ 11632:21a1b9fb08a1
mod_admin_adhoc: Delete "Get User Password" command
This doesn't really make sense today. It doesn't even work with
mod_auth_internal_hashed, which should be the default. And even with a
supporting authentication module, why would we just hand out the
password? One use case may be to recover a forgotten password. While not
yet included with Prosody, there are better ways to handle forgotten
passwords, usually by resetting them to a new password.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 27 Jun 2021 21:51:21 +0200 |
| parents | 46b456ed12bd |
| children | 77e38ea34d82 |
comparison
equal
deleted
inserted
replaced
| 11631:6641ca266d94 | 11632:21a1b9fb08a1 |
|---|---|
| 16 | 16 |
| 17 local keys = require "util.iterators".keys; | 17 local keys = require "util.iterators".keys; |
| 18 local usermanager_user_exists = require "core.usermanager".user_exists; | 18 local usermanager_user_exists = require "core.usermanager".user_exists; |
| 19 local usermanager_create_user = require "core.usermanager".create_user; | 19 local usermanager_create_user = require "core.usermanager".create_user; |
| 20 local usermanager_delete_user = require "core.usermanager".delete_user; | 20 local usermanager_delete_user = require "core.usermanager".delete_user; |
| 21 local usermanager_get_password = require "core.usermanager".get_password; | |
| 22 local usermanager_set_password = require "core.usermanager".set_password; | 21 local usermanager_set_password = require "core.usermanager".set_password; |
| 23 local hostmanager_activate = require "core.hostmanager".activate; | 22 local hostmanager_activate = require "core.hostmanager".activate; |
| 24 local hostmanager_deactivate = require "core.hostmanager".deactivate; | 23 local hostmanager_deactivate = require "core.hostmanager".deactivate; |
| 25 local rm_load_roster = require "core.rostermanager".load_roster; | 24 local rm_load_roster = require "core.rostermanager".load_roster; |
| 26 local st, jid = require "util.stanza", require "util.jid"; | 25 local st, jid = require "util.stanza", require "util.jid"; |
| 189 end | 188 end |
| 190 return {status = "completed", info = (#succeeded ~= 0 and | 189 return {status = "completed", info = (#succeeded ~= 0 and |
| 191 "The following accounts were successfully disconnected:\n"..t_concat(succeeded, "\n").."\n" or "").. | 190 "The following accounts were successfully disconnected:\n"..t_concat(succeeded, "\n").."\n" or "").. |
| 192 (#failed ~= 0 and | 191 (#failed ~= 0 and |
| 193 "The following accounts could not be disconnected:\n"..t_concat(failed, "\n") or "") }; | 192 "The following accounts could not be disconnected:\n"..t_concat(failed, "\n") or "") }; |
| 194 end); | |
| 195 | |
| 196 -- Getting a user's password | |
| 197 local get_user_password_layout = dataforms_new{ | |
| 198 title = "Getting User's Password"; | |
| 199 instructions = "Fill out this form to get a user's password."; | |
| 200 | |
| 201 { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" }; | |
| 202 { name = "accountjid", type = "jid-single", required = true, label = "The Jabber ID for which to retrieve the password" }; | |
| 203 }; | |
| 204 | |
| 205 local get_user_password_result_layout = dataforms_new{ | |
| 206 { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" }; | |
| 207 { name = "accountjid", type = "jid-single", label = "JID" }; | |
| 208 { name = "password", type = "text-single", label = "Password" }; | |
| 209 }; | |
| 210 | |
| 211 local get_user_password_handler = adhoc_simple(get_user_password_layout, function(fields, err) | |
| 212 if err then | |
| 213 return generate_error_message(err); | |
| 214 end | |
| 215 local user, host = jid.split(fields.accountjid); | |
| 216 local accountjid; | |
| 217 local password; | |
| 218 if host ~= module_host then | |
| 219 return { status = "completed", error = { message = "Tried to get password for a user on " .. host .. " but command was sent to " .. module_host } }; | |
| 220 elseif usermanager_user_exists(user, host) then | |
| 221 accountjid = fields.accountjid; | |
| 222 password = usermanager_get_password(user, host); | |
| 223 else | |
| 224 return { status = "completed", error = { message = "User does not exist" } }; | |
| 225 end | |
| 226 return { status = "completed", result = { layout = get_user_password_result_layout, values = {accountjid = accountjid, password = password} } }; | |
| 227 end); | 193 end); |
| 228 | 194 |
| 229 -- Getting a user's roster | 195 -- Getting a user's roster |
| 230 local get_user_roster_layout = dataforms_new{ | 196 local get_user_roster_layout = dataforms_new{ |
| 231 { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" }; | 197 { name = "FORM_TYPE", type = "hidden", value = "http://jabber.org/protocol/admin" }; |
| 825 local add_user_desc = adhoc_new("Add User", "http://jabber.org/protocol/admin#add-user", add_user_command_handler, "admin"); | 791 local add_user_desc = adhoc_new("Add User", "http://jabber.org/protocol/admin#add-user", add_user_command_handler, "admin"); |
| 826 local change_user_password_desc = adhoc_new("Change User Password", "http://jabber.org/protocol/admin#change-user-password", change_user_password_command_handler, "admin"); | 792 local change_user_password_desc = adhoc_new("Change User Password", "http://jabber.org/protocol/admin#change-user-password", change_user_password_command_handler, "admin"); |
| 827 local config_reload_desc = adhoc_new("Reload configuration", "http://prosody.im/protocol/config#reload", config_reload_handler, "global_admin"); | 793 local config_reload_desc = adhoc_new("Reload configuration", "http://prosody.im/protocol/config#reload", config_reload_handler, "global_admin"); |
| 828 local delete_user_desc = adhoc_new("Delete User", "http://jabber.org/protocol/admin#delete-user", delete_user_command_handler, "admin"); | 794 local delete_user_desc = adhoc_new("Delete User", "http://jabber.org/protocol/admin#delete-user", delete_user_command_handler, "admin"); |
| 829 local end_user_session_desc = adhoc_new("End User Session", "http://jabber.org/protocol/admin#end-user-session", end_user_session_handler, "admin"); | 795 local end_user_session_desc = adhoc_new("End User Session", "http://jabber.org/protocol/admin#end-user-session", end_user_session_handler, "admin"); |
| 830 local get_user_password_desc = adhoc_new("Get User Password", "http://jabber.org/protocol/admin#get-user-password", get_user_password_handler, "admin"); | |
| 831 local get_user_roster_desc = adhoc_new("Get User Roster","http://jabber.org/protocol/admin#get-user-roster", get_user_roster_handler, "admin"); | 796 local get_user_roster_desc = adhoc_new("Get User Roster","http://jabber.org/protocol/admin#get-user-roster", get_user_roster_handler, "admin"); |
| 832 local get_user_stats_desc = adhoc_new("Get User Statistics","http://jabber.org/protocol/admin#user-stats", get_user_stats_handler, "admin"); | 797 local get_user_stats_desc = adhoc_new("Get User Statistics","http://jabber.org/protocol/admin#user-stats", get_user_stats_handler, "admin"); |
| 833 local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users-list", get_online_users_command_handler, "admin"); | 798 local get_online_users_desc = adhoc_new("Get List of Online Users", "http://jabber.org/protocol/admin#get-online-users-list", get_online_users_command_handler, "admin"); |
| 834 local list_s2s_this_desc = adhoc_new("List S2S connections", "http://prosody.im/protocol/s2s#list", list_s2s_this_handler, "admin"); | 799 local list_s2s_this_desc = adhoc_new("List S2S connections", "http://prosody.im/protocol/s2s#list", list_s2s_this_handler, "admin"); |
| 835 local list_modules_desc = adhoc_new("List loaded modules", "http://prosody.im/protocol/modules#list", list_modules_handler, "admin"); | 800 local list_modules_desc = adhoc_new("List loaded modules", "http://prosody.im/protocol/modules#list", list_modules_handler, "admin"); |
| 846 module:provides("adhoc", add_user_desc); | 811 module:provides("adhoc", add_user_desc); |
| 847 module:provides("adhoc", change_user_password_desc); | 812 module:provides("adhoc", change_user_password_desc); |
| 848 module:provides("adhoc", config_reload_desc); | 813 module:provides("adhoc", config_reload_desc); |
| 849 module:provides("adhoc", delete_user_desc); | 814 module:provides("adhoc", delete_user_desc); |
| 850 module:provides("adhoc", end_user_session_desc); | 815 module:provides("adhoc", end_user_session_desc); |
| 851 module:provides("adhoc", get_user_password_desc); | |
| 852 module:provides("adhoc", get_user_roster_desc); | 816 module:provides("adhoc", get_user_roster_desc); |
| 853 module:provides("adhoc", get_user_stats_desc); | 817 module:provides("adhoc", get_user_stats_desc); |
| 854 module:provides("adhoc", get_online_users_desc); | 818 module:provides("adhoc", get_online_users_desc); |
| 855 module:provides("adhoc", list_s2s_this_desc); | 819 module:provides("adhoc", list_s2s_this_desc); |
| 856 module:provides("adhoc", list_modules_desc); | 820 module:provides("adhoc", list_modules_desc); |
