Mercurial > prosody-hg
comparison core/usermanager.lua @ 3159:b01a699ddf64
Merge backout
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Fri, 04 Jun 2010 11:59:27 +0100 |
| parents | 90a98a6b52ac 3d42e0092888 |
| children | 9064dd006b21 |
comparison
equal
deleted
inserted
replaced
| 3152:c6091977624b | 3159:b01a699ddf64 |
|---|---|
| 44 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end | 44 local function is_cyrus(host) return config.get(host, "core", "sasl_backend") == "cyrus"; end |
| 45 | 45 |
| 46 function new_default_provider(host) | 46 function new_default_provider(host) |
| 47 local provider = { name = "default" }; | 47 local provider = { name = "default" }; |
| 48 | 48 |
| 49 function provider:test_password(username, password) | 49 function provider.test_password(username, password) |
| 50 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end | 50 if is_cyrus(host) then return nil, "Legacy auth not supported with Cyrus SASL."; end |
| 51 local credentials = datamanager.load(username, host, "accounts") or {}; | 51 local credentials = datamanager.load(username, host, "accounts") or {}; |
| 52 | 52 |
| 53 if password == credentials.password then | 53 if password == credentials.password then |
| 54 return true; | 54 return true; |
| 55 else | 55 else |
| 56 return nil, "Auth failed. Invalid username or password."; | 56 return nil, "Auth failed. Invalid username or password."; |
| 57 end | 57 end |
| 58 end | 58 end |
| 59 | 59 |
| 60 function provider:get_password(username) | 60 function provider.get_password(username) |
| 61 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end | 61 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
| 62 return (datamanager.load(username, host, "accounts") or {}).password; | 62 return (datamanager.load(username, host, "accounts") or {}).password; |
| 63 end | 63 end |
| 64 | 64 |
| 65 function provider:set_password(username, password) | 65 function provider.set_password(username, password) |
| 66 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end | 66 if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end |
| 67 local account = datamanager.load(username, host, "accounts"); | 67 local account = datamanager.load(username, host, "accounts"); |
| 68 if account then | 68 if account then |
| 69 account.password = password; | 69 account.password = password; |
| 70 return datamanager.store(username, host, "accounts", account); | 70 return datamanager.store(username, host, "accounts", account); |
| 71 end | 71 end |
| 72 return nil, "Account not available."; | 72 return nil, "Account not available."; |
| 73 end | 73 end |
| 74 | 74 |
| 75 function provider:user_exists(username) | 75 function provider.user_exists(username) |
| 76 if not(require_provisioning) and is_cyrus(host) then return true; end | 76 if not(require_provisioning) and is_cyrus(host) then return true; end |
| 77 local account, err = datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials | 77 local account, err = datamanager.load(username, host, "accounts") ~= nil; -- FIXME also check for empty credentials |
| 78 return (account or err) ~= nil; -- FIXME also check for empty credentials | 78 return (account or err) ~= nil; -- FIXME also check for empty credentials |
| 79 end | 79 end |
| 80 | 80 |
| 81 function provider:create_user(username, password) | 81 function provider.create_user(username, password) |
| 82 if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end | 82 if not(require_provisioning) and is_cyrus(host) then return nil, "Account creation/modification not available with Cyrus SASL."; end |
| 83 return datamanager.store(username, host, "accounts", {password = password}); | 83 return datamanager.store(username, host, "accounts", {password = password}); |
| 84 end | 84 end |
| 85 | 85 |
| 86 function provider:get_supported_methods() | 86 function provider.get_supported_methods() |
| 87 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config | 87 return {["PLAIN"] = true, ["DIGEST-MD5"] = true}; -- TODO this should be taken from the config |
| 88 end | 88 end |
| 89 | 89 |
| 90 function provider:is_admin(jid) | 90 function provider.is_admin(jid) |
| 91 local admins = config.get(host, "core", "admins"); | 91 local admins = config.get(host, "core", "admins"); |
| 92 if admins ~= config.get("*", "core", "admins") then | 92 if admins ~= config.get("*", "core", "admins") then |
| 93 if type(admins) == "table" then | 93 if type(admins) == "table" then |
| 94 jid = jid_bare(jid); | 94 jid = jid_bare(jid); |
| 95 for _,admin in ipairs(admins) do | 95 for _,admin in ipairs(admins) do |
| 103 end | 103 end |
| 104 return provider; | 104 return provider; |
| 105 end | 105 end |
| 106 | 106 |
| 107 function validate_credentials(host, username, password, method) | 107 function validate_credentials(host, username, password, method) |
| 108 return hosts[host].users:test_password(username, password); | 108 return hosts[host].users.test_password(username, password); |
| 109 end | 109 end |
| 110 | 110 |
| 111 function get_password(username, host) | 111 function get_password(username, host) |
| 112 return hosts[host].users:get_password(username); | 112 return hosts[host].users.get_password(username); |
| 113 end | 113 end |
| 114 | 114 |
| 115 function set_password(username, host, password) | 115 function set_password(username, host, password) |
| 116 return hosts[host].users:set_password(username, password); | 116 return hosts[host].users.set_password(username, password); |
| 117 end | 117 end |
| 118 | 118 |
| 119 function user_exists(username, host) | 119 function user_exists(username, host) |
| 120 return hosts[host].users:user_exists(username); | 120 return hosts[host].users.user_exists(username); |
| 121 end | 121 end |
| 122 | 122 |
| 123 function create_user(username, password, host) | 123 function create_user(username, password, host) |
| 124 return hosts[host].users:create_user(username, password); | 124 return hosts[host].users.create_user(username, password); |
| 125 end | 125 end |
| 126 | 126 |
| 127 function get_supported_methods(host) | 127 function get_supported_methods(host) |
| 128 return hosts[host].users:get_supported_methods(); | 128 return hosts[host].users.get_supported_methods(); |
| 129 end | 129 end |
| 130 | 130 |
| 131 function is_admin(jid, host) | 131 function is_admin(jid, host) |
| 132 if host and host ~= "*" then | 132 if host and host ~= "*" then |
| 133 return hosts[host].users:is_admin(jid); | 133 return hosts[host].users.is_admin(jid); |
| 134 else -- Test only whether this JID is a global admin | 134 else -- Test only whether this JID is a global admin |
| 135 local admins = config.get("*", "core", "admins"); | 135 local admins = config.get("*", "core", "admins"); |
| 136 if type(admins) == "table" then | 136 if type(admins) == "table" then |
| 137 jid = jid_bare(jid); | 137 jid = jid_bare(jid); |
| 138 for _,admin in ipairs(admins) do | 138 for _,admin in ipairs(admins) do |
