Mercurial > prosody-modules
comparison mod_protect_last_admin/mod_protect_last_admin.lua @ 6327:4f6fb56572f7
mod_protect_last_admin: Return util.error object to provide more information
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 29 Sep 2025 21:28:18 +0100 |
| parents | 2623515d8507 |
| children | 187b957dc528 |
comparison
equal
deleted
inserted
replaced
| 6326:2623515d8507 | 6327:4f6fb56572f7 |
|---|---|
| 3 local um = require "prosody.core.usermanager"; | 3 local um = require "prosody.core.usermanager"; |
| 4 | 4 |
| 5 local set = require "prosody.util.set"; | 5 local set = require "prosody.util.set"; |
| 6 | 6 |
| 7 local protected_roles = module:get_option_set("protect_last_admin_roles", { "prosody:admin", "prosody:operator" }); | 7 local protected_roles = module:get_option_set("protect_last_admin_roles", { "prosody:admin", "prosody:operator" }); |
| 8 | |
| 9 local errors = require "prosody.util.error".init(module.name, { | |
| 10 ["cannot-remove-only-admin"] = { | |
| 11 code = 400; | |
| 12 type = "cancel"; | |
| 13 condition = "policy-violation"; | |
| 14 text = "Cannot remove the only administrator"; | |
| 15 extra = { | |
| 16 namespace = "https://prosody.im/protocol/errors"; | |
| 17 condition = "cannot-remove-only-admin"; | |
| 18 }; | |
| 19 }; | |
| 20 }); | |
| 8 | 21 |
| 9 local function other_protected_users(username, host) | 22 local function other_protected_users(username, host) |
| 10 local protected_users = set.new(); | 23 local protected_users = set.new(); |
| 11 for protected_role in protected_roles do | 24 for protected_role in protected_roles do |
| 12 local users = um.get_users_with_role(protected_role, host); | 25 local users = um.get_users_with_role(protected_role, host); |
| 37 module:log("debug", "Permitting event, role %s is not protected", current_role.name); | 50 module:log("debug", "Permitting event, role %s is not protected", current_role.name); |
| 38 return; -- This is not a protected user | 51 return; -- This is not a protected user |
| 39 end | 52 end |
| 40 | 53 |
| 41 if not other_protected_users(username, host) then | 54 if not other_protected_users(username, host) then |
| 42 event.reason = "Cannot remove the only administrator"; | 55 event.reason = errors.new("cannot-remove-only-admin"); |
| 43 return false; | 56 return false; |
| 44 end | 57 end |
| 45 module:log("debug", "Permitting event, no reason not to!"); | 58 module:log("debug", "Permitting event, no reason not to!"); |
| 46 end | 59 end |
| 47 | 60 |
