view mod_pubsub_github/mod_pubsub_github.lua @ 6214:cc5c0f1dc89b

mod_muc_anonymize_moderation_actions: Fix mentioning Virtualhost for MUC, Compatibility section and License. diff --git a/mod_muc_anonymize_moderation_actions/README.md b/mod_muc_anonymize_moderation_actions/README.md --- a/mod_muc_anonymize_moderation_actions/README.md +++ b/mod_muc_anonymize_moderation_actions/README.md @@ -1,8 +1,10 @@ -<!-- -SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/> -SPDX-License-Identifier: AGPL-3.0-only ---> -# mod_muc_anonymize_moderation_actions +--- +labels: +- 'Stage-Alpha' +summary: Anonymize moderator actions for participants +--- + +## Introduction This modules allows to anonymize affiliation and role changes in MUC rooms. @@ -11,13 +13,10 @@ When the feature is enabled, when a mode This is particularly usefull to prevent some revenge when a moderator bans someone. -This module is under AGPL-3.0 license. - -It was tested on Prosody 0.12.x. ## Configuration -Just enable the module on your MUC VirtualHost. +Just enable the module on your MUC Component. The feature will be accessible throught the room configuration form. You can tweak the position of the settings in the MUC configuration form using `anonymize_moderation_actions_form_position`. @@ -26,7 +25,20 @@ This value will be passed as priority fo By default, the field will be between muc#roomconfig_changesubject and muc#roomconfig_moderatedroom (default value is `78`). ``` lua -VirtualHost "muc.example.com" +Component "muc.example.com" "muc" modules_enabled = { "muc_anonymize_moderation_actions" } anonymize_moderation_actions_form_position = 96 ``` + +## Compatibility + + ------ ---------------------- + trunk Works as of 25-05-12 + 0.13 Works + 0.12 Works + ------ ---------------------- + +### License + +SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/> +SPDX-License-Identifier: AGPL-3.0-only
author Menel <menel@snikket.de>
date Mon, 12 May 2025 10:42:26 +0200
parents 3bece2db869c
children
line wrap: on
line source

module:depends("http");

local st = require "util.stanza";
local json = require "util.json";
local hashes = require "util.hashes";
local from_hex = require "util.hex".from;
local hmacs = {
	sha1 = hashes.hmac_sha1;
	sha256 = hashes.hmac_sha256;
	sha384 = hashes.hmac_sha384;
	sha512 = hashes.hmac_sha512;
};

local pubsub_service = module:depends("pubsub").service;

-- configuration
local default_node = module:get_option("github_node", "github");
local node_prefix = module:get_option_string("github_node_prefix", "github/");
local node_mapping = module:get_option_string("github_node_mapping");
local github_actor = module:get_option_string("github_actor") or true;
local github_secret = module:get_option("github_secret");

-- validation
assert(github_secret, "Please set 'github_secret'");

local error_mapping = {
	["forbidden"] = 403;
	["item-not-found"] = 404;
	["internal-server-error"] = 500;
	["conflict"] = 409;
};

local function verify_signature(secret, body, signature)
	if not signature then return false; end
	local algo, digest = signature:match("^([^=]+)=(%x+)");
	if not algo then return false; end
	local hmac = hmacs[algo];
	if not algo then return false; end
	return hmac(secret, body) == from_hex(digest);
end

function handle_POST(event)
	local request, response = event.request, event.response;

	if not verify_signature(github_secret, request.body, request.headers.x_hub_signature) then
		module:log("debug", "Signature validation failed");
		return 401;
	end

	local data = json.decode(request.body);
	if not data then
		response.status_code = 400;
		return "Invalid JSON. From you of all people...";
	end

	local node = default_node;
	if node_mapping then
		node = node_prefix .. data.repository[node_mapping];
	end

	local github_event = request.headers.x_github_event or data.object_kind;
	if not github_event and data.commits then
		github_event = "push"; -- curl?
	end
	module:log("debug", "Handling '%s' event: \n%s\n", github_event, tostring(request.body));

	if github_event == "push" then

		for _, commit in ipairs(data.commits) do
			local ok, err = pubsub_service:publish(node, github_actor, commit.id,
				st.stanza("item", { id = commit.id, xmlns = "http://jabber.org/protocol/pubsub" })
				:tag("entry", { xmlns = "http://www.w3.org/2005/Atom" })
					:tag("id"):text(commit.id):up()
					:tag("title"):text(commit.message:match("^[^\r\n]*")):up()
					:tag("summary"):text(("Commit to %s by %s: %s"):format(data.repository.name, commit.author.name, commit.message:match("^[^\r\n]*"))):up()
					:tag("content"):text(commit.message):up()
					:tag("link", { rel = "alternate", href = commit.url }):up()
					:tag("published"):text(commit.author.date):up()
					:tag("author")
						:tag("name"):text(commit.author.name):up()
						:tag("email"):text(commit.author.email):up()
						:up()
			);
			if not ok then
				return error_mapping[err] or 500;
			end
		end

	elseif github_event then
		module:log("debug", "Unsupported Github event %q", github_event);
		return 501;
	end

	response.status_code = 202;
	return "Thank you Github!";
end

module:provides("http", {
	route = {
		POST = handle_POST;
	};
});

if not node_mapping then
	function module.load()
		if not pubsub_service.nodes[default_node] then
			local ok, err = pubsub_service:create(default_node, true);
			if not ok then
				module:log("error", "Error creating node: %s", err);
			else
				module:log("debug", "Node %q created", default_node);
			end
		end
	end
end