+From b489d2017d046c305598a79e31127c26bc9a98fd Mon Sep 17 00:00:00 2001
+From: Badlop <badlop@process-one.net>
+Date: Fri, 7 Jun 2013 19:00:07 +0200
+Subject: [PATCH] New options access_get and access_set in mod_vcard, _ldap
+ and _odbc (EJAB-797)
+
+---
+ doc/guide.tex | 23 +++++++++++++++++++++--
+ src/mod_vcard.erl | 24 ++++++++++++++++--------
+ src/mod_vcard_ldap.erl | 45 +++++++++++++++++++++++++++------------------
+ 3 files changed, 64 insertions(+), 28 deletions(-)
+
diff --git a/doc/guide.tex b/doc/guide.tex
-index 5de409d..ac3dba8 100644
+index 71f88ee..d5bcfbb 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
-@@ -4052,6 +4052,17 @@ Options:
- \begin{description}
+@@ -4616,6 +4616,17 @@ Options:
\hostitem{vjud}
\iqdiscitem{\ns{vcard-temp}}
+ \dbtype
+\titem{access\_get}\ind{options!accessget} Access rule that defines
+ who is allowed to see vCard of local users.
+ If a rule returns `deny' on the requester
\titem{\{search, true|false\}}\ind{options!search}This option specifies whether the search
functionality is enabled or not
If disabled, the option \term{host} will be ignored and the
-@@ -4087,14 +4098,17 @@ Examples:
+@@ -4651,14 +4662,17 @@ Examples:
]}.
\end{verbatim}
\item The second situation differs in a way that search results are not limited,
...
]}.
\end{verbatim}
-@@ -4128,6 +4142,11 @@ consists of the following \modvcardldap{}-specific options:
+@@ -4696,6 +4710,11 @@ consists of the following \modvcardldap{}-specific options:
\begin{description}
\hostitem{vjud}
\iqdiscitem{\ns{vcard-temp}}
functionality is enabled (value: \term{true}) or disabled (value:
\term{false}). If disabled, the option \term{host} will be ignored and the
diff --git a/src/mod_vcard.erl b/src/mod_vcard.erl
-index 4384087..c54e8ea 100644
+index 3b70fe2..0629de6 100644
--- a/src/mod_vcard.erl
+++ b/src/mod_vcard.erl
-@@ -174,7 +174,9 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
+@@ -181,7 +181,9 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
case Type of
set ->
#jid{user = User, lserver = LServer} = From,
true ->
set_vcard(User, LServer, SubEl),
IQ#iq{type = result, sub_el = []};
-@@ -183,19 +185,28 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
+@@ -190,13 +192,19 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
end;
get ->
#jid{luser = LUser, lserver = LServer} = To,
-- US = {LUser, LServer},
-- F = fun() ->
-- mnesia:read({vcard, US})
-- end,
-- Els = case mnesia:transaction(F) of
-- {atomic, Rs} ->
-- lists:map(fun(R) ->
-- R#vcard.vcard
-- end, Rs);
-- {aborted, _Reason} ->
-- []
-- end,
-- IQ#iq{type = result, sub_el = Els}
-+ Access = gen_mod:get_module_opt(LServer, ?MODULE, access_get, all),
-+ case acl:match_rule(LServer, Access, From) of
-+ allow ->
-+ Els = get_vcard(LUser, LServer),
-+ IQ#iq{type = result, sub_el = Els};
-+ deny ->
-+ IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}
-+ end
-+ end.
-+
-+get_vcard(LUser, LServer) ->
-+ US = {LUser, LServer},
-+ F = fun() ->
-+ mnesia:read({vcard, US})
-+ end,
-+ case mnesia:transaction(F) of
-+ {atomic, Rs} ->
-+ lists:map(fun(R) ->
-+ R#vcard.vcard
-+ end, Rs);
-+ {aborted, _Reason} ->
-+ []
+- case get_vcard(LUser, LServer) of
+- error ->
+- IQ#iq{type = error,
+- sub_el = [SubEl, ?ERR_INTERNAL_SERVER_ERROR]};
+- Els ->
+- IQ#iq{type = result, sub_el = Els}
+- end
++ Access = gen_mod:get_module_opt(LServer, ?MODULE, access_get, all),
++ case acl:match_rule(LServer, Access, From) of
++ allow ->
++ case get_vcard(LUser, LServer) of
++ error ->
++ IQ#iq{type = error,
++ sub_el = [SubEl, ?ERR_INTERNAL_SERVER_ERROR]};
++ Els ->
++ IQ#iq{type = result, sub_el = Els}
++ end;
++ deny ->
++ IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}
++ end
end.
- set_vcard(User, LServer, VCARD) ->
+ get_vcard(LUser, LServer) ->
diff --git a/src/mod_vcard_ldap.erl b/src/mod_vcard_ldap.erl
-index f4078df..074bdf7 100644
+index d3e6077..b17b1a3 100644
--- a/src/mod_vcard_ldap.erl
+++ b/src/mod_vcard_ldap.erl
-@@ -241,38 +241,47 @@ process_local_iq(_From, _To, #iq{type = Type, lang = Lang, sub_el = SubEl} = IQ)
+@@ -242,38 +242,47 @@ process_local_iq(_From, _To, #iq{type = Type, lang = Lang, sub_el = SubEl} = IQ)
]}]}
end.
handle_call(get_state, _From, State) ->
{reply, {ok, State}, State};
handle_call(stop, _From, State) ->
-diff --git a/src/mod_vcard_odbc.erl b/src/mod_vcard_odbc.erl
-index 30c2888..d239823 100644
---- a/src/mod_vcard_odbc.erl
-+++ b/src/mod_vcard_odbc.erl
-@@ -138,7 +138,9 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
- case Type of
- set ->
- #jid{user = User, lserver = LServer} = From,
-- case lists:member(LServer, ?MYHOSTS) of
-+ Access = gen_mod:get_module_opt(LServer, ?MODULE, access_set, all),
-+ case lists:member(LServer, ?MYHOSTS) andalso
-+ (acl:match_rule(LServer, Access, From) == allow) of
- true ->
- set_vcard(User, LServer, SubEl),
- IQ#iq{type = result, sub_el = []};
-@@ -147,24 +149,34 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
- end;
- get ->
- #jid{luser = LUser, lserver = LServer} = To,
-- Username = ejabberd_odbc:escape(LUser),
-- case catch odbc_queries:get_vcard(LServer, Username) of
-- {selected, ["vcard"], [{SVCARD}]} ->
-- case xml_stream:parse_element(SVCARD) of
-- {error, _Reason} ->
-- IQ#iq{type = error,
-- sub_el = [SubEl, ?ERR_SERVICE_UNAVAILABLE]};
-- VCARD ->
-- IQ#iq{type = result, sub_el = [VCARD]}
-- end;
-- {selected, ["vcard"], []} ->
-- IQ#iq{type = result, sub_el = []};
-- _ ->
-- IQ#iq{type = error,
-- sub_el = [SubEl, ?ERR_INTERNAL_SERVER_ERROR]}
-+ Access = gen_mod:get_module_opt(LServer, ?MODULE, access_get, all),
-+ case acl:match_rule(LServer, Access, From) of
-+ allow ->
-+ get_vcard(LUser, LServer, SubEl, IQ);
-+ deny ->
-+ IQ#iq{type = error, sub_el = [SubEl, ?ERR_NOT_ALLOWED]}
- end
- end.
-
-+get_vcard(LUser, LServer, SubEl, IQ) ->
-+ Username = ejabberd_odbc:escape(LUser),
-+ case catch odbc_queries:get_vcard(LServer, Username) of
-+ {selected, ["vcard"], [{SVCARD}]} ->
-+ case xml_stream:parse_element(SVCARD) of
-+ {error, _Reason} ->
-+ IQ#iq{type = error,
-+ sub_el = [SubEl, ?ERR_SERVICE_UNAVAILABLE]};
-+ VCARD ->
-+ IQ#iq{type = result, sub_el = [VCARD]}
-+ end;
-+ {selected, ["vcard"], []} ->
-+ IQ#iq{type = result, sub_el = []};
-+ _ ->
-+ IQ#iq{type = error,
-+ sub_el = [SubEl, ?ERR_INTERNAL_SERVER_ERROR]}
-+ end.
-+
-+
- set_vcard(User, LServer, VCARD) ->
- FN = xml:get_path_s(VCARD, [{elem, "FN"}, cdata]),
- Family = xml:get_path_s(VCARD, [{elem, "N"}, {elem, "FAMILY"}, cdata]),
+--
+1.7.10.4
+
projects / packages / ejabberd.git / blobdiff