-include("ejabberd.hrl").
-include("logger.hrl").
+-define(POLICY_ACCESS, '$policy').
init() ->
ets:new(ejabberd_commands, [named_table, set, public,
_ -> throw({error, invalid_account_data})
end.
-check_access(Command, all, _)
+check_access(Command, ?POLICY_ACCESS, _)
when Command#ejabberd_commands.policy == open ->
true;
check_access(_Command, _Access, admin) ->
check_access(_Command, _Access, {_User, _Server, _, true}) ->
false;
check_access(Command, Access, Auth)
- when Access =/= all;
+ when Access =/= ?POLICY_ACCESS;
Command#ejabberd_commands.policy == open;
Command#ejabberd_commands.policy == user ->
case check_auth(Command, Auth) of
check_access(_Command, _Access, _Auth) ->
false.
+check_access2(?POLICY_ACCESS, _User, _Server) ->
+ true;
check_access2(Access, User, Server) ->
%% Check this user has access permission
case acl:match_rule(Server, Access, jlib:make_jid(User, Server, <<"">>)) of
Args).
+get_access_commands(unrestricted) ->
+ [];
get_access_commands(undefined) ->
Cmds = get_commands(),
- [{all, Cmds, []}];
+ [{?POLICY_ACCESS, Cmds, []}];
get_access_commands(AccessCommands) ->
AccessCommands.
%% -----------------------------
process(_, #request{method = 'POST', data = Data, opts = Opts}) ->
AccessCommandsOpts = gen_mod:get_opt(access_commands, Opts,
- fun(L) when is_list(L) -> L end,
+ fun(L) when is_list(L) -> L;
+ (unrestricted) -> unrestricted
+ end,
undefined),
AccessCommands =
case AccessCommandsOpts of
undefined -> undefined;
+ unrestricted -> unrestricted;
_ ->
lists:flatmap(
fun({Ac, AcOpts}) ->
make_status(error) -> 1;
make_status(_) -> 1.
+transform_listen_option({access_commands, unrestricted} = Opt, Opts) ->
+ [Opt | Opts];
transform_listen_option({access_commands, ACOpts}, Opts) ->
NewACOpts = lists:map(
fun({AName, ACmds, AOpts}) ->
projects / ejabberd / commitdiff