%% Can return the following exceptions:
%% command_unknown | account_unprivileged | invalid_account_data | no_auth_provided | access_rules_unauthorized
execute_command(AccessCommands1, Auth1, Name, Arguments, Version) ->
-execute_command(AccessCommands1, Auth1, Name, Arguments, Version, #{}).
+ execute_command(AccessCommands1, Auth1, Name, Arguments, Version, #{}).
execute_command(AccessCommands1, Auth1, Name, Arguments, Version, CallerInfo) ->
Auth = case is_admin(Name, Auth1, CallerInfo) of
TokenJID = oauth_token_user(Auth1),
Command = get_command_definition(Name, Version),
AccessCommands = get_all_access_commands(AccessCommands1),
+
case check_access_commands(AccessCommands, Auth, Name, Command, Arguments, CallerInfo) of
ok -> execute_check_policy(Auth, TokenJID, Command, Arguments)
end.
end, [], Opts),
Cmds.
+%% This is used to allow mixing command policy (like open, user, admin, restricted), with command entry
expand_commands(L, OpenCmds, UserCmds, AdminCmds, RestrictedCmds) when is_list(L) ->
- lists:foldl(fun(El, Acc) ->
- expand_commands(El, OpenCmds, UserCmds, AdminCmds, RestrictedCmds) ++ Acc
- end, [], L);
-expand_commands(El, OpenCmds, UserCmds, AdminCmds, RestrictedCmds) ->
- case El of
- open -> OpenCmds;
- restricted -> RestrictedCmds;
- admin -> AdminCmds;
- user -> UserCmds;
- _ -> [El]
- end.
-
+ lists:foldl(fun(open, Acc) -> OpenCmds ++ Acc;
+ (user, Acc) -> UserCmds ++ Acc;
+ (admin, Acc) -> AdminCmds ++ Acc;
+ (restricted, Acc) -> RestrictedCmds ++ Acc;
+ (Command, Acc) when is_atom(Command) ->
+ [Command, Acc]
+ end, [], L).
oauth_token_user(noauth) ->
undefined;
projects / ejabberd / commitdiff