Mon, 06 Dec 2021 11:27:36 +0000
rtbl_admin: Add access control around commands
local verse = require "verse"; local jid = require "util.jid"; local sha256 = require "util.hashes".sha256; function riddim.plugins.rtbl_admin(bot) bot.stream:add_plugin("pubsub"); local config = bot.config.rtbl_admin; local permitted_affiliations = config.permitted_affiliations or { admin = true, owner = true }; bot:hook("commands/rtbl-add", function (command) if config.control_room ~= (command.room and command.room.jid) then return; elseif not permitted_affiliations[command.sender.affiliation] then return "You have insufficient permissions to use this command"; end local reported_jid = command.param and jid.prep(command.param:match("^%S+")); local hash = sha256(reported_jid, true); bot.stream.pubsub(config.host, config.node):publish( hash, -- item id nil, -- options (not implemented anyway) -- <report xmlns="urn:xmpp:reporting:1" reason="urn:xmpp:reporting:abuse"/> verse.stanza("report", { xmlns = "urn:xmpp:reporting:1"; reason = "urn:xmpp:reporting:abuse"; }), function (success) -- callback if not success then command:reply("Failed to update RTBL"); return; end command:reply("RTBL entry added"); end ); return true; end); bot:hook("commands/rtbl-remove", function (command) if config.control_room ~= (command.room and command.room.jid) then return; elseif not permitted_affiliations[command.sender.affiliation] then return "You have insufficient permissions to use this command"; end local reported_jid = command.param and jid.prep(command.param:match("^%S+")); local hash = sha256(reported_jid, true); bot.stream.pubsub(config.host, config.node):retract( hash, -- item id true, -- notify subscribers function (success) -- callback if not success then command:reply("Failed to update RTBL"); return; end command:reply("RTBL entry removed"); end ); return true; end); end