Remove old command calling interface

1 files changed, 0 insertions, 273 deletions

diff --git a/src/ejabberd_commands.erl b/src/ejabberd_commands.erl
index eccb0d621..d5d0600ac 100644
--- a/src/ejabberd_commands.erl
+++ b/src/ejabberd_commands.erl
@@ -221,7 +221,6 @@
 	 get_command_format/1,
 	 get_command_format/2,
 	 get_command_format/3,
-	 get_command_policy_and_scope/1,
 	 get_command_definition/1,
 	 get_command_definition/2,
 	 get_tags_commands/0,
@@ -230,11 +229,6 @@
 	 register_commands/1,
 	 unregister_commands/1,
 	 expose_commands/1,
-	 execute_command/2,
-	 execute_command/3,
-	 execute_command/4,
-	 execute_command/5,
-	 execute_command/6,
 	 opt_type/1,
 	 get_commands_spec/0,
 	 get_commands_definition/0,
@@ -427,17 +421,6 @@ get_command_format(Name, Auth, Version) ->
             {Args, Result}
     end.
 
--spec get_command_policy_and_scope(atom()) -> {ok, open|user|admin|restricted, [oauth_scope()]} | {error, command_not_found}.
-
-%% @doc return command policy.
-get_command_policy_and_scope(Name) ->
-    case get_command_definition(Name) of
-        #ejabberd_commands{policy = Policy} = Cmd ->
-            {ok, Policy, cmd_scope(Cmd)};
-        command_not_found ->
-            {error, command_not_found}
-    end.
-
 %% The oauth scopes for a command are the command name itself,
 %% also might include either 'ejabberd:user' or 'ejabberd:admin'
 cmd_scope(#ejabberd_commands{policy = Policy, name = Name}) ->
@@ -503,129 +486,6 @@ execute_command2(Name, Arguments, CallerInfo, Version) ->
 	    throw({error, access_rules_unauthorized})
     end.
 
-%% @spec (Name::atom(), Arguments) -> ResultTerm
-%% where
-%%       Arguments = [any()]
-%% @doc Execute a command.
-%% Can return the following exceptions:
-%% command_unknown | account_unprivileged | invalid_account_data |
-%% no_auth_provided | access_rules_unauthorized
-execute_command(Name, Arguments) ->
-    execute_command(Name, Arguments, ?DEFAULT_VERSION).
-
--spec execute_command(atom(),
-                      [any()],
-		      integer() |
-		      {binary(), binary(), binary(), boolean()} |
-                      noauth | admin
-                     ) -> any().
-
-%% @spec (Name::atom(), Arguments, integer() | Auth) -> ResultTerm
-%% where
-%%       Auth = {User::string(), Server::string(), Password::string(),
-%%               Admin::boolean()}
-%%            | noauth
-%%            | admin
-%%       Arguments = [any()]
-%%
-%% @doc Execute a command in a given API version
-%% Can return the following exceptions:
-%% command_unknown | account_unprivileged | invalid_account_data |
-%% no_auth_provided
-execute_command(Name, Arguments, Version) when is_integer(Version) ->
-    execute_command([], noauth, Name, Arguments, Version);
-execute_command(Name, Arguments, Auth) ->
-    execute_command([], Auth, Name, Arguments, ?DEFAULT_VERSION).
-
-%% @spec (AccessCommands, Auth, Name::atom(), Arguments) ->
-%%                                     ResultTerm | {error, Error}
-%% where
-%%       AccessCommands = [{Access, CommandNames, Arguments}] | undefined
-%%       Auth = {User::string(), Server::string(), Password::string(), Admin::boolean()}
-%%            | noauth
-%%            | admin
-%%       Arguments = [any()]
-%%
-%% @doc Execute a command
-%% Can return the following exceptions:
-%% command_unknown | account_unprivileged | invalid_account_data | no_auth_provided
-execute_command(AccessCommands, Auth, Name, Arguments) ->
-    execute_command(AccessCommands, Auth, Name, Arguments, ?DEFAULT_VERSION).
-
--spec execute_command([{atom(), [atom()], [any()]}] | undefined,
-                      {binary(), binary(), binary(), boolean()} |
-                      noauth | admin,
-                      atom(),
-                      [any()],
-		      integer()
-                     ) -> any().
-
-%% @spec (AccessCommands, Auth, Name::atom(), Arguments, integer()) -> ResultTerm
-%% where
-%%       AccessCommands = [{Access, CommandNames, Arguments}] | undefined
-%%       Auth = {User::string(), Server::string(), Password::string(), Admin::boolean()}
-%%            | noauth
-%%            | admin
-%%       Arguments = [any()]
-%%
-%% @doc Execute a command in a given API version
-%% Can return the following exceptions:
-%% command_unknown | account_unprivileged | invalid_account_data | no_auth_provided | access_rules_unauthorized
-execute_command(AccessCommands1, Auth1, Name, Arguments, Version) ->
-    execute_command(AccessCommands1, Auth1, Name, Arguments, Version, #{}).
-
-execute_command(AccessCommands1, Auth1, Name, Arguments, Version, CallerInfo) ->
-    Auth = case is_admin(Name, Auth1, CallerInfo) of
-               true -> admin;
-               false -> Auth1
-           end,
-    TokenJID = oauth_token_user(Auth1),
-    Command = get_command_definition(Name, Version),
-    AccessCommands = get_all_access_commands(AccessCommands1),
-
-    case check_access_commands(AccessCommands, Auth, Name, Command, Arguments, CallerInfo) of
-        ok -> execute_check_policy(Auth, TokenJID, Command, Arguments)
-    end.
-
-
-execute_check_policy(
-  _Auth, _JID, #ejabberd_commands{policy = open} = Command, Arguments) ->
-    do_execute_command(Command, Arguments);
-execute_check_policy(
-  noauth, _JID, Command, Arguments) ->
-    do_execute_command(Command, Arguments);
-execute_check_policy(
-  _Auth, _JID, #ejabberd_commands{policy = restricted} = Command, Arguments) ->
-    do_execute_command(Command, Arguments);
-execute_check_policy(
-  _Auth, JID, #ejabberd_commands{policy = admin} = Command, Arguments) ->
-    execute_check_access(JID, Command, Arguments);
-execute_check_policy(
-  admin, JID, #ejabberd_commands{policy = user} = Command, Arguments) ->
-    execute_check_access(JID, Command, Arguments);
-execute_check_policy(
-  {User, Server, _, _}, JID, #ejabberd_commands{policy = user} = Command, Arguments) ->
-    execute_check_access(JID, Command, [User, Server | Arguments]).
-
-execute_check_access(_FromJID, #ejabberd_commands{access = []} = Command, Arguments) ->
-    do_execute_command(Command, Arguments);
-execute_check_access(undefined, _Command, _Arguments) ->
-    throw({error, access_rules_unauthorized});
-execute_check_access(FromJID, #ejabberd_commands{access = AccessRefs} = Command, Arguments) ->
-    %% TODO Review: Do we have smarter / better way to check rule on other Host than global ?
-    Host = global,
-    Rules = lists:map(
-	      fun({Mod, AccessName, Default}) ->
-		      gen_mod:get_module_opt(Host, Mod, AccessName, Default);
-		 (Default) ->
-		      Default
-	      end, AccessRefs),
-    case acl:any_rules_allowed(Host, Rules, FromJID) of
-        true ->
-            do_execute_command(Command, Arguments);
-        false ->
-            throw({error, access_rules_unauthorized})
-    end.
 
 do_execute_command(Command, Arguments) ->
     Module = Command#ejabberd_commands.module,
@@ -672,58 +532,6 @@ get_tags_commands(Version) ->
 %% Access verification
 %% -----------------------------
 
-%% @spec (AccessCommands, Auth, Method, Command, Arguments) -> ok
-%% where
-%%       AccessCommands =  [ {Access, CommandNames, Arguments} ]
-%%       Auth = {User::string(), Server::string(), Password::string()} | noauth
-%%       Method = atom()
-%%       Arguments = [any()]
-%% @doc Check access is allowed to that command.
-%% At least one AccessCommand must be satisfied.
-%% It may throw {error, Error} where:
-%% Error = account_unprivileged | invalid_account_data
-check_access_commands([], _Auth, _Method, _Command, _Arguments, _CallerInfo) ->
-    ok;
-check_access_commands(AccessCommands, Auth, Method, Command1, Arguments, CallerInfo) ->
-    Command =
-        case {Command1#ejabberd_commands.policy, Auth} of
-            {user, {_, _, _, _}} ->
-                Command1;
-            {user, _} ->
-                Command1#ejabberd_commands{
-                  args = [{user, binary}, {server, binary} |
-                          Command1#ejabberd_commands.args]};
-            _ ->
-                Command1
-        end,
-    AccessCommandsAllowed =
-        lists:filter(
-          fun({Access, Commands, ArgumentRestrictions}) ->
-                  case check_access(Command, Access, Auth, CallerInfo) of
-                      true ->
-                          check_access_command(Commands, Command,
-                                               ArgumentRestrictions,
-                                               Method, Arguments);
-                      false ->
-                          false
-                  end;
-             ({Access, Commands}) ->
-                  ArgumentRestrictions = [],
-                  case check_access(Command, Access, Auth, CallerInfo) of
-                      true ->
-                          check_access_command(Commands, Command,
-                                               ArgumentRestrictions,
-                                               Method, Arguments);
-                      false ->
-                          false
-                  end
-          end,
-          AccessCommands),
-    case AccessCommandsAllowed of
-        [] -> throw({error, account_unprivileged});
-        L when is_list(L) -> ok
-    end.
-
 -spec check_auth(ejabberd_commands(), noauth) -> noauth_provided;
                 (ejabberd_commands(),
                  {binary(), binary(), binary(), boolean()}) ->
@@ -746,80 +554,6 @@ check_auth(_Command, {User, Server, Password, _}) when is_binary(Password) ->
         _ -> throw({error, invalid_account_data})
     end.
 
-check_access(Command, ?POLICY_ACCESS, _, _)
-  when Command#ejabberd_commands.policy == open ->
-    true;
-check_access(_Command, _Access, admin, _) ->
-    true;
-check_access(_Command, _Access, {_User, _Server, _, true}, _) ->
-    false;
-check_access(Command, Access, Auth, CallerInfo)
-  when Access =/= ?POLICY_ACCESS;
-       Command#ejabberd_commands.policy == open;
-       Command#ejabberd_commands.policy == user ->
-    case check_auth(Command, Auth) of
-	{ok, User, Server} ->
-	    check_access2(Access, CallerInfo#{usr => jid:split(jid:make(User, Server))}, Server);
-	no_auth_provided ->
-	    case Command#ejabberd_commands.policy of
-		user ->
-		    false;
-		_ ->
-		    check_access2(Access, CallerInfo, global)
-	    end;
-	_ ->
-	    false
-    end;
-check_access(_Command, _Access, _Auth, _CallerInfo) ->
-    false.
-
-check_access2(?POLICY_ACCESS, _CallerInfo, _Server) ->
-    true;
-check_access2(Access, AccessInfo, Server) ->
-    %% Check this user has access permission
-    case acl:access_matches(Access, AccessInfo, Server) of
-	allow -> true;
-	deny -> false
-    end.
-
-check_access_command(Commands, Command, ArgumentRestrictions,
-		     Method, Arguments) ->
-    case Commands==all orelse lists:member(Method, Commands) of
-        true -> check_access_arguments(Command, ArgumentRestrictions,
-                                       Arguments);
-        false -> false
-    end.
-
-check_access_arguments(Command, ArgumentRestrictions, Arguments) ->
-    ArgumentsTagged = tag_arguments(Command#ejabberd_commands.args, Arguments),
-    lists:all(
-      fun({ArgName, ArgAllowedValue}) ->
-	      %% If the call uses the argument, check the value is acceptable
-	      case lists:keysearch(ArgName, 1, ArgumentsTagged) of
-		  {value, {ArgName, ArgValue}} -> ArgValue == ArgAllowedValue;
-		  false -> true
-	      end
-      end, ArgumentRestrictions).
-
-tag_arguments(ArgsDefs, Args) ->
-    lists:zipwith(
-      fun({ArgName, _ArgType}, ArgValue) ->
-	      {ArgName, ArgValue}
-      end,
-      ArgsDefs,
-      Args).
-
-
-%% Get commands for all version
-get_all_access_commands(AccessCommands) ->
-    get_access_commands(AccessCommands, ?DEFAULT_VERSION).
-
-get_access_commands(undefined, Version) ->
-    Cmds = get_exposed_commands(Version),
-    [{?POLICY_ACCESS, Cmds, []}];
-get_access_commands(AccessCommands, _Version) ->
-    AccessCommands.
-
 get_exposed_commands() ->
     get_exposed_commands(?DEFAULT_VERSION).
 get_exposed_commands(Version) ->
@@ -854,13 +588,6 @@ expand_commands(L, OpenCmds, UserCmds, AdminCmds, RestrictedCmds) when is_list(L
                         [Command|Acc]
                 end, [], L).
 
-oauth_token_user(noauth) ->
-    undefined;
-oauth_token_user(admin) ->
-    undefined;
-oauth_token_user({User, Server, _, _}) ->
-    jid:make(User, Server).
-
 is_admin(_Name, admin, _Extra) ->
     true;
 is_admin(_Name, {_User, _Server, _, false}, _Extra) ->