aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorHolger Weiss <holger@zedat.fu-berlin.de>2017-09-24 02:05:50 +0200
committerHolger Weiss <holger@zedat.fu-berlin.de>2017-09-24 02:05:50 +0200
commit48f2adde98dca7c7822dc5a35c3a7f61bc560933 (patch)
treed3dd3b6ac1038f979752a6827b510a2e43605402 /src
parentAdd script to extract translation strings (diff)
mod_mam: Refuse filtering anon MUC queries by JID
Return an empty result set if a non-moderator attempts to filter by JID while querying the archive of an anonymous MUC room.
Diffstat (limited to 'src')
-rw-r--r--src/mod_mam.erl27
1 files changed, 25 insertions, 2 deletions
diff --git a/src/mod_mam.erl b/src/mod_mam.erl
index 674cefc05..a4dc62b01 100644
--- a/src/mod_mam.erl
+++ b/src/mod_mam.erl
@@ -863,8 +863,13 @@ select(_LServer, JidRequestor, JidArchive, Query, RSM,
{Msgs, true, L}
end;
select(LServer, JidRequestor, JidArchive, Query, RSM, MsgType) ->
- Mod = gen_mod:db_mod(LServer, ?MODULE),
- Mod:select(LServer, JidRequestor, JidArchive, Query, RSM, MsgType).
+ case might_expose_jid(JidRequestor, Query, MsgType) of
+ true ->
+ {[], true, 0};
+ false ->
+ Mod = gen_mod:db_mod(LServer, ?MODULE),
+ Mod:select(LServer, JidRequestor, JidArchive, Query, RSM, MsgType)
+ end.
msg_to_el(#archive_msg{timestamp = TS, packet = El, nick = Nick,
peer = Peer, id = ID},
@@ -988,6 +993,24 @@ match_rsm(Now, #rsm_set{before = ID}) when is_binary(ID), ID /= <<"">> ->
match_rsm(_Now, _) ->
true.
+might_expose_jid(JidRequestor, Query, {groupchat, Role,
+ #state{config = #config{anonymous = true}}})
+ when Role /= moderator ->
+ case proplists:get_value(with, Query) of
+ undefined ->
+ false;
+ With ->
+ case {jid:remove_resource(jid:tolower(With)),
+ jid:remove_resource(jid:tolower(JidRequestor))} of
+ {J, J} ->
+ false;
+ _ ->
+ true
+ end
+ end;
+might_expose_jid(_JidRequestor, _Query, _MsgType) ->
+ false.
+
get_jids(undefined) ->
[];
get_jids(Js) ->