File: privilege.rst

package info (click to toggle)
slidge 0.3.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 4,516 kB
  • sloc: python: 20,548; xml: 518; sh: 57; javascript: 27; makefile: 14
file content (88 lines) | stat: -rw-r--r-- 2,524 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
==========
Privileges
==========

.. note::

  Setting up slidge as a privileged entity (:xep:`0356`) is recommended for the user experience,
  but it can only work of the XMPP user account is on the same server as slidge.

With privileges, slidge can:

- automatically add/remove "puppet contacts" from the XMPP roster of slidge users
- reflect on the XMPP side messages sent by users via a non-XMPP client,
  such official apps of the legacy service
- synchronize other actions done via a non-XMPP client, such as read state, emoji reactions,
  retractions, etc.
- automatically add XMPP bookmarks (:xep:`0402`) for MUCs (:xep:`0045`)

Privileges with Prosody
-----------------------

mod_privilege installation
~~~~~~~~~~~~~~~~~~~~~~~~~~

Starting with prosody 0.12, installing the  `mod_privilege <https://modules.prosody.im/mod_privilege.html>`_
community module is as easy as:

.. code-block:: bash

    prosodyctl install --server=https://modules.prosody.im/rocks/ mod_privilege

Privileges configuration
~~~~~~~~~~~~~~~~~~~~~~~~

In ``prosody.cfg.lua``, add ``mod_privilege`` to the ``modules_enabled`` list.

Define the gateway component's privileges in the appropriate virtualhost block:

.. code-block:: lua

    VirtualHost "example.org"
      privileged_entities = {
        ["superduper.example.org"] = {
          roster = "both";
          message = "outgoing";
          iq = {
            ["http://jabber.org/protocol/pubsub"] = "both";
            ["http://jabber.org/protocol/pubsub#owner"] = "set";
          };
        }
      }

Then either restart the prosody server, or reload config.
You might need to use
`mod_reload_component <https://modules.prosody.im/mod_reload_components.html>`_,
and activate/deactivate hosts
for all changes to be taken into account
(restarting prosody is the easiest way to go).

Privileges with ejabberd
------------------------

.. code-block:: yaml

    acl:
      slidge_acl:
        server:
        # Make sure to include all of your slidge bridges that need privileges here:
          - "superduper.example.org"
          - "other-walled-garden.example.org"

    access_rules:
      slidge_rule:
        - allow: slidge_acl

    modules:
      mod_privilege:
        roster:
          both: slidge_rule
        message:
          outgoing: slidge_rule
        iq:
          "http://jabber.org/protocol/pubsub":
            both: slidge_rule
          "http://jabber.org/protocol/pubsub#owner":
            set: slidge_rule
      mod_roster:
        versioning: true