From ead83b008c25e2619cbc7cfbf4bde5fb46c4e677 Mon Sep 17 00:00:00 2001
From: Mickael Remond <mremond@process-one.net>
Date: Wed, 30 Mar 2016 14:23:09 +0200
Subject: HTTP ReST API now supports 'open' ejabberd commands

---
 src/mod_http_api.erl | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'src/mod_http_api.erl')

diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl
index 15fe36364..96fa90735 100644
--- a/src/mod_http_api.erl
+++ b/src/mod_http_api.erl
@@ -116,7 +116,6 @@ start(_Host, _Opts) ->
 stop(_Host) ->
     ok.
 
-
 %% ----------
 %% basic auth
 %% ----------
@@ -124,12 +123,13 @@ stop(_Host) ->
 check_permissions(Request, Command) ->
     case catch binary_to_existing_atom(Command, utf8) of
         Call when is_atom(Call) ->
-            check_permissions2(Request, Call);
+            {ok, CommandPolicy} = ejabberd_commands:get_command_policy(Call),
+            check_permissions2(Request, Call, CommandPolicy);
         _ ->
             unauthorized_response()
     end.
 
-check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call)
+check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call, _)
   when HTTPAuth /= undefined ->
     Admin =
         case lists:keysearch(<<"X-Admin">>, 1, Headers) of
@@ -162,7 +162,9 @@ check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call)
         {ok, A} -> {allowed, Call, A};
         _ -> unauthorized_response()
     end;
-check_permissions2(#request{ip={IP, _Port}}, Call) ->
+check_permissions2(_Request, Call, open) ->
+    {allowed, Call, noauth};
+check_permissions2(#request{ip={IP, _Port}}, Call, _Policy) ->
     Access = gen_mod:get_module_opt(global, ?MODULE, admin_ip_access,
                                     mod_opt_type(admin_ip_access),
                                     none),
@@ -207,7 +209,8 @@ process([Call], #request{method = 'POST', data = Data, ip = IP} = Req) ->
             {allowed, Cmd, Auth} ->
                 {Code, Result} = handle(Cmd, Auth, Args),
                 json_response(Code, jiffy:encode(Result));
-            ErrorResponse -> %% Should we reply 403 ?
+            %% Warning: check_permission direcly formats 401 reply if not authorized
+            ErrorResponse ->
                 ErrorResponse
         end
     catch _:Error ->
@@ -225,6 +228,7 @@ process([Call], #request{method = 'GET', q = Data, ip = IP} = Req) ->
             {allowed, Cmd, Auth} ->
                 {Code, Result} = handle(Cmd, Auth, Args),
                 json_response(Code, jiffy:encode(Result));
+            %% Warning: check_permission direcly formats 401 reply if not authorized
             ErrorResponse ->
                 ErrorResponse
         end
@@ -434,7 +438,9 @@ json_response(Code, Body) when is_integer(Code) ->
 
 log(Call, Args, {Addr, Port}) ->
     AddrS = jlib:ip_to_list({Addr, Port}),
-    ?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]).
+    ?INFO_MSG("API call ~s ~p from ~s:~p", [Call, Args, AddrS, Port]);
+log(Call, Args, IP) ->
+    ?INFO_MSG("API call ~s ~p (~p)", [Call, Args, IP]).
 
 mod_opt_type(admin_ip_access) ->
     fun(Access) when is_atom(Access) -> Access end;
-- 
cgit v1.2.3


From 36ac1cd6c7a86cd57e14121756efa590f2d8b1b7 Mon Sep 17 00:00:00 2001
From: Mickael Remond <mremond@process-one.net>
Date: Wed, 30 Mar 2016 14:49:19 +0200
Subject: Returns unauthorized error when we do not have correct credentials

---
 src/mod_http_api.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/mod_http_api.erl')

diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl
index 96fa90735..bbd4a28de 100644
--- a/src/mod_http_api.erl
+++ b/src/mod_http_api.erl
@@ -183,7 +183,9 @@ check_permissions2(#request{ip={IP, _Port}}, Call, _Policy) ->
             end;
         _ ->
             unauthorized_response()
-    end.
+    end;
+check_permissions2(_Request, _Call, _Policy) ->
+    unauthorized_response().
 
 oauth_check_token(Scope, Token) when is_atom(Scope) ->
     oauth_check_token(atom_to_binary(Scope, utf8), Token);
-- 
cgit v1.2.3


From 809057678b2872062ae052965bcc73dd0413b9b9 Mon Sep 17 00:00:00 2001
From: Mickael Remond <mremond@process-one.net>
Date: Wed, 30 Mar 2016 15:59:29 +0200
Subject: Better error report when command is not exposed through API

---
 src/mod_http_api.erl | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/mod_http_api.erl')

diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl
index bbd4a28de..c2b7d1100 100644
--- a/src/mod_http_api.erl
+++ b/src/mod_http_api.erl
@@ -279,6 +279,7 @@ handle2(Call, Auth, Args) when is_atom(Call), is_list(Args) ->
         0 -> {200, <<"OK">>};
         1 -> {500, <<"500 Internal server error">>};
         400 -> {400, <<"400 Bad Request">>};
+        401 -> {401, <<"401 Unauthorized">>};
         404 -> {404, <<"404 Not found">>};
         Res -> format_command_result(Call, Auth, Res)
     end.
@@ -366,6 +367,7 @@ ejabberd_command(Auth, Cmd, Args, Default) ->
              end,
     case catch ejabberd_commands:execute_command(Access, Auth, Cmd, Args) of
         {'EXIT', _} -> Default;
+        {error, account_unprivileged} -> 401;
         {error, _} -> Default;
         Result -> Result
     end.
-- 
cgit v1.2.3