usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role

core/usermanager.lua

@@ -9,6 +9,7 @@
 local modulemanager = require "core.modulemanager";
 local log = require "util.logger".init("usermanager");
 local type = type;
+local it = require "util.iterators";
 local jid_bare = require "util.jid".bare;
 local jid_split = require "util.jid".split;
 local jid_prep = require "util.jid".prep;
@@ -49,6 +50,10 @@ local global_authz_provider = {
 			return admin_role;
 		end
 	end;
+	get_jids_with_role = function (role)
+		if role ~= "prosody:admin" then return {}; end
+		return it.to_array(global_admins);
+	end;
 };
 
 local provider_mt = { __index = new_null_provider() };
@@ -180,6 +185,23 @@ local function is_admin(jid, host)
 	return roles and roles["prosody:admin"];
 end
 
+local function get_users_with_role(role, host)
+	if not hosts[host] then return false; end
+	if type(role) ~= "string" then return false; end
+
+	return hosts[host].authz.get_users_with_role(role);
+end
+
+local function get_jids_with_role(role, host)
+	if host and not hosts[host] then return false; end
+	if type(role) ~= "string" then return false; end
+
+	host = host or "*";
+
+	local authz_provider = (host ~= "*" and hosts[host].authz) or global_authz_provider;
+	return authz_provider.get_jids_with_role(role);
+end
+
 return {
 	new_null_provider = new_null_provider;
 	initialize_host = initialize_host;
@@ -195,4 +217,6 @@ return {
 	get_roles = get_roles;
 	set_roles = set_roles;
 	is_admin = is_admin;
+	get_users_with_role = get_users_with_role;
+	get_jids_with_role = get_jids_with_role;
 };

plugins/mod_authz_internal.lua

@@ -1,12 +1,17 @@
+local array = require "util.array";
+local it = require "util.iterators";
+local set = require "util.set";
+local jid_split = require "util.jid".split;
 local normalize = require "util.jid".prep;
-local admin_jids = module:get_option_inherited_set("admins", {}) / normalize;
+local config_admin_jids = module:get_option_inherited_set("admins", {}) / normalize;
 local host = module.host;
 local role_store = module:open_store("roles");
+local role_map_store = module:open_store("roles", "map");
 
 local admin_role = { ["prosody:admin"] = true };
 
 function get_user_roles(user)
-	if admin_jids:contains(user.."@"..host) then
+	if config_admin_jids:contains(user.."@"..host) then
 		return admin_role;
 	end
 	return role_store:get(user);
@@ -17,8 +22,22 @@ function set_user_roles(user, roles)
 	return true;
 end
 
+function get_users_with_role(role)
+	local storage_role_users = it.to_array(it.keys(role_map_store:get_all(role) or {}));
+	if role == "prosody:admin" then
+		local config_admin_users = config_admin_jids / function (admin_jid)
+			local j_node, j_host = jid_split(admin_jid);
+			if j_host == host then
+				return j_node;
+			end
+		end;
+		return it.to_array(config_admin_users + set.new(storage_role_users));
+	end
+	return storage_role_users;
+end
+
 function get_jid_roles(jid)
-	if admin_jids:contains(jid) then
+	if config_admin_jids:contains(jid) then
 		return admin_role;
 	end
 	return nil;
@@ -27,3 +46,14 @@ end
 function set_jid_roles(jid) -- luacheck: ignore 212
 	return false;
 end
+
+function get_jids_with_role(role)
+	-- Fetch role users from storage
+	local storage_role_jids = array.map(get_users_with_role(role), function (username)
+		return username.."@"..host;
+	end);
+	if role == "prosody:admin" then
+		return it.to_array(config_admin_jids + set.new(storage_role_jids));
+	end
+	return storage_role_jids;
+end