The array:pluck() method mutates the args, replacing the table items
with the resulting strings. On later runs I assume it tries to index the
string, which returns nil, emptying the array.
Because the code was using `< now` in a lot of places, things expiring at the current second
wouldn't be marked as expired. It isn't noticeable in real-world scenarios but I wanted to
create OAuth 2.0 tokens valid for 0 second in integration tests and it wasn't possible.
By using `<=` instead of `<`, we make sure tokens don't live a single millisecond more than
what they are supposed to.
SQLCipher v3.4.1 (the version in Debian 12) is based on SQLite3 v3.15.2,
while UPSERT support was introduced in SQLite3 v3.24.0
This check was not needed before because we v3.24.0 has not been in a
version of Debian we support for a long, long time.
Note however that SQLCipher databases are not compatible across major
versions, upgrading from v3.x to v4.x requires executing a migration.
Attempts at making `prosodyctl mod_storage_sql upgrade` perform such a
migration has not been successful.
Executing the following in the `sqlcipher` tool should do the migration:
PRAGMA key = '<key material>';
PRAGMA cipher_migrate;
This bestows the role specified by the 'host_user_role' setting onto
users of that host. For simplicity, only a single host can be specified.
Making it configurable allows for setups where VirtualHost and related
Components may be siblings instead of having a subdomain relationship.
For setups with many VirtualHosts sharing a single Component, the
'server_user_role' setting is more appropriate. Even more complicated
setups would have to resort to mod_firewall or similar.
Many thanks to Thilo Molitor and Kim Alvefur for their work on this module
while it was in the community repository. It has been stable for some time, is
widely used, and provides a feature that is important to most deployments.
This allows Prosody to easily provide friendly invitation links, even without
setting up mod_invites_page (which is a community module). Admins can
configure it to use a third-party deployment such as https://xmpp.link or they
can deploy their own based on
https://github.com/modernxmpp/easy-xmpp-invitation
Alternatively they can just install mod_invites_page and this will all be
handled automatically by that.
The word 'error' anywhere, especially in harmless debug messages, are
too often interpreted as fatal errors my some users, so best avoid that
word. These look too scary as it is, being tracebacks.
The field `_provided_by` comes from module:provides(), but these items
comes from moduel:add_item(), which include the originating module as a
'source' field of the event. However, this is absent when items are
retrieved at a later time than the initial event.
This allows us to continue sending/receiving on the session, for example if
the promise will be resolved by other data that the client is going to send.
Specifically, this allows the repl-request-input to work without a deadlock.
It does open the door to interleaved commands/results, which may not be a good
thing overall, but can be restricted separately if necessary (e.g. a flag on
the session).
This fixes an issue where e.g. remote users or even other users on the server
were unable to list MUC rooms.
We want to define a permission to list MUC rooms, but we want it to be
available to everyone by default (the traditional behaviour).
prosody:guest is the lowest role we have. I ran a quick check and it isn't
really used for anything right now that would be concerning.
It was originally designed for anonymous logins. I think it's safe to treat
remote JIDs as equivalent, since we have no trust relationship with anonymous
users either.
This allows certain session-specific code that needs to run in the async
context, but is itself triggered outside of that context (e.g. timers), to
be queued.
An example of this is the session destruction code of mod_smacks, when the
hibernation timeout is reached.
Attributes are strings. That definitely is a number. So we
tostring() it. This is important when the API becomes stricter,
for whatever reason that might happen.
Practically, this moves the overhead of converting to a string
to a place where it is visible.
This queue is used to buffer stanzas while waiting for an outgoing s2s
connection to be established.
Limit it to prevent excessive memory usage.
Default chosen to approximate how many average stanzas fits in the
server_epoll default max_send_buffer_size of 32 MiB
Returns a custom error instead of the default core.stanza_router
"Communication with remote domains is not enabled" from is sent back,
which does not describe what is happening here.
Closes#1106
Previously the error messages said that it failed to "publish" to PEP, but
sometimes a sync involves removing items, which can be confusing.
The log was also the same for both legacy PEP and private XML bookmarks.
Having different log messages makes it easier to debug the cause and location
of any sync errors.
It appears that when:
1) The user has no bookmarks 2 node in PEP
2) The client publishes an empty bookmark set to a legacy bookmarks location
3) mod_bookmarks will attempt to purge items from the non-existent node and
log an error about the failure (item-not-found).
This new code will suppress an item-not-found error from the purge operation
in the empty-bookmarks case, and adds a log message for any other error (this
is helpful because the existing log message confusingly says it was an error
*publishing* to the node, which isn't always accurate).
