diff options
author | daurnimator <quae@daurnimator.com> | 2014-03-31 14:45:42 -0400 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2014-03-31 14:45:42 -0400 |
commit | 2c3dad041615c903fd05174183b7d2703681cc78 (patch) | |
tree | 481d5a9e30ecbc5e3eaa1568f29e7143036516a1 | |
parent | e19853af0e7f6049fd43e3d061f4a1f54cbb8fa6 (diff) | |
download | prosody-2c3dad041615c903fd05174183b7d2703681cc78.tar.gz prosody-2c3dad041615c903fd05174183b7d2703681cc78.zip |
plugins/muc/muc.lib: restrict invitations in members only rooms to admins
-rw-r--r-- | plugins/muc/muc.lib.lua | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/plugins/muc/muc.lib.lua b/plugins/muc/muc.lib.lua index d6ba68f9..c8881178 100644 --- a/plugins/muc/muc.lib.lua +++ b/plugins/muc/muc.lib.lua @@ -1204,6 +1204,17 @@ module:hook("muc-pre-invite", function(event) end end); +-- Invitation privileges in members-only rooms SHOULD be restricted to room admins; +-- if a member without privileges to edit the member list attempts to invite another user +-- the service SHOULD return a <forbidden/> error to the occupant +module:hook("muc-pre-invite", function(event) + local room, stanza = event.room, event.stanza; + if room:get_members_only() and valid_affiliations[room:get_affiliation(stanza.attr.from) or "none"] < valid_affiliations.admin then + event.origin.send(st.error_reply(stanza, "auth", "forbidden")); + return true; + end +end); + function room_mt:handle_mediated_invite(origin, stanza) local payload = stanza:get_child("x", "http://jabber.org/protocol/muc#user"):get_child("invite"); local invitee = jid_prep(payload.attr.to); |