Chapril/xmpp.chapril.org-conversejs
Chapril/xmpp.chapril.org-conversejs
24
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Restrict /topic command to allowed users

Browse Source
This commit is contained in:
JC Brand 2020-01-16 14:20:33 +01:00
parent aa86a8be32
commit 3d3d97e75b
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/source/session.rst
View File

@ -154,7 +154,7 @@ URL from which Converse should fetch the username and token.
Keeping users logged-in across page reloads
===========================================
If you're properly set up :ref:`shared session support <session-support>`, then
If you've properly set up :ref:`shared session support <session-support>`, then
your users will stay logged-in to the XMPP server upon page reloads.
However, if users are logging in manually, then users might get logged out between requests.

10
src/converse-muc-views.js
View File

@ -1373,11 +1373,10 @@ converse.plugins.add('converse-muc-views', {
},
getAllowedCommands () {
// FIXME: The availability of some of these commands
// depend on the MUCs configuration (e.g. whether it's
// moderated or not). We need to take that into
// consideration.
let allowed_commands = ['clear', 'help', 'me', 'nick', 'subject', 'topic', 'register'];
let allowed_commands = ['clear', 'help', 'me', 'nick', 'register'];
if (this.model.config.get('changesubject') || this.model.getOwnAffiliation() === 'owner') {
allowed_commands = [...allowed_commands, ...['subject', 'topic']];
}
const occupant = this.model.occupants.findWhere({'jid': _converse.bare_jid});
if (this.verifyAffiliations(['owner'], occupant, false)) {
allowed_commands = allowed_commands.concat(OWNER_COMMANDS).concat(ADMIN_COMMANDS);
@ -1389,6 +1388,7 @@ converse.plugins.add('converse-muc-views', {
} else if (!this.verifyRoles(['visitor', 'participant', 'moderator'], occupant, false)) {
allowed_commands = allowed_commands.concat(VISITOR_COMMANDS);
}
allowed_commands.sort();
return allowed_commands;
},