Restrict /topic command to allowed users

This commit is contained in:
JC Brand 2020-01-16 14:20:33 +01:00
parent aa86a8be32
commit 3d3d97e75b
2 changed files with 6 additions and 6 deletions

View File

@ -154,7 +154,7 @@ URL from which Converse should fetch the username and token.
Keeping users logged-in across page reloads Keeping users logged-in across page reloads
=========================================== ===========================================
If you're properly set up :ref:`shared session support <session-support>`, then If you've properly set up :ref:`shared session support <session-support>`, then
your users will stay logged-in to the XMPP server upon page reloads. your users will stay logged-in to the XMPP server upon page reloads.
However, if users are logging in manually, then users might get logged out between requests. However, if users are logging in manually, then users might get logged out between requests.

View File

@ -1373,11 +1373,10 @@ converse.plugins.add('converse-muc-views', {
}, },
getAllowedCommands () { getAllowedCommands () {
// FIXME: The availability of some of these commands let allowed_commands = ['clear', 'help', 'me', 'nick', 'register'];
// depend on the MUCs configuration (e.g. whether it's if (this.model.config.get('changesubject') || this.model.getOwnAffiliation() === 'owner') {
// moderated or not). We need to take that into allowed_commands = [...allowed_commands, ...['subject', 'topic']];
// consideration. }
let allowed_commands = ['clear', 'help', 'me', 'nick', 'subject', 'topic', 'register'];
const occupant = this.model.occupants.findWhere({'jid': _converse.bare_jid}); const occupant = this.model.occupants.findWhere({'jid': _converse.bare_jid});
if (this.verifyAffiliations(['owner'], occupant, false)) { if (this.verifyAffiliations(['owner'], occupant, false)) {
allowed_commands = allowed_commands.concat(OWNER_COMMANDS).concat(ADMIN_COMMANDS); allowed_commands = allowed_commands.concat(OWNER_COMMANDS).concat(ADMIN_COMMANDS);
@ -1389,6 +1388,7 @@ converse.plugins.add('converse-muc-views', {
} else if (!this.verifyRoles(['visitor', 'participant', 'moderator'], occupant, false)) { } else if (!this.verifyRoles(['visitor', 'participant', 'moderator'], occupant, false)) {
allowed_commands = allowed_commands.concat(VISITOR_COMMANDS); allowed_commands = allowed_commands.concat(VISITOR_COMMANDS);
} }
allowed_commands.sort();
return allowed_commands; return allowed_commands;
}, },