diff --git a/doc/guide.tex b/doc/guide.tex index 97796eef0..bc077095f 100644 --- a/doc/guide.tex +++ b/doc/guide.tex @@ -3838,10 +3838,11 @@ enables end users to use a \XMPP{} client to: Options: \begin{description} -\titem{\{access, AccessName\}} \ind{options!access}This option can be configured to specify - rules to restrict registration. If a rule returns `deny' on the requested - user name, registration for that user name is denied. (there are no - restrictions by default). +\titem{\{access, AccessName\}} \ind{options!access} + Specify rules to restrict what usernames can be registered and unregistered. + If a rule returns `deny' on the requested username, + registration and unregistration of that user name is denied. + There are no restrictions by default. \titem{\{access\_from, AccessName\}} \ind{options!access\_from}By default, \ejabberd{} doesn't allow to register new accounts from s2s or existing c2s sessions. You can change it by defining access rule in this option. Use with care: allowing registration diff --git a/src/mod_register.erl b/src/mod_register.erl index c3741d637..e7f51bb31 100644 --- a/src/mod_register.erl +++ b/src/mod_register.erl @@ -108,8 +108,10 @@ process_iq(From, To, PTag = exmpp_xml:get_element(SubEl, 'password'), RTag = exmpp_xml:get_element(SubEl, 'remove'), Server = exmpp_jid:prep_domain_as_list(To), + Access = gen_mod:get_module_opt(Server, ?MODULE, access, all), + AllowRemove = (allow == acl:match_rule(Server, Access, From)), if - (UTag /= undefined) and (RTag /= undefined) -> + (UTag /= undefined) and (RTag /= undefined) and AllowRemove -> User = exmpp_xml:get_cdata_as_list(UTag), case {exmpp_jid:node_as_list(From), exmpp_jid:prep_domain_as_list(From)} of {User, Server} -> @@ -144,7 +146,7 @@ process_iq(From, To, exmpp_iq:error(IQ_Rec, 'bad-request') end end; - (UTag == undefined) and (RTag /= undefined) -> + (UTag == undefined) and (RTag /= undefined) and AllowRemove -> case {exmpp_jid:node_as_list(From), exmpp_jid:prep_domain_as_list(From), exmpp_jid:resource_as_list(From)}of