From 34234b4a46df8e3ddfe0ac243f3bdb7a258730ee Mon Sep 17 00:00:00 2001
From: Evgeniy Khramtsov <xramtsov@gmail.com>
Date: Sun, 31 Jan 2010 13:55:10 +0000
Subject: [PATCH] Added new acl for mod_register: access_from. This acl is
 applied if existing account tries to register a new account (either via s2s
 or c2s). The default value is to deny such operations.

SVN Revision: 2949
---
 src/mod_register.erl | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/mod_register.erl b/src/mod_register.erl
index 1da55253c..2a6c7c20b 100644
--- a/src/mod_register.erl
+++ b/src/mod_register.erl
@@ -166,13 +166,20 @@ process_iq(From, To,
 			#jid{user = User, lserver = Server} ->
 			    try_set_password(User, Server, Password, IQ, SubEl);
 			_ ->
-			    case try_register(User, Server, Password,
-					      Source, Lang) of
-				ok ->
-				    IQ#iq{type = result, sub_el = [SubEl]};
-				{error, Error} ->
+			    case check_from(From, Server) of
+				allow ->
+				    case try_register(User, Server, Password,
+						      Source, Lang) of
+					ok ->
+					    IQ#iq{type = result,
+						  sub_el = [SubEl]};
+					{error, Error} ->
+					    IQ#iq{type = error,
+						  sub_el = [SubEl, Error]}
+				    end;
+				deny ->
 				    IQ#iq{type = error,
-					  sub_el = [SubEl, Error]}
+					  sub_el = [SubEl, ?ERR_FORBIDDEN]}
 			    end
 		    end;
 		true ->
@@ -293,6 +300,11 @@ send_registration_notifications(UJID, Source) ->
 	    ok
     end.
 
+check_from(#jid{user = "", server = ""}, _Server) ->
+    allow;
+check_from(JID, Server) ->
+    Access = gen_mod:get_module_opt(Server, ?MODULE, access_from, none),
+    acl:match_rule(Server, Access, JID).
 
 check_timeout(undefined) ->
     true;