mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-28 16:34:13 +01:00
mod_mam: Don't let outcasts access MUC archive
XEP-0313 says: "A MUC archive MUST check that the user requesting the archive has the right to enter it at the time of the query [...]. In the case of open MUC rooms, the MUC archives can generally be accessed by any users [...] who do not have an affiliation of 'outcast'".
This commit is contained in:
parent
a31f59ea31
commit
8098f7d9a8
@ -529,11 +529,8 @@ process_iq(LServer, #jid{luser = LUser} = From, To, IQ, SubEl, Fs, MsgType) ->
|
|||||||
With, limit_max(RSM, NS), IQ, MsgType)
|
With, limit_max(RSM, NS), IQ, MsgType)
|
||||||
end.
|
end.
|
||||||
|
|
||||||
muc_process_iq(#iq{lang = Lang, sub_el = SubEl} = IQ,
|
muc_process_iq(#iq{lang = Lang, sub_el = SubEl} = IQ, MUCState, From, To, Fs) ->
|
||||||
#state{config = #config{members_only = MembersOnly}} = MUCState,
|
case may_enter_room(From, MUCState) of
|
||||||
From, To, Fs) ->
|
|
||||||
case not MembersOnly orelse
|
|
||||||
mod_muc_room:is_occupant_or_admin(From, MUCState) of
|
|
||||||
true ->
|
true ->
|
||||||
LServer = MUCState#state.server_host,
|
LServer = MUCState#state.server_host,
|
||||||
Role = mod_muc_room:get_role(From, MUCState),
|
Role = mod_muc_room:get_role(From, MUCState),
|
||||||
@ -714,6 +711,12 @@ is_resent(Pkt, LServer) ->
|
|||||||
false
|
false
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
may_enter_room(From,
|
||||||
|
#state{config = #config{members_only = false}} = MUCState) ->
|
||||||
|
mod_muc_room:get_affiliation(From, MUCState) /= outcast;
|
||||||
|
may_enter_room(From, MUCState) ->
|
||||||
|
mod_muc_room:is_occupant_or_admin(From, MUCState).
|
||||||
|
|
||||||
store_msg(C2SState, Pkt, LUser, LServer, Peer, Dir) ->
|
store_msg(C2SState, Pkt, LUser, LServer, Peer, Dir) ->
|
||||||
Prefs = get_prefs(LUser, LServer),
|
Prefs = get_prefs(LUser, LServer),
|
||||||
case should_archive_peer(C2SState, Prefs, Peer) of
|
case should_archive_peer(C2SState, Prefs, Peer) of
|
||||||
|
Loading…
Reference in New Issue
Block a user