mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-28 16:34:13 +01:00
Add example api_permisions: definition to config template
Also expand default config to have rule for admin oauth
This commit is contained in:
parent
7606be93d5
commit
ce42b6be01
@ -524,6 +524,40 @@ access_rules:
|
|||||||
## - ip: "XXX.XXX.XXX.XXX/32"
|
## - ip: "XXX.XXX.XXX.XXX/32"
|
||||||
## - allow
|
## - allow
|
||||||
|
|
||||||
|
## ===============
|
||||||
|
## API PERMISSIONS
|
||||||
|
## ===============
|
||||||
|
##
|
||||||
|
## This section allows you to define who and using what method
|
||||||
|
## can execute commands offered by ejabberd.
|
||||||
|
##
|
||||||
|
## By default "console commands" section allow executing all commands
|
||||||
|
## issued using ejabberdctl command, and "admin access" section allows
|
||||||
|
## users in admin acl to execute all commands except start and stop
|
||||||
|
## with any available access method (ejabberdctl, http-api, xmlrpc
|
||||||
|
## depending what is enabled on server).
|
||||||
|
##
|
||||||
|
## Remember to not remove "console commands" section when doing modifications
|
||||||
|
## or ejabberdctl will not be able to execute commands!
|
||||||
|
##
|
||||||
|
##
|
||||||
|
## api_permissions:
|
||||||
|
## "console commands":
|
||||||
|
## from:
|
||||||
|
## - ejabberd_ctl
|
||||||
|
## who: all
|
||||||
|
## what: "*"
|
||||||
|
## "admin access":
|
||||||
|
## who:
|
||||||
|
## - admin
|
||||||
|
## - oauth:
|
||||||
|
## - scope: "ejabberd:admin"
|
||||||
|
## - admin
|
||||||
|
## what:
|
||||||
|
## - "*"
|
||||||
|
## - "!stop"
|
||||||
|
## - "!start"
|
||||||
|
|
||||||
## By default the frequency of account registrations from the same IP
|
## By default the frequency of account registrations from the same IP
|
||||||
## is limited to 1 account every 10 minutes. To disable, specify: infinity
|
## is limited to 1 account every 10 minutes. To disable, specify: infinity
|
||||||
## registration_timeout: 600
|
## registration_timeout: 600
|
||||||
|
@ -237,7 +237,8 @@ get_definitions(#state{definitions = Defs, fragments_generators = Gens} = State)
|
|||||||
{all, none}}},
|
{all, none}}},
|
||||||
{<<"admin access">>,
|
{<<"admin access">>,
|
||||||
{[],
|
{[],
|
||||||
[{acl, admin}],
|
[{acl,{acl,admin}},
|
||||||
|
{oauth,[<<"ejabberd:admin">>],[{acl,{acl,admin}}]}],
|
||||||
{all, [start, stop]}}}],
|
{all, [start, stop]}}}],
|
||||||
NDefs = case Defs of
|
NDefs = case Defs of
|
||||||
none ->
|
none ->
|
||||||
|
Loading…
Reference in New Issue
Block a user