Chapril
/
xmpp.chapril.org-ejabberd
mirror of https://github.com/processone/ejabberd.git
24
1
Fork 0
Code Releases Activity

Check also 'access' rule on account removal 

According to the documentation we should not allow
account removal when it's forbidden by the rule
from 'access' option.
This commit is contained in:
Evgeny Khramtsov 2019-11-24 16:21:01 +03:00
parent 650bdae5d9
commit de91618070
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/mod_register.erl
View File

@ -114,8 +114,12 @@ process_iq(#iq{from = From, to = To} = IQ, Source) ->
end,
Server = To#jid.lserver,
Access = mod_register_opt:access_remove(Server),
AllowRemove = allow == acl:match_rule(Server, Access, From),
process_iq(IQ, Source, IsCaptchaEnabled, AllowRemove).
Remove = case acl:match_rule(Server, Access, From) of
deny -> deny;
allow ->
check_access(From#jid.luser, From#jid.lserver, Source)
end,
process_iq(IQ, Source, IsCaptchaEnabled, Remove == allow).
process_iq(#iq{type = set, lang = Lang,
sub_els = [#register{remove = true}]} = IQ,