diff options
| author | Christoph Scholz <christoph.scholz@gmail.com> | 2019-01-13 13:37:08 +0300 |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2019-02-26 00:21:30 +0300 |
| commit | e257bc3d328ab98c7cd85c3839d2918782adf408 (patch) | |
| tree | e6be6dc971663bd2a77ad32bb6702394a2bcb25e /src/mod_mam.erl | |
| parent | bc38afa8b808fc43595a6a6297368697280ca368 (diff) | |
acl for mam_preferences
Diffstat (limited to 'src/mod_mam.erl')
| -rw-r--r-- | src/mod_mam.erl | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/src/mod_mam.erl b/src/mod_mam.erl index f1f481260..ee38f5011 100644 --- a/src/mod_mam.erl +++ b/src/mod_mam.erl @@ -631,15 +631,22 @@ process_iq(#iq{from = #jid{luser = LUser, lserver = LServer}, default = Default, always = Always0, never = Never0}]} = IQ) -> - Always = lists:usort(get_jids(Always0)), - Never = lists:usort(get_jids(Never0)), - case write_prefs(LUser, LServer, LServer, Default, Always, Never) of - ok -> - NewPrefs = prefs_el(Default, Always, Never, NS), - xmpp:make_iq_result(IQ, NewPrefs); - _Err -> - Txt = <<"Database failure">>, - xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang)) + Access = gen_mod:get_module_opt(LServer, ?MODULE, access_preferences), + case acl:match_rule(LServer, Access, jid:make(LUser, LServer)) of + allow -> + Always = lists:usort(get_jids(Always0)), + Never = lists:usort(get_jids(Never0)), + case write_prefs(LUser, LServer, LServer, Default, Always, Never) of + ok -> + NewPrefs = prefs_el(Default, Always, Never, NS), + xmpp:make_iq_result(IQ, NewPrefs); + _Err -> + Txt = <<"Database failure">>, + xmpp:make_error(IQ, xmpp:err_internal_server_error(Txt, Lang)) + end; + deny -> + Txt = <<"MAM preference modification denied by service policy">>, + xmpp:make_error(IQ, xmpp:err_forbidden(Txt, Lang)) end; process_iq(#iq{from = #jid{luser = LUser, lserver = LServer}, to = #jid{lserver = LServer}, lang = Lang, @@ -1257,7 +1264,9 @@ mod_opt_type(default) -> mod_opt_type(request_activates_archiving) -> fun (B) when is_boolean(B) -> B end; mod_opt_type(clear_archive_on_room_destroy) -> - fun (B) when is_boolean(B) -> B end. + fun (B) when is_boolean(B) -> B end; +mod_opt_type(access_preferences) -> + fun acl:access_rules_validator/1. mod_options(Host) -> [{assume_mam_usage, false}, @@ -1265,6 +1274,7 @@ mod_options(Host) -> {request_activates_archiving, false}, {compress_xml, false}, {clear_archive_on_room_destroy, true}, + {access_preferences, all}, {db_type, ejabberd_config:default_db(Host, ?MODULE)}, {use_cache, ejabberd_config:use_cache(Host)}, {cache_size, ejabberd_config:cache_size(Host)}, |