Diff

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_restrict_xmpp/README.md	Tue Mar 18 00:31:36 2025 +0700
@@ -0,0 +1,61 @@
+---
+labels:
+- Stage-Alpha
+summary: XMPP-layer access control for Prosody
+---
+
+Introduction
+============
+
+This module enforces access policies using Prosody's new [roles and
+permissions framework](https://prosody.im/doc/developers/permissions). It can
+be used to grant restricted access to an XMPP account or services.
+
+This module is still in its early stages, and prone to change. Feedback from
+testers is welcome. At this early stage, it should not be solely relied upon
+for account security purposes.
+
+Configuration
+=============
+
+There is no configuration, apart from Prosody's normal roles and permissions
+configuration.
+
+Permissions
+===========
+
+`xmpp:federate`
+:   Communicate with other users and services on other hosts on the XMPP
+    network
+
+`xmpp:account:messages:read`
+:   Read incoming messages
+
+`xmpp:account:messages:write`
+:   Send outgoing messages
+
+`xmpp:account:presence:write`
+:   Update presence for the account
+
+`xmpp:account:contacts:read`/`xmpp:account:contacts:write`
+:   Controls access to the contact list (roster)
+
+`xmpp:account:bookmarks:read`/`xmpp:account:bookmarks:write`
+:   Controls access to the bookmarks (group chats list)
+
+`xmpp:account:profile:read`/`xmpp:account:profile:write`
+:   Controls access to the user's profile (e.g. vCard/avatar)
+
+`xmpp:account:omemo:read`/`xmpp:account:omemo:write`
+:   Controls access to the user's OMEMO data
+
+`xmpp:account:blocklist:read`/`xmpp:account:blocklist:write`
+:   Controls access to the user's block list
+
+`xmpp:account:disco:read`
+:   Controls access to the user's service discovery information
+
+Compatibility
+=============
+
+Requires Prosody trunk 72f431b4dc2c (build 1444) or later.