Diff

mod_restrict_xmpp/mod_restrict_xmpp.lua @ 5582:825c6fb76c48

Multiple modules: Update for split prosody:user role (prosody 082c7d856e61)
author Matthew Wild <mwild1@gmail.com>
date Thu, 29 Jun 2023 15:58:33 +0100
parent 5010:a1f49586d28a
child 5770:111e970213a0
line wrap: on
line diff
--- a/mod_restrict_xmpp/mod_restrict_xmpp.lua	Wed Jun 28 21:47:22 2023 +0200
+++ b/mod_restrict_xmpp/mod_restrict_xmpp.lua	Thu Jun 29 15:58:33 2023 +0100
@@ -3,7 +3,18 @@
 local set = require "util.set";
 local st = require "util.stanza";
 
-module:default_permission("prosody:user", "xmpp:federate");
+local normal_user_role = "prosody:registered";
+local limited_user_role = "prosody:guest";
+
+local features = require "core.features";
+
+-- COMPAT
+if not features.available:contains("split-user-roles") then
+	normal_user_role = "prosody:user";
+	limited_user_role = "prosody:restricted";
+end
+
+module:default_permission(normal_user_role, "xmpp:federate");
 module:hook("route/remote", function (event)
 	if not module:may("xmpp:federate", event) then
 		if event.stanza.attr.type ~= "result" and event.stanza.attr.type ~= "error" then
@@ -93,12 +104,12 @@
 
 --module:default_permission("prosody:restricted", "xmpp:account:read");
 --module:default_permission("prosody:restricted", "xmpp:account:write");
-module:default_permission("prosody:restricted", "xmpp:account:messages:read");
-module:default_permission("prosody:restricted", "xmpp:account:messages:write");
+module:default_permission(limited_user_role, "xmpp:account:messages:read");
+module:default_permission(limited_user_role, "xmpp:account:messages:write");
 for _, property_list in ipairs({ iq_namespaces, legacy_storage_nodes, pep_nodes }) do
 	for account_property in set.new(array.collect(it.values(property_list))) do
-		module:default_permission("prosody:restricted", "xmpp:account:"..account_property..":read");
-		module:default_permission("prosody:restricted", "xmpp:account:"..account_property..":write");
+		module:default_permission(limited_user_role, "xmpp:account:"..account_property..":read");
+		module:default_permission(limited_user_role, "xmpp:account:"..account_property..":write");
 	end
 end