prosody-modules
527c747711f3
mod_muc_config_restrict/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_muc_config_restrict/README.markdown @ 5705:527c747711f3

mod_http_oauth2: Limit revocation to clients own tokens in strict mode RFC 7009 section 2.1 states: > The authorization server first validates the client credentials (in > case of a confidential client) and then verifies whether the token was > issued to the client making the revocation request. If this > validation fails, the request is refused and the client is informed of > the error by the authorization server as described below. The first part was already covered (in strict mode). This adds the later part using the hash of client_id recorded in 0860497152af It still seems weird to me that revoking a leaked token should not be allowed whoever might have discovered it, as that seems the responsible thing to do.
author Kim Alvefur <zash@zash.se>
date Sun, 29 Oct 2023 11:30:49 +0100
parent 5007:34fb3d239ac1
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: Restrict MUC configuration options to server admins
...

Introduction
============

Sometimes, especially on public services, you may want to allow people
to create their own rooms, but prevent some options from being modified
by normal users.

For example, using this module you can prevent users from making rooms
persistent, or making rooms publicly visible.

Details
=======

You need to supply a list of options that will be restricted to admins.
Available options can vary, but the following table lists Prosody's
built-in options (as defined in XEP-0045):

  Name                              Description
  --------------------------------- -------------------------------------------
  muc\#roomconfig\_roomname         The title/name of the room
  muc\#roomconfig\_roomdesc         The description of the room
  muc\#roomconfig\_persistentroom   Whether the room should remain when empty
  muc\#roomconfig\_publicroom       Whether the room is publicly visible
  muc\#roomconfig\_changesubject    Whether occupants can change the subject
  muc\#roomconfig\_whois            Control who can see occupant's real JIDs
  muc\#roomconfig\_roomsecret       The room password
  muc\#roomconfig\_moderatedroom    Whether the room is moderated
  muc\#roomconfig\_membersonly      Whether the room is members-only
  muc\#roomconfig\_historylength    The length of the room history

Some plugins may add other options to the room config (in Prosody
0.10+), for which you will need to consult their documentation for the
full option name.

Configuration
=============

Enable the plugin on a MUC host (do not put it in your global
modules\_enabled list):

``` {.lua}
Component "conference.example.com" "muc"
modules_enabled = { "muc_config_restrict" }
muc_config_restricted = {
  "muc#roomconfig_persistentroom"; -- Prevent non-admins from changing a room's persistence setting
  "muc#roomconfig_membersonly"; -- Prevent non-admins from changing whether rooms are members-only
}
```

Compatibility
=============

  ------- --------------
  trunk   Doesn't work (uses is_admin)
  0.12    Works?
  ------- --------------