Changeset

5017:96e83b4a93f7

mod_admin_blocklist: Add config option for which role(s) to consider (0.12+) Fixes that in trunk, a "prosody:operator" (formerly a global admin) is not considered a "prosody:admin", so those were not included in the set.
author Kim Alvefur <zash@zash.se>
date Sat, 27 Aug 2022 16:36:22 +0200 (2022-08-27)
parents 5016:964de9997552
children 5018:ed2a9a4c4f01
files mod_admin_blocklist/README.markdown mod_admin_blocklist/mod_admin_blocklist.lua
diffstat 2 files changed, 23 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_admin_blocklist/README.markdown	Sat Aug 27 15:39:38 2022 +0200
+++ b/mod_admin_blocklist/README.markdown	Sat Aug 27 16:36:22 2022 +0200
@@ -8,3 +8,19 @@
 So if an admin blocks a bare domain using [Blocking Command][xep191]
 via [mod\_blocklist][doc:modules:mod_blocklist] then no s2s connections
 will be allowed to or from that domain.
+
+# Configuring
+
+## Prosody 0.12
+
+Starting with Prosody 0.12, the role or roles that determine whether a
+particular users blocklist is used can be configured:
+
+```lua
+-- This is the default:
+admin_blocklist_roles = { "prosody:operator", "prosody:admin" }
+```
+
+## Prosody 0.11
+
+In Prosody 0.11 the [`admins`][doc:admins] setting is used.
--- a/mod_admin_blocklist/mod_admin_blocklist.lua	Sat Aug 27 15:39:38 2022 +0200
+++ b/mod_admin_blocklist/mod_admin_blocklist.lua	Sat Aug 27 16:36:22 2022 +0200
@@ -2,7 +2,7 @@
 --
 -- If a local admin has blocked a domain, don't allow s2s to that domain
 --
--- Copyright (C) 2015-2021 Kim Alvefur
+-- Copyright (C) 2015-2022 Kim Alvefur
 --
 -- This file is MIT/X11 licensed.
 --
@@ -17,7 +17,12 @@
 local admins;
 if usermanager.get_jids_with_role then
 	local set = require "util.set";
-	admins = set.new(usermanager.get_jids_with_role("prosody:admin", module.host));
+	local include_roles = module:get_option_set("admin_blocklist_roles", { "prosody:operator"; "prosody:admin" });
+
+	admins = set.new();
+	for role in include_roles do
+		admins:include(set.new(usermanager.get_jids_with_role(role, module.host)));
+	end
 else -- COMPAT w/pre-0.12
 	admins = module:get_option_inherited_set("admins", {});
 end