mod_authz_internal: Make 'prosody:guest' default role for all unknown JIDs This fixes an issue where e.g. remote users or even other users on the server were unable to list MUC rooms. We want to define a permission to list MUC rooms, but we want it to be available to everyone by default (the traditional behaviour). prosody:guest is the lowest role we have. I ran a quick check and it isn't really used for anything right now that would be concerning. It was originally designed for anonymous logins. I think it's safe to treat remote JIDs as equivalent, since we have no trust relationship with anonymous users either.

author: Matthew Wild <mwild1@gmail.com>
date: Tue, 07 Jan 2025 14:41:32 +0000
parent: 13541:3dc3781d02cd
child: 13621:eb676b6f05e3
--- a/plugins/mod_authz_internal.lua	Tue Jan 07 14:27:34 2025 +0000
+++ b/plugins/mod_authz_internal.lua	Tue Jan 07 14:41:32 2025 +0000
@@ -18,8 +18,8 @@
 local host_user_role, server_user_role, public_user_role;
 if is_component then
 	host_user_role = module:get_option_string("host_user_role", "prosody:registered");
-	server_user_role = module:get_option_string("server_user_role");
-	public_user_role = module:get_option_string("public_user_role");
+	server_user_role = module:get_option_string("server_user_role", "prosody:guest");
+	public_user_role = module:get_option_string("public_user_role", "prosody:guest");
 end
 
 local role_store = module:open_store("account_roles");