Mercurial > prosody-modules

view mod_muc_config_restrict/mod_muc_config_restrict.lua @ 5513:0005d4201030

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Reject duplicate form-urlencoded parameters Per RFC 6749 section 3.1 > Request and response parameters MUST NOT be included more than once. Thanks to OAuch for pointing out Also cleans up some of the icky behavior of formdecode(), like returning a string if no '=' is included.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 11:03:57 +0200
parents ed7431fd3b47
children
line wrap: on
line source

local is_admin = require "core.usermanager".is_admin;
local t_remove = table.remove;

local restricted_options = module:get_option_set("muc_config_restricted", {})._items;

function handle_config_submit(event)
	local stanza = event.stanza;
	if is_admin(stanza.attr.from, module.host) then return; end -- Don't restrict admins
	local fields = event.fields;
	for option in restricted_options do
		fields[option] = nil; -- Like it was never there
	end
end

function handle_config_request(event)
	if is_admin(event.actor, module.host) then return; end -- Don't restrict admins
	local form = event.form;
	for i = #form, 1, -1 do
		if restricted_options[form[i].name] then
			t_remove(form, i);
		end
	end
end

module:hook("muc-config-submitted", handle_config_submit);
module:hook("muc-config-form", handle_config_request);