# HG changeset patch # User Matthew Wild # Date 1611824189 0 # Node ID d1230d32d709e7f6d6e1aef6cdfabbe62ed976c0 # Parent 44f6537f6427d636bab985d4136514439b1a470f mod_invites_adhoc: Add support for specifying roles that may invite users, admins may always invite diff -r 44f6537f6427 -r d1230d32d709 mod_invites_adhoc/mod_invites_adhoc.lua --- a/mod_invites_adhoc/mod_invites_adhoc.lua Thu Jan 28 07:04:11 2021 +0000 +++ b/mod_invites_adhoc/mod_invites_adhoc.lua Thu Jan 28 08:56:29 2021 +0000 @@ -2,6 +2,7 @@ local dataforms = require "util.dataforms"; local datetime = require "util.datetime"; local split_jid = require "util.jid".split; +local usermanager = require "core.usermanager"; local new_adhoc = module:require("adhoc").new; @@ -12,6 +13,8 @@ -- on the server, use the option above instead. local allow_contact_invites = module:get_option_boolean("allow_contact_invites", true); +local allow_user_invite_roles = module:get_option_set("allow_user_invites_by_roles"); + local invites; if prosody.shutdown then -- COMPAT hack to detect prosodyctl invites = module:depends("invites"); @@ -36,6 +39,31 @@ }, }); +-- This is for checking if username (on the current host) +-- may create invites that allow people to register accounts +-- on this host. +local function may_invite_new_users(jid) + if allow_user_invites then + return true; + end + if usermanager.get_roles then + local user_roles = usermanager.get_roles(jid, module.host); + if not user_roles then return; end + if user_roles["prosody:admin"] then + return true; + elseif allow_user_invite_roles then + for allowed_role in allow_user_invite_roles do + if user_roles[allowed_role] then + return true; + end + end + end + elseif usermanager.is_admin(jid, module.host) then + return true; + end + return false; +end + module:depends("adhoc"); -- This command is available to all local users, even if allow_user_invites = false @@ -53,7 +81,7 @@ }; }; end - local invite = invites.create_contact(username, allow_user_invites, { + local invite = invites.create_contact(username, may_invite_new_users(data.from), { source = data.from }); --TODO: check errors