# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1636457958 0
# Node ID ea93b204104e7a50c7eb1901432743b074b4890e
# Parent  abac64f7169879b32d8502786024cd1e24f614f2
mod_invites_adhoc: Allow role-based permissions to override default policy

diff -r abac64f71698 -r ea93b204104e mod_invites_adhoc/mod_invites_adhoc.lua
--- a/mod_invites_adhoc/mod_invites_adhoc.lua	Tue Nov 09 11:33:06 2021 +0000
+++ b/mod_invites_adhoc/mod_invites_adhoc.lua	Tue Nov 09 11:39:18 2021 +0000
@@ -40,35 +40,34 @@
 		},
 	});
 
--- This is for checking if username (on the current host)
--- may create invites that allow people to register accounts
--- on this host.
+-- This is for checking if the specified JID may create invites
+-- that allow people to register accounts on this host.
 local function may_invite_new_users(jid)
-	if allow_user_invites then
-		return true;
-	end
 	if usermanager.get_roles then
 		local user_roles = usermanager.get_roles(jid, module.host);
 		if not user_roles then return; end
 		if user_roles["prosody:admin"] then
 			return true;
-		elseif deny_user_invite_roles then
-			for denied_role in deny_user_invite_roles do
-				if user_roles[denied_role] then
-					return false;
-				end
-			end
-		elseif allow_user_invite_roles then
+		end
+		if allow_user_invite_roles then
 			for allowed_role in allow_user_invite_roles do
 				if user_roles[allowed_role] then
 					return true;
 				end
 			end
 		end
-	elseif usermanager.is_admin(jid, module.host) then
-		return true;
+		if deny_user_invite_roles then
+			for denied_role in deny_user_invite_roles do
+				if user_roles[denied_role] then
+					return false;
+				end
+			end
+		end
+	elseif usermanager.is_admin(jid, module.host) then -- COMPAT w/0.11
+		return true; -- Admins may always create invitations
 	end
-	return false;
+	-- No role matches, so whatever the default is
+	return allow_user_invites;
 end
 
 module:depends("adhoc");