changeset 4767:ea93b204104e

mod_invites_adhoc: Allow role-based permissions to override default policy
author Matthew Wild <mwild1@gmail.com>
date Tue, 09 Nov 2021 11:39:18 +0000
parents abac64f71698
children 8bd36bba2292
files mod_invites_adhoc/mod_invites_adhoc.lua
diffstat 1 files changed, 15 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/mod_invites_adhoc/mod_invites_adhoc.lua	Tue Nov 09 11:33:06 2021 +0000
+++ b/mod_invites_adhoc/mod_invites_adhoc.lua	Tue Nov 09 11:39:18 2021 +0000
@@ -40,35 +40,34 @@
 		},
 	});
 
--- This is for checking if username (on the current host)
--- may create invites that allow people to register accounts
--- on this host.
+-- This is for checking if the specified JID may create invites
+-- that allow people to register accounts on this host.
 local function may_invite_new_users(jid)
-	if allow_user_invites then
-		return true;
-	end
 	if usermanager.get_roles then
 		local user_roles = usermanager.get_roles(jid, module.host);
 		if not user_roles then return; end
 		if user_roles["prosody:admin"] then
 			return true;
-		elseif deny_user_invite_roles then
-			for denied_role in deny_user_invite_roles do
-				if user_roles[denied_role] then
-					return false;
-				end
-			end
-		elseif allow_user_invite_roles then
+		end
+		if allow_user_invite_roles then
 			for allowed_role in allow_user_invite_roles do
 				if user_roles[allowed_role] then
 					return true;
 				end
 			end
 		end
-	elseif usermanager.is_admin(jid, module.host) then
-		return true;
+		if deny_user_invite_roles then
+			for denied_role in deny_user_invite_roles do
+				if user_roles[denied_role] then
+					return false;
+				end
+			end
+		end
+	elseif usermanager.is_admin(jid, module.host) then -- COMPAT w/0.11
+		return true; -- Admins may always create invitations
 	end
-	return false;
+	-- No role matches, so whatever the default is
+	return allow_user_invites;
 end
 
 module:depends("adhoc");