mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

MUC: Allow kicking users with the same affiliation as the kicker (fixes #1724)

Browse source 
This is allowed by XEP-0045, which states:

"A moderator SHOULD NOT be allowed to revoke moderation privileges from
someone with a higher affiliation than themselves (i.e., an unaffiliated
moderator SHOULD NOT be allowed to revoke moderation privileges from an admin
or an owner, and an admin SHOULD NOT be allowed to revoke moderation
privileges from an owner)."
This commit is contained in:
Matthew Wild 2022-03-23 13:38:55 +00:00
parent e950ca77eb
commit cbcb57fa24
1 changed files with 5 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

9
plugins/muc/muc.lib.lua
View file

@ -1583,15 +1583,16 @@ function room_mt:may_set_role(actor, occupant, role)
return event.allowed, event.error, event.condition;
end
-- Can't do anything to other owners or admins
local occupant_affiliation = self:get_affiliation(occupant.bare_jid);
if occupant_affiliation == "owner" or occupant_affiliation == "admin" then
local actor_affiliation = self:get_affiliation(actor) or "none";
local occupant_affiliation = self:get_affiliation(occupant.bare_jid) or "none";
-- Can't do anything to someone with higher affiliation
if valid_affiliations[actor_affiliation] < valid_affiliations[occupant_affiliation] then
return nil, "cancel", "not-allowed";
end
-- If you are trying to give or take moderator role you need to be an owner or admin
if occupant.role == "moderator" or role == "moderator" then
local actor_affiliation = self:get_affiliation(actor);
if actor_affiliation ~= "owner" and actor_affiliation ~= "admin" then
return nil, "cancel", "not-allowed";
end