[ejabberd] Users can join a password protected room + another question

Badlop badlop at gmail.com
Wed Jun 6 15:53:22 MSK 2012


On 1 June 2012 20:58, Bzzz <lazyvirus at gmx.com> wrote:
> {access, muc_admin, [{allow, all}]}.  %% Anybody can create (FUGITIVE) rooms
> {access, muc_admin_persistent, [{allow, admin}]}. %% BUT ONLY admins can create PERSISTENT rooms
> {access, muc_access, [{allow, all}]}.  %% All users are allowed to use MUC service

With that, muc_admin allows everybody.


>    {mod_muc,  [
>        {host, "conference. at HOST@"},
>        {access, muc_access},           %% Who's able to access rooms?
>        {access_create, muc_admin},     %% Who's able to create rooms?
>        {access_persistent, muc_admin_persistent},  %% Only admins can create persistent rooms
>        {access_admin, muc_admin},      %% Only admins can administer rooms

And with that, access_admin is for everybody.

> * Users can create fugitive rooms, but if the user protect he's room
>  w/ a password, any other user can connect without entering this
>  password!? (my test users are, of course, not admins).

Right, because access_admin allows, among other things, to bypass the
room passwords verification.


> So, my 1st question is: where am I wrong with users's rooms password
> access not working?


Your configuration is incorrect for what you want to do.
Probably this will be better:

{access, muc_everyone [{allow, all}]}.
{access, muc_admin, [{allow, admin}]}.

and then (notice that I set in capital some conceptual corrections):

        {access, muc_everyone},           %% Who's able to access rooms?
        {access_create, muc_everyone},     %% Who's able to create rooms?
        {access_persistent, muc_admin},  %% Only admins can SET ROOMS
AS persistent
        {access_admin, muc_admin},      %% Only admins can administer
THE SERVICE


> My 2nd question is: where can I found a correspondance list between
> pidgin room detailed options and ejabberd primitives, in order to
> have the room details pre-filled as I want (thus people won't have
> to edit details)?


Maybe you find what you want in:
https://git.process-one.net/ejabberd/mainline/blobs/raw/v2.1.11/doc/guide.html#modmuc


---
Badlop
ProcessOne


More information about the ejabberd mailing list