ejabberd - Comments for "Disable user delete from jabber clients"

It will be so

K0NCTANT1N — Wed, 30 Mar 2011 08:59:49 +0000

It will be so:

{modules,
 [
  ...
  %% {mod_register, [{access, register}]},
  ...
 ]}.

mod_adhoc access control?

cribz — Mon, 28 Mar 2011 10:38:27 +0000

K0NCTANT1N wrote:

Read instruction more http://www.process-one.net/docs/ejabberd/guide_en.html#htoc56

Thanks, indeed I already had denied access to mod_register to anyone, as described in the user guide:

{access, register, [{deny, all}]}.
{modules,
 [
  ...
  {mod_register, [{access, register}]},
  ...
 ]}.

...but the user was able to delete his account anyway!

So I guess this is a mod_adhoc problem. But I didn't find any documentation about settin access controls on mod_adhoc. Is this possible?

cribz wrote: Hi, a user

mfoss — Sun, 27 Mar 2011 00:25:44 +0000

cribz wrote:

Hi, a user accidentally deleted his ejabberd account using his jabber client. How can I prevent this?

Is there a way to set ACLs in order to prevent users from running the "delete user" command (or maybe all administration commands?), and only allow "admin" users to run potentially unsafe commands?

mod_register only has Access options to control registration, not unregistration.

The only solution is to disable mod_register completely. Accounts can still be deleted using ejabberdctl, WebAdmin and Adhoc Commands.

cribz wrote: Hi, a user

K0NCTANT1N — Thu, 24 Mar 2011 13:56:46 +0000

cribz wrote:

Hi, a user accidentally deleted his ejabberd account using his jabber client. How can I prevent this?

Is there a way to set ACLs in order to prevent users from running the "delete user" command (or maybe all administration commands?), and only allow "admin" users to run potentially unsafe commands?

Read instruction more http://www.process-one.net/docs/ejabberd/guide_en.html#htoc56