Apply privacy policy to a user via ejabberdctl

I'm trying to create and apply default policy list to a user upon his registration.

Right now i'm able to send policy list with policy_set rule. It is created for user, but is not applied when he logs in.

I've tried to use send_stanza message, but i'm getting 405 not-allowed error (command itself is allowed, the stanza seems to be not allowed)

I've tried different stanzas, for example here is one of my last calls that still gives 405:
./bin/ejabberdctl send_stanza user@chat.server.com user@chat.server.com '<iq xmlns="jabber:client" type="set" id="1234"><query xmlns="jabber:iq:privacy"><default name="core" /></query></iq>'

Here is error log:

2016-12-02 12:01:33.670 [debug] <0.7404.0>@ejabberd_commands:do_execute_command:578 Executing command mod_admin_extra:send_stanza with Args=[<<"user@chat.server.com">>,<<"user@chat.server.com">>,<<"<iq xmlns=\"jabber:client\" type=\"set\" id=\"1234\"><query xmlns=\"jabber:iq:privacy\"><default name=\"core\" /></query></iq>">>]
2016-12-02 12:01:33.670 [debug] <0.7404.0>@ejabberd_router:do_route:351 route
        from {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"xmlns">>,<<"jabber:client">>},{<<"type">>,<<"set">>},{<<"id">>,<<"1234">>}],[{xmlel,<<"query">>,[{<<"xmlns">>,<<"jabber:iq:privacy">>}],[{xmlel,<<"default">>,[{<<"name">>,<<"core">>}],[]}]}]}
2016-12-02 12:01:33.670 [debug] <0.7404.0>@ejabberd_local:do_route:265 local route
        from {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"xmlns">>,<<"jabb"...>>},{<<"type">>,<<...>>},{<<...>>,...}],[{xmlel,<<...>>,...}]}
2016-12-02 12:01:33.670 [debug] <0.7404.0>@ejabberd_sm:do_route:463 session manager
        from {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"xmlns">>,<<"jabb"...>>},{<<"type">>,<<...>>},{<<...>>,...}],[{xmlel,<<...>>,...}]}
2016-12-02 12:01:33.671 [debug] <0.440.0>@ejabberd_router:do_route:351 route
        from {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"id">>,<<"1234">>},{<<"type">>,<<"error">>}],[{xmlel,<<"query">>,[{<<"xmlns">>,<<"jabber:iq:privacy">>}],[{xmlel,<<"default">>,[{<<"name">>,<<"core">>}],[]}]},{xmlel,<<"error">>,[{<<"code">>,<<"405">>},{<<"type">>,<<"cancel">>}],[{xmlel,<<"not-allowed">>,[{<<"xmlns">>,<<"urn:ietf:params:xml:ns:xmpp-stanzas">>}],[]}]}]}
2016-12-02 12:01:33.671 [debug] <0.440.0>@ejabberd_local:do_route:265 local route
        from {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"id">>,<<"1234"...>>},{<<"type">>,<<...>>}],[{xmlel,<<...>>,...},{xmlel,...}]}
2016-12-02 12:01:33.671 [debug] <0.440.0>@ejabberd_sm:do_route:463 session manager
        from {jid,<<"user">>,<<"chat.serer.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        to {jid,<<"user">>,<<"chat.server.com">>,<<>>,<<"user">>,<<"chat.server.com">>,<<>>}
        packet {xmlel,<<"iq">>,[{<<"id">>,<<"1234"...>>},{<<"type">>,<<...>>}],[{xmlel,<<...>>,...},{xmlel,...}]}

The only way i was able to apply policy was via sending sent_stanza_c2s with specifying user's resource (user should be logged in and have an active session). While this works, it is not an option for me as i don't have any active sessions when user is registered (we register users via api call) and it has to work for all resources user might have.

Another path to implement

Another path to implement what you want, may be to write a custom ejabberd module that adds a hook to the account registration event. In that cases, it adds to the database the required privacy lists, or whatever table items that you are missing right now.

Unfortunately i have

Unfortunately i have absolutely no knowledge in erlang so writing ejabberd module is not an option for me right now.

Maybe there is a way to see why i receive 405 error and some way to alter configuration to make it work?

Syndicate content