Using the following ACL and mod_register rules I can:
a) Register a new user when logged in as the admin user - GOOD
b) Registration denied when I'm logged in as a non-admin user - GOOD
c) Register a new user when connected _without_ authentication - BAD!!!!!!!!
Can someone shed light on the fact that access_from is reliable with its ACL until an anonymous user attempts the registration? Shouldn't it be disabled? Am I missing something in the ACL, like {deny, s2s} ?
{access, restrict_others, [{allow, admin}, {deny, all}]}. {modules, [ {mod_register, [{access_from, restrict_others} ] } ]}.
The option access_from was
The option access_from was only designed to restrict JIDs of authenticated users.
But I think removing two lines allows far more configurations:
With that patch now I can configure what you want:
Thank you so much! We will
Thank you so much! We will definitely apply this... I wonder if this should become a trunk modification for future users of access_from ?
Gordon wrote: Thank you so
Thank you so much! We will definitely apply this... I wonder if this should become a trunk modification for future users of access_from ?
Once you try it and comment here that it works perfectly, I'll request the change for inclusion in trunk.
Gordon? Have you tested this
Gordon? Have you tested this yet? I need this feature too.