ejabberd - Comments for "access_from - anonymous registration bug?"

Gordon? Have you tested this

Tomcat — Thu, 17 Nov 2011 11:23:33 +0000

Gordon? Have you tested this yet? I need this feature too.

Gordon wrote: Thank you so

mfoss — Sat, 29 Oct 2011 19:31:40 +0000

Gordon wrote:

Thank you so much! We will definitely apply this... I wonder if this should become a trunk modification for future users of access_from ?

Once you try it and comment here that it works perfectly, I'll request the change for inclusion in trunk.

Thank you so much! We will

Gordon — Wed, 26 Oct 2011 20:16:10 +0000

Thank you so much! We will definitely apply this... I wonder if this should become a trunk modification for future users of access_from ?

The option access_from was

mfoss — Wed, 26 Oct 2011 12:01:32 +0000

The option access_from was only designed to restrict JIDs of authenticated users.

But I think removing two lines allows far more configurations:

--- a/src/mod_register.erl
+++ b/src/mod_register.erl
@@ -414,8 +414,6 @@ send_registration_notifications(UJID, Source) ->
            ok
     end.
 
-check_from(#jid{user = "", server = ""}, _Server) ->
-    allow;
 check_from(JID, Server) ->
     Access = gen_mod:get_module_opt(Server, ?MODULE, access_from, none),
     acl:match_rule(Server, Access, JID).

With that patch now I can configure what you want:

%% Only admins can register accounts, not even unauthenticated users (requires patch)
{access, register_from, [{allow, admin}, {deny, all}]}.

%% Only authenticated users can register (requires patch)
%%{acl, unauthenticated, {user, "", ""}}.
%%{access, register_from, [{deny, unauthenticated}, {allow, all}]}.