I use ejabberd to run a corporate IM service, and both I and my users are happy with it.
There's one issue I'm missing however.
My users are typically running multi-protocol clients (Pidgin, Adium, etc.), which they also use for their personal IM accounts, both on GTalk, MSN, and others. This is fine, of course, but as some of their clients consider personal info, eg. nickname and profile photo, a program-wide set of attributes, my users' rosters and vcards are often polluted with non-corporate info.
I use a bunch of scripts to populate vcards and shared roster groups with 'ejabberdctl', and ideally I'd like to be able to configure ejabberd to only take these updates into account, and restrict vcard updates and relevant presence notifications from clients, so that rosters and vcard databases are kept intact.
How can this be done?
Write access to vcard isn't
Write access to vcard isn't configurable.
But with this change in the ejabberd source code, only requests made from a session with resource "mod_admin_extra" will succeed. Your ejabberdctl calls send stanzas with that resource, so they succeed. Of course, this means that other client could also modify his vcard, if he knows what resource he must use to login.
diff --git a/src/mod_vcard.erl b/src/mod_vcard.erl index 3b70fe2..c951ff2 100644 --- a/src/mod_vcard.erl +++ b/src/mod_vcard.erl @@ -181,7 +181,8 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) -> case Type of set -> #jid{user = User, lserver = LServer} = From, - case lists:member(LServer, ?MYHOSTS) of + case (From#jid.resource == "mod_admin_extra") + andalso (lists:member(LServer, ?MYHOSTS)) of true -> set_vcard(User, LServer, SubEl), IQ#iq{type = result, sub_el = []};Sorry, for taking to long to
Sorry, for taking to long to respond. But thanks for this!
I tried applying this to 14.05, but it required a minor change to work as intended. I don't know if this was just a typo in the original patch, or if the data structure actually changed since then.
This is the patch I ended up applying:
diff --git a/src/mod_vcard.erl b/src/mod_vcard.erlindex 3b70fe2..c951ff2 100644
--- a/src/mod_vcard.erl
+++ b/src/mod_vcard.erl
@@ -181,7 +181,8 @@ process_sm_iq(From, To, #iq{type = Type, sub_el = SubEl} = IQ) ->
case Type of
set ->
#jid{user = User, lserver = LServer} = From,
- case lists:member(LServer, ?MYHOSTS) of
+ case (From#jid.resource == <<"mod_admin_extra">>)
+ andalso (lists:member(LServer, ?MYHOSTS)) of
true ->
set_vcard(User, LServer, SubEl),
IQ#iq{type = result, sub_el = []};
Thanks again!
Jesper.
You are right, most ejabberd
You are right, most ejabberd internal information is now stored as binaries like <<"this">>, not as string like "this".