mod_vcard_muc: take roles into account for access check
This allows admins on the MUC component to force-set avatars, even
if they are not owners in a particular MUC, similar to how they
are granted auto-ownership in other contexts.
Introduction
============
This module attempts to sanitize XHTML-IM messages.
It does **not** attempt to sanitize any CSS embedded in `style`
attributes, these are instead stripped by default.
Configuration
=============
Option Type Default
------------------------ --------- ---------
`strip_xhtml_style` boolean `true`
`bounce_invalid_xhtml` boolean `false`