For deployments that have https://hg.prosody.im/trunk/file/tip/plugins/muc/register.lib.lua#l7 and use https://modules.prosody.im/mod_muc_http_auth.html users can still register to a MUC even if they are not allowed to join. That means they would receive RAI or RMN, for instance.
--- a/mod_muc_http_auth/mod_muc_http_auth.lua Mon Dec 14 12:09:25 2020 +0000
+++ b/mod_muc_http_auth/mod_muc_http_auth.lua Tue Dec 15 11:26:29 2020 +0100
@@ -9,6 +9,7 @@
local enabled_for = module:get_option_set("muc_http_auth_enabled_for", nil)
local disabled_for = module:get_option_set("muc_http_auth_disabled_for", nil)
local insecure = module:get_option("muc_http_auth_insecure", false) --For development purposes
+local authorize_registration = module:get_option("muc_http_auth_authorize_registration", false)
local function must_be_authorized(room_node)
-- If none of these is set, all rooms need authorization
@@ -76,5 +77,8 @@
return;
end
+if authorize_registration then
+ module:hook("muc-register-iq", handle_presence);
+end
module:hook("muc-occupant-pre-join", handle_presence);
\ No newline at end of file