mod_admin_blocklist: Add config option for which role(s) to consider (0.12+)
Fixes that in trunk, a "prosody:operator" (formerly a global admin) is
not considered a "prosody:admin", so those were not included in the set.
--- a/mod_admin_blocklist/README.markdown Sat Aug 27 15:39:38 2022 +0200
+++ b/mod_admin_blocklist/README.markdown Sat Aug 27 16:36:22 2022 +0200
@@ -8,3 +8,19 @@
So if an admin blocks a bare domain using [Blocking Command][xep191]
via [mod\_blocklist][doc:modules:mod_blocklist] then no s2s connections
will be allowed to or from that domain.
+
+# Configuring
+
+## Prosody 0.12
+
+Starting with Prosody 0.12, the role or roles that determine whether a
+particular users blocklist is used can be configured:
+
+```lua
+-- This is the default:
+admin_blocklist_roles = { "prosody:operator", "prosody:admin" }
+```
+
+## Prosody 0.11
+
+In Prosody 0.11 the [`admins`][doc:admins] setting is used.
--- a/mod_admin_blocklist/mod_admin_blocklist.lua Sat Aug 27 15:39:38 2022 +0200
+++ b/mod_admin_blocklist/mod_admin_blocklist.lua Sat Aug 27 16:36:22 2022 +0200
@@ -2,7 +2,7 @@
--
-- If a local admin has blocked a domain, don't allow s2s to that domain
--
--- Copyright (C) 2015-2021 Kim Alvefur
+-- Copyright (C) 2015-2022 Kim Alvefur
--
-- This file is MIT/X11 licensed.
--
@@ -17,7 +17,12 @@
local admins;
if usermanager.get_jids_with_role then
local set = require "util.set";
- admins = set.new(usermanager.get_jids_with_role("prosody:admin", module.host));
+ local include_roles = module:get_option_set("admin_blocklist_roles", { "prosody:operator"; "prosody:admin" });
+
+ admins = set.new();
+ for role in include_roles do
+ admins:include(set.new(usermanager.get_jids_with_role(role, module.host)));
+ end
else -- COMPAT w/pre-0.12
admins = module:get_option_inherited_set("admins", {});
end