changeset 13888:0dd82a8f1913 13.0 13.0.2

MUC: Ensure allow MUC PM setting has valid value (fixes #1933) In case allow PM is set to "affiliated" or something other than a valid role name, but the user is not affiliated, the valid_roles lookup would return nil, triggering a comparison error. This ensures that the setting is validated going in and out of the database and that the "affiliated" case proceeds correctly. Also adds a compat mapping for the value "anyone", used in XEP-0045 and submitted by default by Gajim.
author Kim Alvefur <zash@zash.se>
date Sun, 25 May 2025 15:36:17 +0200
parents cbb8dc92daa9
children 9c48d555c8a6 8769ca1b4c0f
files plugins/muc/restrict_pm.lib.lua
diffstat 1 files changed, 9 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/muc/restrict_pm.lib.lua	Sat May 24 15:53:46 2025 +0200
+++ b/plugins/muc/restrict_pm.lib.lua	Sun May 25 15:36:17 2025 +0200
@@ -11,15 +11,19 @@
 	participants = "participant";
 	moderators = "moderator";
 	members = "affiliated";
+	anyone = "visitor";
 };
 
 local function get_allow_pm(room)
 	local val = room._data.allow_pm;
-	return compat_map[val] or val or "visitor";
+	val = compat_map[val] or val or "visitor";
+	if not (val == "affiliated" or valid_roles[val]) then return "visitor"; end
+	return val;
 end
 
 local function set_allow_pm(room, val)
 	if get_allow_pm(room) == val then return false; end
+	if not (val == "affiliated" or valid_roles[val]) then return false end
 	room._data.allow_pm = val;
 	return true;
 end
@@ -93,8 +97,10 @@
 	local pmval = get_allow_pm(room);
 
 	if pmval ~= "none" then
-		if pmval == "affiliated" and room:get_affiliation(from_occupant.bare_jid) then
-			return; -- Allow from affiliated users
+		if pmval == "affiliated" then
+			if room:get_affiliation(from_occupant.bare_jid) then
+				return; -- Allow from affiliated users
+			end
 		elseif valid_roles[from_occupant.role] >= valid_roles[pmval] then
 			module:log("debug", "Allowing PM: %s(%d) >= %s(%d)", from_occupant.role, valid_roles[from_occupant.role], pmval, valid_roles[pmval]);
 			return; -- Allow from a permitted role