<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0">
  <channel>
    <link>http://hg.omfa.de/prosody-hg/</link>
    <language>en-us</language>

    <title>prosody-hg: core/usermanager.lua history</title>
    <description>core/usermanager.lua revision history</description>
    <item>
    <title>usermanager: More consistent method behaviour, errors, and (pre-)events</title>
    <link>http://hg.omfa.de/prosody-hg/log/01f95f3de6fc/core/usermanager.lua</link>
    <description><![CDATA[usermanager: More consistent method behaviour, errors, and (pre-)events<br/>
<br/>
This commit refactors most of the exported usermanager methods substantially<br/>
to ensure that all of them correctly check for the presence of the host and<br/>
method they are calling and return consistent errors if either is incorrect or<br/>
missing.<br/>
<br/>
It also unifies the event and logging code, so as a result there are more<br/>
events being fired than before this commit (it also adds pre- events so that<br/>
modules can block an action from going ahead).<br/>
<br/>
We don't have good test coverage of this API, but some manual testing suggests<br/>
it seems to be working okay...]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 25 Sep 2025 16:53:35 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Fix COMPAT layer for legacy is_admin() function</title>
    <link>http://hg.omfa.de/prosody-hg/log/4cfabfbb0691/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Fix COMPAT layer for legacy is_admin() function<br/>
<br/>
Thanks ctrlaltca<br/>
<br/>
Fixes #1912]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 22 Mar 2025 11:53:15 +0100</pubDate>
</item>
<item>
    <title>usermanager: Add info logging for all usermanager account changes</title>
    <link>http://hg.omfa.de/prosody-hg/log/b5b0190ddc38/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add info logging for all usermanager account changes]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 10 Mar 2025 11:52:55 +0000</pubDate>
</item>
<item>
    <title>usermanager: Include role_name in event for consistency with the 'removed' event</title>
    <link>http://hg.omfa.de/prosody-hg/log/22f1444f08f9/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Include role_name in event for consistency with the 'removed' event]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 13 Feb 2025 15:31:37 +0000</pubDate>
</item>
<item>
    <title>usermanager, mod_auth_internal_hashed: Support metadata when disabling a user</title>
    <link>http://hg.omfa.de/prosody-hg/log/1796370091d4/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_auth_internal_hashed: Support metadata when disabling a user<br/>
<br/>
This allows us to store a time, actor, comment and/or reason why an account<br/>
was disabled, which seems a generally useful thing to support.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 30 Nov 2023 09:47:00 +0000</pubDate>
</item>
<item>
    <title>usermanager: Add create_user_with_role() method to atomically set initial role</title>
    <link>http://hg.omfa.de/prosody-hg/log/7b6e7290265b/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add create_user_with_role() method to atomically set initial role]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 29 Jun 2023 15:31:46 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Correct formatting of not implemented error</title>
    <link>http://hg.omfa.de/prosody-hg/log/623fbb5f9b05/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Correct formatting of not implemented error<br/>
<br/>
Spaces, no hyphen, apparently.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sun, 26 Mar 2023 16:51:33 +0200</pubDate>
</item>
<item>
    <title>core: Prefix module imports with prosody namespace</title>
    <link>http://hg.omfa.de/prosody-hg/log/ead41e25ebc0/core/usermanager.lua</link>
    <description><![CDATA[core: Prefix module imports with prosody namespace]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Fri, 17 Mar 2023 16:23:07 +0100</pubDate>
</item>
<item>
    <title>authz: Add method for retrieving all roles</title>
    <link>http://hg.omfa.de/prosody-hg/log/cdb996637b08/core/usermanager.lua</link>
    <description><![CDATA[authz: Add method for retrieving all roles<br/>
<br/>
Some of the OAuth stuff highlights a small need to retrieve a list of<br/>
roles somehow. Handy if you ever need a role selector in adhoc or<br/>
something.<br/>
<br/>
Unless there's some O(n) thing we were avoiding?]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 04 Mar 2023 18:40:43 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Fire events when enabling and disabling users</title>
    <link>http://hg.omfa.de/prosody-hg/log/e282c92ded0e/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Fire events when enabling and disabling users<br/>
<br/>
Allow modules to act on this state change, e.g. kick accounts etc.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 23 Feb 2023 16:25:31 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Add methods for enabling and disabling users</title>
    <link>http://hg.omfa.de/prosody-hg/log/8473a516004f/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Add methods for enabling and disabling users<br/>
<br/>
Calling into the auth module, where available.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 23 Feb 2023 16:24:41 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Link to docs for new role API to make warning more actionable</title>
    <link>http://hg.omfa.de/prosody-hg/log/75f0c69eba71/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Link to docs for new role API to make warning more actionable]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 27 Aug 2022 17:01:36 +0200</pubDate>
</item>
<item>
    <title>core.usermanager: Update argument name in authz fallback method</title>
    <link>http://hg.omfa.de/prosody-hg/log/0278987b8687/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Update argument name in authz fallback method<br/>
<br/>
It's not plural]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 18 Aug 2022 15:42:07 +0200</pubDate>
</item>
<item>
    <title>core.usermanager: Remove obsolete authz fallback method</title>
    <link>http://hg.omfa.de/prosody-hg/log/7869da467087/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Remove obsolete authz fallback method]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 18 Aug 2022 15:38:18 +0200</pubDate>
</item>
<item>
    <title>core.usermanager: Add missing methods to fallback authz provider</title>
    <link>http://hg.omfa.de/prosody-hg/log/314bad8907fd/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Add missing methods to fallback authz provider]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 18 Aug 2022 14:10:21 +0200</pubDate>
</item>
<item>
    <title>core.usermanager: Add scoped luacheck ignore rule to reduce clutter</title>
    <link>http://hg.omfa.de/prosody-hg/log/05d5f25a3c61/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Add scoped luacheck ignore rule to reduce clutter]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 18 Aug 2022 14:07:54 +0200</pubDate>
</item>
<item>
    <title>mod_authz_internal: Expose convenience method to test if user can assume role</title>
    <link>http://hg.omfa.de/prosody-hg/log/cf88f6b03942/core/usermanager.lua</link>
    <description><![CDATA[mod_authz_internal: Expose convenience method to test if user can assume role]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 18 Aug 2022 10:37:59 +0100</pubDate>
</item>
<item>
    <title>mod_authz_internal, and more: New iteration of role API</title>
    <link>http://hg.omfa.de/prosody-hg/log/07424992d7fc/core/usermanager.lua</link>
    <description><![CDATA[mod_authz_internal, and more: New iteration of role API<br/>
<br/>
These changes to the API (hopefully the last) introduce a cleaner separation<br/>
between the user's primary (default) role, and their secondary (optional)<br/>
roles.<br/>
<br/>
To keep the code sane and reduce complexity, a data migration is needed for<br/>
people using stored roles in 0.12. This can be performed with<br/>
<br/>
  prosodyctl mod_authz_internal migrate &lt;host&gt;]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Wed, 17 Aug 2022 16:38:53 +0100</pubDate>
</item>
<item>
    <title>usermanager: Add back temporary is_admin to warn about deprecated API usage</title>
    <link>http://hg.omfa.de/prosody-hg/log/c0eea4f6c739/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add back temporary is_admin to warn about deprecated API usage<br/>
<br/>
Goal: Introduce role-auth with minimal disruption<br/>
<br/>
is_admin() is unsafe in a system with per-session permissions, so it has been<br/>
deprecated.<br/>
<br/>
Roll-out approach:<br/>
<br/>
1) First, log a warning when is_admin() is used. It should continue to<br/>
   function normally, backed by the new role API. Nothing is really using<br/>
   per-session authz yet, so there is minimal security concern.<br/>
<br/>
   The 'strict_deprecate_is_admin' global setting can be set to 'true' to<br/>
   force a hard failure of is_admin() attempts (it will log an error and<br/>
   always return false).<br/>
<br/>
2) In some time (at least 1 week), but possibly longer depending on the number<br/>
   of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by<br/>
   default. It can still be disabled for systems that need it.<br/>
<br/>
3) Further in the future, before the next release, the option will be removed<br/>
   and is_admin() will be permanently disabled.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 15 Aug 2022 15:25:07 +0100</pubDate>
</item>
<item>
    <title>usermanager: Remove concept of global authz provider</title>
    <link>http://hg.omfa.de/prosody-hg/log/7ca5645f46cd/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Remove concept of global authz provider<br/>
<br/>
Rationale:<br/>
<br/>
- Removes a bunch of code!<br/>
- We don't have many cases where an actor is not bound to one of our hosts<br/>
- A notable exception is the admin shell, but if we ever attempt to lock those<br/>
  sessions down, there is a load of other work that also has to be done. And<br/>
  it's not clear if we would need a global authz provider for that anyway.<br/>
- Removes an extra edge case from the necessary mental model for operators<br/>
- Sessions that aren't bound to a host generally are anonymous or have an<br/>
  alternative auth model (such as by IP addres).<br/>
- With the encapsulation now provided by util.roles, ad-hoc &quot;detached roles&quot;<br/>
  can still be created anyway by code that needs them.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Fri, 12 Aug 2022 16:21:57 +0100</pubDate>
</item>
<item>
    <title>usermanager: Fix method name of global authz provider (thanks Zash)</title>
    <link>http://hg.omfa.de/prosody-hg/log/1ab845e80fe7/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Fix method name of global authz provider (thanks Zash)]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Fri, 12 Aug 2022 11:58:25 +0100</pubDate>
</item>
<item>
    <title>usermanager: Remove obsolete function from global authz provider</title>
    <link>http://hg.omfa.de/prosody-hg/log/af315e5b71f0/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Remove obsolete function from global authz provider]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 11 Aug 2022 16:56:59 +0100</pubDate>
</item>
<item>
    <title>usermanager: Handle local JIDs being passed to get/set_jid_role()</title>
    <link>http://hg.omfa.de/prosody-hg/log/f3dbbc7655e6/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Handle local JIDs being passed to get/set_jid_role()<br/>
<br/>
There is no reasonable fallback for set_jid_role() because users may have<br/>
multiple roles, so that's an error.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 01 Aug 2022 20:26:00 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Add missing stub authz methods to global authz provider</title>
    <link>http://hg.omfa.de/prosody-hg/log/e4a412a54462/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Add missing stub authz methods to global authz provider<br/>
<br/>
Except, should we have a global authz provider at all?]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Wed, 20 Jul 2022 13:10:47 +0200</pubDate>
</item>
<item>
    <title>mod_authz_internal: Use util.roles, some API changes and config support</title>
    <link>http://hg.omfa.de/prosody-hg/log/f299e570a0fe/core/usermanager.lua</link>
    <description><![CDATA[mod_authz_internal: Use util.roles, some API changes and config support<br/>
<br/>
This commit was too awkward to split (hg record didn't like it), so:<br/>
<br/>
- Switch to the new util.roles lib to provide a consistent representation of<br/>
  a role object.<br/>
<br/>
- Change API method from get_role_info() to get_role_by_name() (touches<br/>
  sessionmanager and usermanager)<br/>
<br/>
- Change get_roles() to get_user_roles(), take a username instead of a JID<br/>
  This is more consistent with all other usermanager API methods.<br/>
<br/>
- Support configuration of custom roles and permissions via the config file<br/>
  (to be documented).]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 19 Jul 2022 18:02:02 +0100</pubDate>
</item>
<item>
    <title>usermanager, mod_auth_*: Add get_account_info() returning creation/update time</title>
    <link>http://hg.omfa.de/prosody-hg/log/3f38f4735c7a/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_auth_*: Add get_account_info() returning creation/update time<br/>
<br/>
This is useful for a number of things. For example, listing users that need to<br/>
rotate their passwords after some event. It also provides a safer way for code<br/>
to determine that a user password has changed without needing to set a handler<br/>
for the password change event (which is a more fragile approach).]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 12 Jul 2022 13:14:47 +0100</pubDate>
</item>
<item>
    <title>Switch to a new role-based authorization framework, removing is_admin()</title>
    <link>http://hg.omfa.de/prosody-hg/log/9061f9621330/core/usermanager.lua</link>
    <description><![CDATA[Switch to a new role-based authorization framework, removing is_admin()<br/>
<br/>
We began moving away from simple &quot;is this user an admin?&quot; permission checks<br/>
before 0.12, with the introduction of mod_authz_internal and the ability to<br/>
dynamically change the roles of individual users.<br/>
<br/>
The approach in 0.12 still had various limitations however, and apart from<br/>
the introduction of roles other than &quot;admin&quot; and the ability to pull that info<br/>
from storage, not much actually changed.<br/>
<br/>
This new framework shakes things up a lot, though aims to maintain the same<br/>
functionality and behaviour on the surface for a default Prosody<br/>
configuration. That is, if you don't take advantage of any of the new<br/>
features, you shouldn't notice any change.<br/>
<br/>
The biggest change visible to developers is that usermanager.is_admin() (and<br/>
the auth provider is_admin() method) have been removed. Gone. Completely.<br/>
<br/>
Permission checks should now be performed using a new module API method:<br/>
<br/>
  module:may(action_name, context)<br/>
<br/>
This method accepts an action name, followed by either a JID (string) or<br/>
(preferably) a table containing 'origin'/'session' and 'stanza' fields (e.g.<br/>
the standard object passed to most events). It will return true if the action<br/>
should be permitted, or false/nil otherwise.<br/>
<br/>
Modules should no longer perform permission checks based on the role name.<br/>
E.g. a lot of code previously checked if the user's role was prosody:admin<br/>
before permitting some action. Since many roles might now exist with similar<br/>
permissions, and the permissions of prosody:admin may be redefined<br/>
dynamically, it is no longer suitable to use this method for permission<br/>
checks. Use module:may().<br/>
<br/>
If you start an action name with ':' (recommended) then the current module's<br/>
name will automatically be used as a prefix.<br/>
<br/>
To define a new permission, use the new module API:<br/>
<br/>
  module:default_permission(role_name, action_name)<br/>
  module:default_permissions(role_name, { action_name[, action_name...] })<br/>
<br/>
This grants the specified role permission to execute the named action(s) by<br/>
default. This may be overridden via other mechanisms external to your module.<br/>
<br/>
The built-in roles that developers should use are:<br/>
<br/>
 - prosody:user (normal user)<br/>
 - prosody:admin (host admin)<br/>
 - prosody:operator (global admin)<br/>
<br/>
The new prosody:operator role is intended for server-wide actions (such as<br/>
shutting down Prosody).<br/>
<br/>
Finally, all usage of is_admin() in modules has been fixed by this commit.<br/>
Some of these changes were trickier than others, but no change is expected to<br/>
break existing deployments.<br/>
<br/>
EXCEPT: mod_auth_ldap no longer supports the ldap_admin_filter option. It's<br/>
very possible nobody is using this, but if someone is then we can later update<br/>
it to pull roles from LDAP somehow.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Wed, 15 Jun 2022 12:15:01 +0100</pubDate>
</item>
<item>
    <title>usermanager, mod_saslauth: Default to internal_hashed if no auth module specified</title>
    <link>http://hg.omfa.de/prosody-hg/log/ed8a4f8dfd27/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_saslauth: Default to internal_hashed if no auth module specified<br/>
<br/>
The default config was updated in this way long ago, but if no option was<br/>
present in the config, Prosody would load internal_plain.<br/>
<br/>
This change can result in changes (for the better) for people using very old<br/>
configuration files lacking an 'authentication' setting.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 10 Feb 2022 19:54:14 +0000</pubDate>
</item>
<item>
    <title>core.usermanager: Implement noop role writes on global authz provider</title>
    <link>http://hg.omfa.de/prosody-hg/log/a949f1aae171/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Implement noop role writes on global authz provider<br/>
<br/>
So that the methods are there and don't cause an error.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Mon, 06 Dec 2021 22:38:27 +0100</pubDate>
</item>
<item>
    <title>usermanager: Fire user-roles-changed event when updating roles of a local user</title>
    <link>http://hg.omfa.de/prosody-hg/log/89aa591bb895/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Fire user-roles-changed event when updating roles of a local user]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Fri, 12 Nov 2021 13:25:09 +0000</pubDate>
</item>
<item>
    <title>usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role</title>
    <link>http://hg.omfa.de/prosody-hg/log/3a2d58a39872/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_authz_internal: Add methods to fetch users/JIDs of given role]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 26 Aug 2021 16:35:43 +0100</pubDate>
</item>
<item>
    <title>usermanager: expose set_roles through API</title>
    <link>http://hg.omfa.de/prosody-hg/log/afe80b64e209/core/usermanager.lua</link>
    <description><![CDATA[usermanager: expose set_roles through API]]></description>
    <author>&#74;&#111;&#110;&#97;&#115;&#32;&#83;&#99;&#104;&#228;&#102;&#101;&#114;&#32;&#60;&#106;&#111;&#110;&#97;&#115;&#64;&#119;&#105;&#101;&#108;&#105;&#99;&#107;&#105;&#46;&#110;&#97;&#109;&#101;&#62;</author>
    <pubDate>Mon, 22 Mar 2021 21:24:57 +0100</pubDate>
</item>
<item>
    <title>usermanager: Fix traceback when checking admin status of host-only JIDs (fixes #1508)</title>
    <link>http://hg.omfa.de/prosody-hg/log/52886aad9ee1/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Fix traceback when checking admin status of host-only JIDs (fixes #1508)]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Thu, 19 Mar 2020 14:12:40 +0000</pubDate>
</item>
<item>
    <title>usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter</title>
    <link>http://hg.omfa.de/prosody-hg/log/8f95308c3c45/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_authz_*: Merge mod_authz_config and mod_authz_internal into the latter]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Sun, 23 Feb 2020 12:38:43 +0000</pubDate>
</item>
<item>
    <title>usermanager: Add get_roles() function</title>
    <link>http://hg.omfa.de/prosody-hg/log/5622eda7c5c5/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add get_roles() function]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Wed, 05 Feb 2020 17:41:14 +0000</pubDate>
</item>
<item>
    <title>mod_authz_internal, usermanager: Rename to mod_authz_config</title>
    <link>http://hg.omfa.de/prosody-hg/log/675d9fbcbaed/core/usermanager.lua</link>
    <description><![CDATA[mod_authz_internal, usermanager: Rename to mod_authz_config]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 27 Jan 2020 22:28:52 +0000</pubDate>
</item>
<item>
    <title>usermanager: Load authz providers on components also</title>
    <link>http://hg.omfa.de/prosody-hg/log/c9e1cb7a38b8/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Load authz providers on components also]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 27 Jan 2020 22:09:19 +0000</pubDate>
</item>
<item>
    <title>usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).</title>
    <link>http://hg.omfa.de/prosody-hg/log/d1cc6af0fb97/core/usermanager.lua</link>
    <description><![CDATA[usermanager, mod_authz_internal: Move admin-checking functionality into a module. Fixes #517 (ish).<br/>
<br/>
Note: Removes the ability for mod_auth_* providers to determine user admin status. Such<br/>
modules will need to have their is_admin methods ported to be a mod_authz_* provider.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Mon, 27 Jan 2020 21:54:59 +0000</pubDate>
</item>
<item>
    <title>core: Use prosody.hosts instead of _G.hosts for consistency</title>
    <link>http://hg.omfa.de/prosody-hg/log/9ddd0fbbe53a/core/usermanager.lua</link>
    <description><![CDATA[core: Use prosody.hosts instead of _G.hosts for consistency]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Thu, 29 Mar 2018 16:58:06 +0200</pubDate>
</item>
<item>
    <title>vairious: Add annotation when an empty environment is set [luacheck]</title>
    <link>http://hg.omfa.de/prosody-hg/log/4f0f5b49bb03/core/usermanager.lua</link>
    <description><![CDATA[vairious: Add annotation when an empty environment is set [luacheck]]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Wed, 28 Feb 2018 20:06:26 +0100</pubDate>
</item>
<item>
    <title>core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)</title>
    <link>http://hg.omfa.de/prosody-hg/log/4354f556c5db/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Fri, 28 Jul 2017 13:15:29 +0200</pubDate>
</item>
<item>
    <title>usermanager: Shortcircuit user existence check if they have existing sessions</title>
    <link>http://hg.omfa.de/prosody-hg/log/1295e14614f4/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Shortcircuit user existence check if they have existing sessions]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sun, 21 Feb 2016 19:30:45 +0100</pubDate>
</item>
<item>
    <title>core.usermanager: Return as soon as possible once admin status is known</title>
    <link>http://hg.omfa.de/prosody-hg/log/0ce2b400663b/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Return as soon as possible once admin status is known]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sun, 06 Dec 2015 23:47:47 +0100</pubDate>
</item>
<item>
    <title>core.*: Remove use of module() function</title>
    <link>http://hg.omfa.de/prosody-hg/log/6236668da30a/core/usermanager.lua</link>
    <description><![CDATA[core.*: Remove use of module() function]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 21 Feb 2015 10:42:19 +0100</pubDate>
</item>
<item>
    <title>portmanager, s2smanager, sessionmanager, stanza_router, storagemanager, usermanager, util.xml: Add luacheck annotations</title>
    <link>http://hg.omfa.de/prosody-hg/log/d3023dd07cb6/core/usermanager.lua</link>
    <description><![CDATA[portmanager, s2smanager, sessionmanager, stanza_router, storagemanager, usermanager, util.xml: Add luacheck annotations]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Wed, 06 May 2015 19:20:07 +0100</pubDate>
</item>
<item>
    <title>usermanager: Capitalize log message</title>
    <link>http://hg.omfa.de/prosody-hg/log/8495734da243/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Capitalize log message]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 25 Apr 2015 14:22:59 +0200</pubDate>
</item>
<item>
    <title>usermanager: Remove unused import of pairs()</title>
    <link>http://hg.omfa.de/prosody-hg/log/47c2f71d8314/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Remove unused import of pairs()]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 13 Aug 2013 19:38:05 +0100</pubDate>
</item>
<item>
    <title>Remove all trailing whitespace</title>
    <link>http://hg.omfa.de/prosody-hg/log/bd0ff8ae98a8/core/usermanager.lua</link>
    <description><![CDATA[Remove all trailing whitespace]]></description>
    <author>&#70;&#108;&#111;&#114;&#105;&#97;&#110;&#32;&#90;&#101;&#105;&#116;&#122;&#32;&#60;&#102;&#108;&#111;&#114;&#111;&#98;&#64;&#98;&#97;&#98;&#101;&#108;&#109;&#111;&#110;&#107;&#101;&#121;&#115;&#46;&#100;&#101;&#62;</author>
    <pubDate>Fri, 09 Aug 2013 17:48:21 +0200</pubDate>
</item>
<item>
    <title>core.*: Complete removal of all traces of the &quot;core&quot; section and section-related code.</title>
    <link>http://hg.omfa.de/prosody-hg/log/898454038524/core/usermanager.lua</link>
    <description><![CDATA[core.*: Complete removal of all traces of the &quot;core&quot; section and section-related code.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 23 Mar 2013 02:33:15 +0100</pubDate>
</item>
<item>
    <title>usermanager: Add support for iterating over accounts</title>
    <link>http://hg.omfa.de/prosody-hg/log/0e1686f334b8/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add support for iterating over accounts]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Fri, 21 Sep 2012 17:26:25 +0200</pubDate>
</item>
<item>
    <title>storagemanager: Add purge() for purging user data from all backends in use</title>
    <link>http://hg.omfa.de/prosody-hg/log/e8253c931166/core/usermanager.lua</link>
    <description><![CDATA[storagemanager: Add purge() for purging user data from all backends in use]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sun, 16 Sep 2012 02:18:07 +0200</pubDate>
</item>
<item>
    <title>core.usermanager: Don't close sessions ourselves when deleting users. Instead, fire an event that modules can hook.</title>
    <link>http://hg.omfa.de/prosody-hg/log/e646c849d72f/core/usermanager.lua</link>
    <description><![CDATA[core.usermanager: Don't close sessions ourselves when deleting users. Instead, fire an event that modules can hook.]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 25 Aug 2012 01:20:13 +0200</pubDate>
</item>
<item>
    <title>usermanager: Add method for deleting a user</title>
    <link>http://hg.omfa.de/prosody-hg/log/ce823b32225e/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add method for deleting a user]]></description>
    <author>&#75;&#105;&#109;&#32;&#65;&#108;&#118;&#101;&#102;&#117;&#114;&#32;&#60;&#122;&#97;&#115;&#104;&#64;&#122;&#97;&#115;&#104;&#46;&#115;&#101;&#62;</author>
    <pubDate>Sat, 28 Jul 2012 21:55:05 +0200</pubDate>
</item>
<item>
    <title>usermanager: Pass session on to auth provider (missing half of commit 0545a574667b) (thanks Zash)</title>
    <link>http://hg.omfa.de/prosody-hg/log/50f63f07245f/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Pass session on to auth provider (missing half of commit 0545a574667b) (thanks Zash)]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Sat, 07 Jul 2012 02:32:39 +0100</pubDate>
</item>
<item>
    <title>usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version.</title>
    <link>http://hg.omfa.de/prosody-hg/log/ee55956597f4/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add log error for use of COMPAT config option 'anonymous_login'. To be removed in next version.]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Sat, 28 Apr 2012 14:35:52 +0100</pubDate>
</item>
<item>
    <title>usermanager: Prep admin JIDs (fixes issue#276).</title>
    <link>http://hg.omfa.de/prosody-hg/log/2ccc386b9913/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Prep admin JIDs (fixes issue#276).]]></description>
    <author>&#87;&#97;&#113;&#97;&#115;&#32;&#72;&#117;&#115;&#115;&#97;&#105;&#110;&#32;&#60;&#119;&#97;&#113;&#97;&#115;&#50;&#48;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Wed, 14 Dec 2011 07:19:58 +0500</pubDate>
</item>
<item>
    <title>usermanager: Check host exists before trying to look up admins for it</title>
    <link>http://hg.omfa.de/prosody-hg/log/6b0d7d94eb7f/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Check host exists before trying to look up admins for it]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 05 Apr 2011 13:26:19 +0100</pubDate>
</item>
<item>
    <title>usermanager: Add delete_user method</title>
    <link>http://hg.omfa.de/prosody-hg/log/b71e5ecc694b/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Add delete_user method]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 04 Jan 2011 17:11:51 +0000</pubDate>
</item>
<item>
    <title>usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers)</title>
    <link>http://hg.omfa.de/prosody-hg/log/73075b004e77/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Have methods not implemented in the active provider fall back to the null provider (later we can add support for chains of providers)]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 04 Jan 2011 17:11:37 +0000</pubDate>
</item>
<item>
    <title>usermanager: Change dummy provider method to return an error string also (method not implemented)</title>
    <link>http://hg.omfa.de/prosody-hg/log/2b86d7705f4e/core/usermanager.lua</link>
    <description><![CDATA[usermanager: Change dummy provider method to return an error string also (method not implemented)]]></description>
    <author>&#77;&#97;&#116;&#116;&#104;&#101;&#119;&#32;&#87;&#105;&#108;&#100;&#32;&#60;&#109;&#119;&#105;&#108;&#100;&#49;&#64;&#103;&#109;&#97;&#105;&#108;&#46;&#99;&#111;&#109;&#62;</author>
    <pubDate>Tue, 04 Jan 2011 17:10:56 +0000</pubDate>
</item>

  </channel>
</rss>
