-
Notifications
You must be signed in to change notification settings - Fork 122
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
XEP-0045: Allow non-owners to retrieve owner and admin lists in non-a…
…nonymous rooms
- Loading branch information
Showing
1 changed file
with
10 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -47,7 +47,7 @@ | |
| <registry/> | ||
| &stpeter; | ||
| <revision> | ||
| <version>1.34.7</version> | ||
| <version>1.35.0</version> | ||
| <date>2024-08-14</date> | ||
| <initials>gk</initials> | ||
| <remark> | ||
|
|
@@ -60,6 +60,8 @@ | |
| <li>Replace inappropriate RFC 2119 key word usage in §9.7.</li> | ||
| <li>Presence sent to occupants of a destroyed room includes a <destroy/> element.</li> | ||
| <li>Explicitly use bare JIDs when operating on affiliations.</li> | ||
| <li>Allow non-owners to retrieve owner and admin lists in non-anonymous rooms.</li> | ||
| <li>Members should be allowed to retrieve the member list only in non-anonymous rooms.</li> | ||
| </ul> | ||
| </remark> | ||
| </revision> | ||
|
|
@@ -1003,7 +1005,7 @@ | |
| <td>N/A</td> | ||
| </tr> | ||
| <tr> | ||
| <td>Retrieve Member List</td> | ||
| <td>Retrieve Member List***</td> | ||
| <td>No</td> | ||
| <td>No</td> | ||
| <td>Yes</td> | ||
|
|
@@ -1077,6 +1079,7 @@ | |
| </table> | ||
| <p>* As a default, an unaffiliated user enters a moderated room as a visitor, and enters an open room as a participant. A member enters a room as a participant. An admin or owner enters a room as a moderator.</p> | ||
| <p>** As noted, a moderator SHOULD NOT be allowed to revoke moderation privileges from someone with a higher affiliation than themselves (i.e., an unaffiliated moderator SHOULD NOT be allowed to revoke moderation privileges from an admin or an owner, and an admin SHOULD NOT be allowed to revoke moderation privileges from an owner).</p> | ||
| <p>*** When a room is configured to be semi-anonymous, there clearly is an intent to hide JIDs. In such rooms, members SHOULD NOT be allowed to retrieve the member list (as that list MUST contain the JID of each member).</p> | ||
| </section3> | ||
|
|
||
| <section3 topic='Changing Affiliations' anchor='affil-change'> | ||
|
|
@@ -3486,7 +3489,7 @@ | |
| </query> | ||
| </iq> | ||
| ]]></example> | ||
| <p>Note: A service SHOULD also return the member list to any occupant in a members-only room; i.e., it SHOULD NOT generate a &forbidden; error when a member in the room requests the member list. This functionality can assist clients in showing all the existing members even if some of them are not in the room, e.g. to help a member determine if another user should be invited. A service SHOULD also allow any member to retrieve the member list even if not yet an occupant.</p> | ||
| <p>Note: If the room is non-anonymous, a service SHOULD also return the member list to any occupant in a members-only room; i.e., it SHOULD NOT generate a &forbidden; error when a member in such a room requests the member list. This functionality can assist clients in showing all the existing members even if some of them are not in the room, e.g. to help a member determine if another user should be invited. If the room is non-anonymous, a service SHOULD also allow any member to retrieve the member list even if not yet an occupant.</p> | ||
| <p>The service MUST then return the full member list to the admin qualified by the 'http://jabber.org/protocol/muc#admin' namespace; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for each member that is currently an occupant.</p> | ||
| <example caption='Service Sends Member List to Admin'><![CDATA[ | ||
| <iq from='[email protected]' | ||
|
|
@@ -4643,7 +4646,7 @@ | |
| </query> | ||
| </iq> | ||
| ]]></example> | ||
| <p>If the <user@host> of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender.</p> | ||
| <p>If the <user@host> of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender in semi-anonymous rooms. In non-anonymous rooms, the service MAY process the request.</p> | ||
| <p>Otherwise, the service MUST then return the owner list to the owner; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for any owner that is currently an occupant:</p> | ||
| <example caption='Service Sends Owner List to Owner'><![CDATA[ | ||
| <iq from='[email protected]' | ||
|
|
@@ -4668,7 +4671,7 @@ | |
| </query> | ||
| </iq> | ||
| ]]></example> | ||
| <p>Only owners shall be allowed to modify the owner list. If a non-owner attempts to view or modify the owner list, the service MUST deny the request and return a &forbidden; error to the sender:</p> | ||
| <p>Only owners shall be allowed to modify the owner list. If a non-owner attempts to modify the owner list, the service MUST deny the request and return a &forbidden; error to the sender:</p> | ||
| <example caption='Service Returns Error on Attempt by Non-Owner to Modify Owner List'><![CDATA[ | ||
| <iq from='[email protected]' | ||
| id='ownertest' | ||
|
|
@@ -4834,7 +4837,7 @@ | |
| </query> | ||
| </iq> | ||
| ]]></example> | ||
| <p>If the <user@host> of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender.</p> | ||
| <p>If the <user@host> of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender in semi-anonymous rooms. In non-anonymous rooms, the service MAY process the request.</p> | ||
| <p>Otherwise, the service MUST then return the admin list to the owner; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for any admin that is currently an occupant:</p> | ||
| <example caption='Service Sends Admin List to Owner'><![CDATA[ | ||
| <iq from='[email protected]' | ||
|
|
@@ -4866,7 +4869,7 @@ | |
| </query> | ||
| </iq> | ||
| ]]></example> | ||
| <p>Only owners shall be allowed to modify the admin list. If a non-owner attempts to view or modify the admin list, the service MUST deny the request and return a &forbidden; error to the sender.</p> | ||
| <p>Only owners shall be allowed to modify the admin list. If a non-owner attempts to modify the admin list, the service MUST deny the request and return a &forbidden; error to the sender.</p> | ||
| <example caption='Service Returns Error on Attempt by Non-Owner to Modify Admin List'><![CDATA[ | ||
| <iq from='[email protected]' | ||
| id='admintest' | ||
|
|
||