Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XEP-0045: Allow non-owners to retrieve owner and admin lists in non-anonymous rooms #1372

Merged
merged 3 commits into from
Aug 23, 2024
Merged

XEP-0045: Allow non-owners to retrieve owner and admin lists in non-anonymous rooms #1372

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
cf21852
XEP-0045: Allow non-owners to retrieve owner and admin lists in non-a…
guusdk Aug 14, 2024
f6f6faa
XEP-0045: Members should be allowed to retrieve the member list only …
guusdk Aug 14, 2024
c1c2a54
Merge branch 'master' into XEP-0045_10_allow-list-gets-for-non-anon-r…
iNPUTmice Aug 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 10 additions & 7 deletions xep-0045.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
<registry/>
&stpeter;
<revision>
<version>1.34.7</version>
<version>1.35.0</version>
<date>2024-08-14</date>
<initials>gk</initials>
<remark>
Expand All @@ -60,6 +60,8 @@
<li>Replace inappropriate RFC 2119 key word usage in §9.7.</li>
<li>Presence sent to occupants of a destroyed room includes a &lt;destroy/&gt; element.</li>
<li>Explicitly use bare JIDs when operating on affiliations.</li>
<li>Allow non-owners to retrieve owner and admin lists in non-anonymous rooms.</li>
<li>Members should be allowed to retrieve the member list only in non-anonymous rooms.</li>
</ul>
</remark>
</revision>
Expand Down Expand Up @@ -1003,7 +1005,7 @@
<td>N/A</td>
</tr>
<tr>
<td>Retrieve Member List</td>
<td>Retrieve Member List***</td>
<td>No</td>
<td>No</td>
<td>Yes</td>
Expand Down Expand Up @@ -1077,6 +1079,7 @@
</table>
<p>* As a default, an unaffiliated user enters a moderated room as a visitor, and enters an open room as a participant. A member enters a room as a participant. An admin or owner enters a room as a moderator.</p>
<p>** As noted, a moderator SHOULD NOT be allowed to revoke moderation privileges from someone with a higher affiliation than themselves (i.e., an unaffiliated moderator SHOULD NOT be allowed to revoke moderation privileges from an admin or an owner, and an admin SHOULD NOT be allowed to revoke moderation privileges from an owner).</p>
<p>*** When a room is configured to be semi-anonymous, there clearly is an intent to hide JIDs. In such rooms, members SHOULD NOT be allowed to retrieve the member list (as that list MUST contain the JID of each member).</p>
</section3>

<section3 topic='Changing Affiliations' anchor='affil-change'>
Expand Down Expand Up @@ -3486,7 +3489,7 @@
</query>
</iq>
]]></example>
<p>Note: A service SHOULD also return the member list to any occupant in a members-only room; i.e., it SHOULD NOT generate a &forbidden; error when a member in the room requests the member list. This functionality can assist clients in showing all the existing members even if some of them are not in the room, e.g. to help a member determine if another user should be invited. A service SHOULD also allow any member to retrieve the member list even if not yet an occupant.</p>
<p>Note: If the room is non-anonymous, a service SHOULD also return the member list to any occupant in a members-only room; i.e., it SHOULD NOT generate a &forbidden; error when a member in such a room requests the member list. This functionality can assist clients in showing all the existing members even if some of them are not in the room, e.g. to help a member determine if another user should be invited. If the room is non-anonymous, a service SHOULD also allow any member to retrieve the member list even if not yet an occupant.</p>
<p>The service MUST then return the full member list to the admin qualified by the 'http://jabber.org/protocol/muc#admin' namespace; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for each member that is currently an occupant.</p>
<example caption='Service Sends Member List to Admin'><![CDATA[
<iq from='[email protected]'
Expand Down Expand Up @@ -4643,7 +4646,7 @@
</query>
</iq>
]]></example>
<p>If the &lt;user@host&gt; of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender.</p>
<p>If the &lt;user@host&gt; of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender in semi-anonymous rooms. In non-anonymous rooms, the service MAY process the request.</p>
<p>Otherwise, the service MUST then return the owner list to the owner; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for any owner that is currently an occupant:</p>
<example caption='Service Sends Owner List to Owner'><![CDATA[
<iq from='[email protected]'
Expand All @@ -4668,7 +4671,7 @@
</query>
</iq>
]]></example>
<p>Only owners shall be allowed to modify the owner list. If a non-owner attempts to view or modify the owner list, the service MUST deny the request and return a &forbidden; error to the sender:</p>
<p>Only owners shall be allowed to modify the owner list. If a non-owner attempts to modify the owner list, the service MUST deny the request and return a &forbidden; error to the sender:</p>
<example caption='Service Returns Error on Attempt by Non-Owner to Modify Owner List'><![CDATA[
<iq from='[email protected]'
id='ownertest'
Expand Down Expand Up @@ -4834,7 +4837,7 @@
</query>
</iq>
]]></example>
<p>If the &lt;user@host&gt; of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender.</p>
<p>If the &lt;user@host&gt; of the 'from' address does not match the bare JID of a room owner, the service MUST return a &forbidden; error to the sender in semi-anonymous rooms. In non-anonymous rooms, the service MAY process the request.</p>
<p>Otherwise, the service MUST then return the admin list to the owner; each item MUST include the 'affiliation' and 'jid' attributes and MAY include the 'nick' and 'role' attributes for any admin that is currently an occupant:</p>
<example caption='Service Sends Admin List to Owner'><![CDATA[
<iq from='[email protected]'
Expand Down Expand Up @@ -4866,7 +4869,7 @@
</query>
</iq>
]]></example>
<p>Only owners shall be allowed to modify the admin list. If a non-owner attempts to view or modify the admin list, the service MUST deny the request and return a &forbidden; error to the sender.</p>
<p>Only owners shall be allowed to modify the admin list. If a non-owner attempts to modify the admin list, the service MUST deny the request and return a &forbidden; error to the sender.</p>
<example caption='Service Returns Error on Attempt by Non-Owner to Modify Admin List'><![CDATA[
<iq from='[email protected]'
id='admintest'
Expand Down