BTW (not directly related) I was playing around with node.modifyAffiliationAsOwner() on ejabberd (16.03):
- created a node as admin
- set affiliation to user foo as member
And so managed to ‘lock’ myself out - I could not delete the node anymore as admin. The server reporting I (admin) was not an owner… neither could I delete the node as ‘foo’. To delete it I had to set the affiliation to admin as owner.
According to the PubSub RFC, setting the affiliation should work as ‘delta’ - as I understand it - adding foo should keep admin as owner and just add foo as member.
An entity may subscribe or retrieve items only if on a whitelist managed by the node owner. The node owner MUST automatically be on the whitelist. In order to add entities to the whitelist, the node owner SHOULD use the protocol specified in the Manage Affiliated Entities section of this document, specifically by setting the affiliation to "member".
Maybe I misinterpreted “The node owner MUST automatically be on the whitelist”… does this mean the client should always add the owner or that it’s the servers job to keep it there?
I tried also node.getAffiliations() (was getting NPE with getAffiliationsAsOwner) and I saw only foo as member…
As said this is just BTW… have to write some testcases to see how this works. I’ll post when I have more data (possibly try ejabberd 18).
For my use case it would be nice if I could control access to a node with a whitelist but it seems like the implementation (at least on ejabberd) is a bit shaky. It would be very impractical if to add a user I had to always update the whole whitelist (what would happen if two admins update the node’s whitelist at the same time).