Moderator rights based on group membership


i have set up an own server with secure domain. So every User has to login and then the first one gets admin rights.
What i need to achieve is, that people from group A are moderators, people from group B are normal users.
Only moderators should be able to create rooms, users should wait or immediately be kicked out, if there is not moderator present in that room.

I did some search, but didnt succeed to find a ready to use solution. Do you know a config to do that?

I think i have to write a lua script and use the hooks to code a solution.
Can you provide me some links with good starting points?
explanation of lua scripting?
hook overview, which are existing in stable versions (e.g. 0.10 prosody)?
is there already a storage like memcached where i could store the group information of a user?

1 Like

I am still searching for hints for e.g. the list of these hooks: module:hook(“muc-room-pre-create” …

Here is an example

Mind that some events are not present on 0.10.
You can add a variable in the module to store data in the memory of prosody … will be cleared once it reatarts. And make sure you clean your storage so you don’t leak memory

1 Like

thx @damencho

So i had some errors in my configuration, but now it works.

for documentation here my plugin:
local jid = require “util.jid”;
local http_request = require “http.request”

module:hook("muc-occupant-joined", function (event)
local room, occupant =, event.occupant;
local stanza = event.stanza;
local user = jid.split(stanza.attr.from);
--module:log("info", "occupant mod joined "..user);

if user ~= "focus"
        local headers, stream = assert(http_request.new_from_uri(""..user):go())
    local body = assert(stream:get_body_as_string())

    module:log('info', 'Return: '..body);
    if body == "moderator" then
        module:log("info", "occupant mod joined "..user);
        room:set_affiliation(true, occupant.bare_jid, "owner");
        module:log("info", "occupant user joined "..user);
        room:set_affiliation(true, occupant.bare_jid, "member");

end, 10);

What is still missing, is the feature, that if a normal user is creating a room, i want to close the room immediately.

i experimented with
room:set_affiliation(true, occupant.bare_jid, “none”);

but there is now reaction in the browser.

So what is the correct way to close a room when a user starts it? Any hints?

1 Like

So in April a new version got released with a new API command kickParticipant.

@damencho or all:
Do you now if this is also usable in a lua script?

This iframeAPI command, nothing to do with lua.

@damencho i know, that this are different things, is there something corresponding for lua scripting available?

I still have the problem, if i want to kill a room, the users in browsers are hanging around and are blocking the room name. Until all user have not closed their session, the room is usable again.
So it is still the question for me: how to close a room properly within a lua script running for example at the hook “muc-occupant-left”?

You can obtain the room instance and call destroy.

you mean this one:;

That doesnt work, the client hangs in the browser and the prosody session is still open and the roomname still occupied.

Probably clients also needs to handle that … A hack you can do is to generate a kick stanza and process it in the room for every participant …

Thx for the hint. Can you please give me a direction to start? Or a piece of code?

Kick someone and check the message that was sent (in the js console save the logs APP.conference.saveLogs()).
Here is an example how to generate a presence and process it.