I have ejabberd set up using external_auth to authenticate against the user database of my web application. What I would like is to be able to create a MUC (chat room) for site moderators, and automatically add those users to the chat, to the exclusion of all other users.
Eventually I would also like to be able to map my site’s groups functionality to MUC’s in ejabberd also.
The external authentication API for ejabberd doesn’t seem to provide for fine-grained access control, basically only allowing you to query whether a user is registered and whether a username / password combination successfully authenticates a user.
The only reference I’ve seen to acl’s for MUC’s is here:
http://www.ejabberd.im/aclpopulate
But that seems to require setting privileges through the webadmin interface.
Is there no way to do this automatically from external auth?
To answer my own question, it doesn’t seem possible to do what I need by using external auth.
I ended up integrating ejabberd commands into the user / group lifecycle of my web app, which was quicker than I had anticipated, and has the added bonus of being a zillion times faster than using external auth (I use ejabberd’s internal user database, using ejabberdctl to create users, update passwords, add and remove from shared rosters and create muc’s).
To help with that process I created a PHP wrapper for ejabberdctl which is freely available on github:
https://github.com/tomlancaster/Ejabberd-Wrapper-PHP
Please feel free to use and abuse it as you wish.