Check also 'access' rule on account removal

According to the documentation we should not allow account removal when it's forbidden by the rule from 'access' option.
author: Evgeny Khramtsov <ekhramtsov@process-one.net> 2019-11-24 16:21:01 +0300
committer: Evgeny Khramtsov <ekhramtsov@process-one.net> 2019-11-24 16:21:01 +0300
commit: de91618070473fdf2ecff30c722f0770acd1a912 (patch)
tree: 55ed98d96c3d10fa7b84c09fb78ef541f56fa9f6 /src/mod_register.erl
parent: Make sure IQ result is correctly routed on account removal (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/src/mod_register.erl b/src/mod_register.erl
index 31bb52c9d..10c55b6f5 100644
--- a/src/mod_register.erl
+++ b/src/mod_register.erl
@@ -114,8 +114,12 @@ process_iq(#iq{from = From, to = To} = IQ, Source) ->
 	end,
     Server = To#jid.lserver,
     Access = mod_register_opt:access_remove(Server),
-    AllowRemove = allow == acl:match_rule(Server, Access, From),
-    process_iq(IQ, Source, IsCaptchaEnabled, AllowRemove).
+    Remove = case acl:match_rule(Server, Access, From) of
+                 deny -> deny;
+                 allow ->
+                     check_access(From#jid.luser, From#jid.lserver, Source)
+             end,
+    process_iq(IQ, Source, IsCaptchaEnabled, Remove == allow).
 
 process_iq(#iq{type = set, lang = Lang,
 	       sub_els = [#register{remove = true}]} = IQ,
author	Evgeny Khramtsov <ekhramtsov@process-one.net>	2019-11-24 16:21:01 +0300
committer	Evgeny Khramtsov <ekhramtsov@process-one.net>	2019-11-24 16:21:01 +0300
commit	de91618070473fdf2ecff30c722f0770acd1a912 (patch)
tree	55ed98d96c3d10fa7b84c09fb78ef541f56fa9f6 /src/mod_register.erl
parent	Make sure IQ result is correctly routed on account removal (diff)