Add ability to control what opertypes can set what operonly user/chan modes. This works the same way as commands, in that modes allowed by classes are added together, and * allows all.

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9176 e03df62e-2008-0410-955e-edbf42e46eb7

3 files changed, 74 insertions, 11 deletions

diff --git a/src/configreader.cpp b/src/configreader.cpp
index 2093c82c8..83b7e14d9 100644
--- a/src/configreader.cpp
+++ b/src/configreader.cpp
@@ -925,9 +925,9 @@ void ServerConfig::Read(bool bail, User* user)
 				InitTypes, DoType, DoneClassesAndTypes},
 
 		{"class",
-				{"name",	"commands",	NULL},
-				{"",		"",		NULL},
-				{DT_NOSPACES,	DT_CHARPTR},
+				{"name",	"commands",	"usermodes",	"chanmodes",	NULL},
+				{"",		"",		"",		"",		NULL},
+				{DT_NOSPACES,	DT_CHARPTR,	DT_CHARPTR,	DT_CHARPTR},
 				InitClasses, DoClass, DoneClassesAndTypes},
 	
 		{NULL,
@@ -2105,8 +2105,12 @@ bool InitClasses(ServerConfig* conf, const char*)
 	{
 		for (operclass_t::iterator n = conf->operclass.begin(); n != conf->operclass.end(); n++)
 		{
-			if (n->second)
-				delete[] n->second;
+			if (n->second.commandlist)
+				delete[] n->second.commandlist;
+			if (n->second.cmodelist)
+				delete[] n->second.cmodelist;
+			if (n->second.umodelist)
+				delete[] n->second.umodelist;
 		}
 	}
 
@@ -2129,12 +2133,31 @@ bool DoType(ServerConfig* conf, const char*, char**, ValueList &values, int*)
 /*
  * XXX should this be in a class? -- w00t
  */
-bool DoClass(ServerConfig* conf, const char*, char**, ValueList &values, int*)
+bool DoClass(ServerConfig* conf, const char* tag, char**, ValueList &values, int*)
 {
 	const char* ClassName = values[0].GetString();
 	const char* CommandList = values[1].GetString();
+	const char* UModeList = values[2].GetString();
+	const char* CModeList = values[3].GetString();
+
+	for (const char* c = UModeList; *c; ++c)
+	{
+		if ((*c < 'A' || *c > 'z') && *c != '*')
+		{
+			throw CoreException("Character " + std::string(1, *c) + " is not a valid mode in <class:usermodes>");
+		}
+	}
+	for (const char* c = CModeList; *c; ++c)
+	{
+		if ((*c < 'A' || *c > 'z') && *c != '*')
+		{
+			throw CoreException("Character " + std::string(1, *c) + " is not a valid mode in <class:chanmodes>");
+		}
+	}
 
-	conf->operclass[ClassName] = strnewdup(CommandList);
+	conf->operclass[ClassName].commandlist = strnewdup(CommandList);
+	conf->operclass[ClassName].umodelist = strnewdup(UModeList);
+	conf->operclass[ClassName].cmodelist = strnewdup(CModeList);
 	return true;
 }
 
diff --git a/src/mode.cpp b/src/mode.cpp
index 21d7fa412..db9641edb 100644
--- a/src/mode.cpp
+++ b/src/mode.cpp
@@ -577,10 +577,13 @@ void ModeParser::Process(const char* const* parameters, int pcnt, User *user, bo
 							/* It's an oper only mode, check if theyre an oper. If they arent,
 							 * eat any parameter that  came with the mode, and continue to next
 							 */
-							if ((IS_LOCAL(user)) && (modehandlers[handler_id]->NeedsOper()) && (!IS_OPER(user)))
+							if ((IS_LOCAL(user)) && (modehandlers[handler_id]->NeedsOper()) && (!user->HasModePermission(modehandlers[handler_id]->GetModeChar(), type)))
 							{
-								user->WriteNumeric(481, "%s :Permission Denied - Only IRC operators may %sset %s mode %c", user->nick,
-										adding ? "" : "un", type == MODETYPE_CHANNEL ? "channel" : "user",
+								user->WriteNumeric(481, "%s :Permission Denied - Oper type %s does not have access to %sset %s mode %c",
+										user->nick,
+										user->oper,
+										adding ? "" : "un",
+										type == MODETYPE_CHANNEL ? "channel" : "user",
 										modehandlers[handler_id]->GetModeChar());
 								continue;
 							}
diff --git a/src/users.cpp b/src/users.cpp
index 5724e9eab..bdceba1f5 100644
--- a/src/users.cpp
+++ b/src/users.cpp
@@ -194,6 +194,8 @@ User::User(InspIRCd* Instance, const std::string &uid) : ServerInstance(Instance
 	ip = NULL;
 	MyClass = NULL;
 	AllowedOperCommands = NULL;
+	memset(AllowedUserModes, 0, sizeof(AllowedUserModes));
+	memset(AllowedChanModes, 0, sizeof(AllowedChanModes));
 	chans.clear();
 	invites.clear();
 	memset(modes,0,sizeof(modes));
@@ -437,6 +439,18 @@ void User::RemoveInvite(const irc::string &channel)
 	}
 }
 
+bool User::HasModePermission(unsigned char mode, ModeType type)
+{
+	if (!IS_LOCAL(this))
+		return true;
+
+	if (!IS_OPER(this))
+		return false;
+
+	return ((type == MODETYPE_USER ? AllowedUserModes : AllowedChanModes))[(mode - 'A')];
+	
+}
+
 bool User::HasPermission(const std::string &command)
 {
 	/*
@@ -676,7 +690,7 @@ void User::Oper(const std::string &opertype, const std::string &opername)
 				operclass_t::iterator iter_operclass = ServerInstance->Config->operclass.find(myclass);
 				if (iter_operclass != ServerInstance->Config->operclass.end())
 				{
-					char* CommandList = strdup(iter_operclass->second);
+					char* CommandList = strdup(iter_operclass->second.commandlist);
 					mycmd = strtok_r(CommandList," ",&savept2);
 					while (mycmd)
 					{
@@ -684,6 +698,29 @@ void User::Oper(const std::string &opertype, const std::string &opername)
 						mycmd = strtok_r(NULL," ",&savept2);
 					}
 					free(CommandList);
+					this->AllowedUserModes['o' - 'A'] = true; // Call me paranoid if you want.
+					for (unsigned char* c = (unsigned char*)iter_operclass->second.umodelist; *c; ++c)
+					{
+						if (*c == '*')
+						{
+							memset(this->AllowedUserModes, (int)(true), sizeof(this->AllowedUserModes));
+						}
+						else
+						{
+							this->AllowedUserModes[*c - 'A'] = true;
+						}
+					}
+					for (unsigned char* c = (unsigned char*)iter_operclass->second.cmodelist; *c; ++c)
+					{
+						if (*c == '*')
+						{
+							memset(this->AllowedChanModes, (int)(true), sizeof(this->AllowedChanModes));
+						}
+						else
+						{
+							this->AllowedChanModes[*c - 'A'] = true;
+						}
+					}
 				}
 				myclass = strtok_r(NULL," ",&savept);
 			}