summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/configreader.h6
-rw-r--r--include/token_list.h65
-rw-r--r--src/inspstring.cpp110
-rw-r--r--src/modules/m_check.cpp6
-rw-r--r--src/users.cpp33
5 files changed, 186 insertions, 34 deletions
diff --git a/include/configreader.h b/include/configreader.h
index 9fcb9c6a3..fc8c99d62 100644
--- a/include/configreader.h
+++ b/include/configreader.h
@@ -31,6 +31,7 @@
#include "modules.h"
#include "socketengine.h"
#include "socket.h"
+#include "token_list.h"
/** Structure representing a single \<tag> in config */
class CoreExport ConfigTag : public refcountbase
@@ -165,9 +166,8 @@ struct CommandLineConf
class CoreExport OperInfo : public refcountbase
{
public:
- typedef insp::flat_set<std::string> PrivSet;
- PrivSet AllowedOperCommands;
- PrivSet AllowedPrivs;
+ TokenList AllowedOperCommands;
+ TokenList AllowedPrivs;
/** Allowed user modes from oper classes. */
std::bitset<64> AllowedUserModes;
diff --git a/include/token_list.h b/include/token_list.h
new file mode 100644
index 000000000..ffa3b89e6
--- /dev/null
+++ b/include/token_list.h
@@ -0,0 +1,65 @@
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
+ *
+ * Copyright (C) 2017 Peter Powell <petpow@saberuk.com>
+ *
+ * This file is part of InspIRCd. InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#pragma once
+
+#include "compat.h"
+
+class CoreExport TokenList
+{
+ private:
+ /** Whether this list includes all tokens by default. */
+ bool permissive;
+
+ /** Either the tokens to exclude if in permissive mode or the tokens to include if in strict mode. */
+ insp::flat_set<std::string, irc::insensitive_swo> tokens;
+
+ public:
+ /** Adds a space-delimited list of tokens to the token list.
+ * @param tokenlist The list of space-delimited tokens to add.
+ */
+ void AddList(const std::string& tokenlist);
+
+ /** Adds a single token to the token list.
+ * @param token The token to add.
+ */
+ void Add(const std::string& token);
+
+ /** Removes all tokens from the token list. */
+ void Clear();
+
+ /** Determines whether the specified token exists in the token list.
+ * @param token The token to search for.
+ */
+ bool Contains(const std::string& token) const;
+
+ /** Removes the specified token from the token list.
+ * @param token The token to remove.
+ */
+ void Remove(const std::string& token);
+
+ /** Retrieves a string which represents the contents of this token list. */
+ std::string ToString() const;
+
+ /** Determines whether the specified token list contains the same tokens as this instance.
+ * @param other The tokenlist to compare against.
+ * @return True if the token lists are equal; otherwise, false.
+ */
+ bool operator==(const TokenList& other) const;
+};
diff --git a/src/inspstring.cpp b/src/inspstring.cpp
index b59492738..283c00d5b 100644
--- a/src/inspstring.cpp
+++ b/src/inspstring.cpp
@@ -124,3 +124,113 @@ bool InspIRCd::TimingSafeCompare(const std::string& one, const std::string& two)
return (diff == 0);
}
+
+void TokenList::AddList(const std::string& tokenlist)
+{
+ std::string token;
+ irc::spacesepstream tokenstream(tokenlist);
+ while (tokenstream.GetToken(token))
+ {
+ if (token[0] == '-')
+ Remove(token.substr(1));
+ else
+ Add(token);
+ }
+
+}
+void TokenList::Add(const std::string& token)
+{
+ // If the token is empty or contains just whitespace it is invalid.
+ if (token.empty() || token.find_first_not_of(" \t") == std::string::npos)
+ return;
+
+ // If the token is a wildcard entry then permissive mode has been enabled.
+ if (token == "*")
+ {
+ permissive = true;
+ tokens.clear();
+ return;
+ }
+
+ // If we are in permissive mode then remove the token from the token list.
+ // Otherwise, add it to the token list.
+ if (permissive)
+ tokens.erase(token);
+ else
+ tokens.insert(token);
+}
+
+void TokenList::Clear()
+{
+ permissive = false;
+ tokens.clear();
+}
+
+bool TokenList::Contains(const std::string& token) const
+{
+ // If we are in permissive mode and the token is in the list
+ // then we don't have it.
+ if (permissive && tokens.find(token) != tokens.end())
+ return false;
+
+ // If we are not in permissive mode and the token is not in
+ // the list then we don't have it.
+ if (!permissive && tokens.find(token) == tokens.end())
+ return false;
+
+ // We have the token!
+ return true;
+}
+
+void TokenList::Remove(const std::string& token)
+{
+ // If the token is empty or contains just whitespace it is invalid.
+ if (token.empty() || token.find_first_not_of(" \t") == std::string::npos)
+ return;
+
+ // If the token is a wildcard entry then permissive mode has been disabled.
+ if (token == "*")
+ {
+ permissive = false;
+ tokens.clear();
+ return;
+ }
+
+ // If we are in permissive mode then add the token to the token list.
+ // Otherwise, remove it from the token list.
+ if (permissive)
+ tokens.insert(token);
+ else
+ tokens.erase(token);
+}
+
+std::string TokenList::ToString() const
+{
+ std::string buffer(permissive ? "*" : "-*");
+ for (insp::flat_set<std::string>::const_iterator iter = tokens.begin(); iter != tokens.end(); ++iter)
+ {
+ buffer.push_back(' ');
+ buffer.append(*iter);
+ }
+ return buffer;
+}
+
+bool TokenList::operator==(const TokenList& other) const
+{
+ // Both sets must be in the same mode to be equal.
+ if (permissive != other.permissive)
+ return false;
+
+ // Both sets must be the same size to be equal.
+ if (tokens.size() != other.tokens.size())
+ return false;
+
+ for (insp::flat_set<std::string>::const_iterator iter = tokens.begin(); iter != tokens.end(); ++iter)
+ {
+ // Both sets must contain the same tokens to be equal.
+ if (other.tokens.find(*iter) == other.tokens.end())
+ return false;
+ }
+
+ return true;
+}
diff --git a/src/modules/m_check.cpp b/src/modules/m_check.cpp
index b442dea9c..e401c79f1 100644
--- a/src/modules/m_check.cpp
+++ b/src/modules/m_check.cpp
@@ -197,12 +197,10 @@ class CommandCheck : public Command
context.Write("modeperms", "user=" + umodes + " channel=" + cmodes);
CheckContext::List opcmdlist(context, "commandperms");
- for (OperInfo::PrivSet::const_iterator i = oper->AllowedOperCommands.begin(); i != oper->AllowedOperCommands.end(); ++i)
- opcmdlist.Add(*i);
+ opcmdlist.Add(oper->AllowedOperCommands.ToString());
opcmdlist.Flush();
CheckContext::List privlist(context, "permissions");
- for (OperInfo::PrivSet::const_iterator i = oper->AllowedPrivs.begin(); i != oper->AllowedPrivs.end(); ++i)
- privlist.Add(*i);
+ opcmdlist.Add(oper->AllowedPrivs.ToString());
privlist.Flush();
}
}
diff --git a/src/users.cpp b/src/users.cpp
index 397a13267..f7cd00a07 100644
--- a/src/users.cpp
+++ b/src/users.cpp
@@ -189,12 +189,7 @@ bool LocalUser::HasPermission(const std::string &command)
return false;
}
- if (oper->AllowedOperCommands.find(command) != oper->AllowedOperCommands.end())
- return true;
- else if (oper->AllowedOperCommands.find("*") != oper->AllowedOperCommands.end())
- return true;
-
- return false;
+ return oper->AllowedOperCommands.Contains(command);
}
bool User::HasPrivPermission(const std::string &privstr, bool noisy)
@@ -211,14 +206,8 @@ bool LocalUser::HasPrivPermission(const std::string &privstr, bool noisy)
return false;
}
- if (oper->AllowedPrivs.find(privstr) != oper->AllowedPrivs.end())
- {
+ if (oper->AllowedPrivs.Contains(privstr))
return true;
- }
- else if (oper->AllowedPrivs.find("*") != oper->AllowedPrivs.end())
- {
- return true;
- }
if (noisy)
this->WriteNotice("Oper type " + oper->name + " does not have access to priv " + privstr);
@@ -375,8 +364,8 @@ void User::Oper(OperInfo* info)
void OperInfo::init()
{
- AllowedOperCommands.clear();
- AllowedPrivs.clear();
+ AllowedOperCommands.Clear();
+ AllowedPrivs.Clear();
AllowedUserModes.reset();
AllowedChanModes.reset();
AllowedUserModes['o' - 'A'] = true; // Call me paranoid if you want.
@@ -384,19 +373,9 @@ void OperInfo::init()
for(std::vector<reference<ConfigTag> >::iterator iter = class_blocks.begin(); iter != class_blocks.end(); ++iter)
{
ConfigTag* tag = *iter;
- std::string mycmd, mypriv;
- /* Process commands */
- irc::spacesepstream CommandList(tag->getString("commands"));
- while (CommandList.GetToken(mycmd))
- {
- AllowedOperCommands.insert(mycmd);
- }
- irc::spacesepstream PrivList(tag->getString("privs"));
- while (PrivList.GetToken(mypriv))
- {
- AllowedPrivs.insert(mypriv);
- }
+ AllowedOperCommands.AddList(tag->getString("commands"));
+ AllowedPrivs.AddList(tag->getString("privs"));
std::string modes = tag->getString("usermodes");
for (std::string::const_iterator c = modes.begin(); c != modes.end(); ++c)