summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiuseppe Bilotta <giuseppe.bilotta@gmail.com>2006-08-29 09:49:58 +0000
committerGiuseppe Bilotta <giuseppe.bilotta@gmail.com>2006-08-29 09:49:58 +0000
commita3dc8d973b49d6a4bf1446093c194aed5f69916f (patch)
tree3553bcfb3d2667b93859ff978f58d466c445264c
parentb565bf81cbe456205b9f9fcf9e3960109c5b7de6 (diff)
Introduce BotConfigValue permissions, to protect particularly sensitive config options while still allowing access to more innocent ones
-rw-r--r--ChangeLog3
-rw-r--r--lib/rbot/config.rb2
-rw-r--r--lib/rbot/core/config.rb9
3 files changed, 14 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index f76d53fc..5a334901 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
* Script plugin: new (UNSAFE!) echo functions. Just like eval, but
m.replies the result of the evaluation.
+ * New Auth Framework: config keys now have their own permissions. So
+ you can allow people to view or edit only some of the config values.
+ auth.password defaults to false. Still needs some work.
2006-08-26 Giuseppe Bilotta <giuseppe.bilotta@gmail.com>
diff --git a/lib/rbot/config.rb b/lib/rbot/config.rb
index e8cea284..ef079429 100644
--- a/lib/rbot/config.rb
+++ b/lib/rbot/config.rb
@@ -25,6 +25,7 @@ module Irc
attr_reader :requires_rescan
attr_reader :order
attr_reader :manager
+ attr_reader :auth_path
def initialize(key, params)
@manager = BotConfig::configmanager
# Keys must be in the form 'module.name'.
@@ -48,6 +49,7 @@ module Irc
@wizard = params[:wizard]
@requires_restart = params[:requires_restart]
@requires_rescan = params[:requires_rescan]
+ @auth_path = "config::key::#{key.sub('.','::')}"
end
def default
if @default.instance_of?(Proc)
diff --git a/lib/rbot/core/config.rb b/lib/rbot/core/config.rb
index dfbaaab6..1fe2da22 100644
--- a/lib/rbot/core/config.rb
+++ b/lib/rbot/core/config.rb
@@ -36,6 +36,7 @@ class ConfigModule < CoreBotModule
m.reply "no such config key #{key}"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
value = @bot.config.items[key].to_s
m.reply "#{key}: #{value}"
end
@@ -54,6 +55,7 @@ class ConfigModule < CoreBotModule
unless @bot.config.items.has_key?(key)
m.reply "no such config key #{key}"
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
@bot.config.items[key].unset
handle_get(m, params)
m.reply "this config change will take effect on the next restart" if @bot.config.items[key].requires_restart
@@ -67,6 +69,7 @@ class ConfigModule < CoreBotModule
m.reply "no such config key #{key}"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].set_string(value)
rescue ArgumentError => e
@@ -93,6 +96,7 @@ class ConfigModule < CoreBotModule
m.reply "config key #{key} is not an array"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].add(value)
rescue ArgumentError => e
@@ -115,6 +119,7 @@ class ConfigModule < CoreBotModule
m.reply "config key #{key} is not an array"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].rm(value)
rescue ArgumentError => e
@@ -253,4 +258,8 @@ conf.map 'config help :topic',
conf.default_auth('*', false)
conf.default_auth('show::status', true)
+# TODO these shouldn't be set here, we need a way to let the default
+# permission be specified together with the BotConfigValue
+conf.default_auth('key', true)
+conf.default_auth('key::auth::password', false)