diff options
-rw-r--r-- | lib/rbot/botuser.rb | 14 | ||||
-rw-r--r-- | lib/rbot/core/auth.rb | 196 |
2 files changed, 197 insertions, 13 deletions
diff --git a/lib/rbot/botuser.rb b/lib/rbot/botuser.rb index a6a3bf4a..2a098ddb 100644 --- a/lib/rbot/botuser.rb +++ b/lib/rbot/botuser.rb @@ -23,7 +23,7 @@ module Irc BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',
:default => 'false',
:desc => 'Set true if new botusers should allow logging in without a password when the user netmask is known')
- BotConfig.register BotConfigBooleanValue.new( 'auth.login_auto',
+ BotConfig.register BotConfigBooleanValue.new( 'auth.autologin',
:default => 'false',
:desc => 'Set true if new botusers should try to recognize IRC users without a need to manually login')
# BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',
@@ -177,7 +177,7 @@ module Irc @netmasks = NetmaskList.new
@perm = {}
@login_by_mask = Auth.manager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask)
- @autologin = Auth.manager.bot.config['auth.login_auto'] unless defined?(@autologin)
+ @autologin = Auth.manager.bot.config['auth.autologin'] unless defined?(@autologin)
end
# Inspection
@@ -316,7 +316,7 @@ module Irc # is right. If it is, the Netmask of the user is added to the
# list of acceptable Netmask unless it's already matched.
def login(user, password)
- if password == @password or (password.nil? and @login_by_mask and knows?(user))
+ if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user))
add_netmask(user) unless knows?(user)
debug "#{user} logged in as #{self.inspect}"
return true
@@ -548,7 +548,7 @@ module Irc #
# It is possible to autologin by Netmask, on request
#
- def login(user, botusername, pwd)
+ def login(user, botusername, pwd=nil)
ircuser = user.to_irc_user
n = BotUser.sanitize_username(botusername)
k = n.to_sym
@@ -590,7 +590,11 @@ module Irc # * everyone on all channels
#
def permit?(user, cmdtxt, channel=nil)
- botuser = irc_to_botuser(user)
+ if user.class <= BotUser
+ botuser = user
+ else
+ botuser = irc_to_botuser(user)
+ end
cmd = cmdtxt.to_irc_auth_command
chan = channel
diff --git a/lib/rbot/core/auth.rb b/lib/rbot/core/auth.rb index 53d88996..b108577d 100644 --- a/lib/rbot/core/auth.rb +++ b/lib/rbot/core/auth.rb @@ -123,11 +123,23 @@ class AuthModule < CoreBotModule m.reply "Ok, #{user} now also has permissions #{params[:args].join(' ')}"
end
+ def get_botuser_for(user)
+ @bot.auth.irc_to_botuser(user)
+ end
+
+ def get_botusername_for(user)
+ get_botuser_for(user).username
+ end
+
+ def welcome(user)
+ "welcome, #{get_botusername_for(user)}"
+ end
+
def auth_login(m, params)
begin
case @bot.auth.login(m.source, params[:botuser], params[:password])
when true
- m.reply "welcome, #{@bot.auth.irc_to_botuser(m.source).username}"
+ m.reply welcome(m.source)
@bot.auth.set_changed
else
m.reply "sorry, can't do"
@@ -138,17 +150,174 @@ class AuthModule < CoreBotModule end
end
+ def auth_autologin(m, params)
+ u = do_autologin(m.source)
+ case u.username
+ when 'everyone'
+ m.reply "I couldn't find anything to let you login automatically"
+ else
+ m.reply welcome(m.source)
+ end
+ end
+
+ def do_autologin(user)
+ @bot.auth.autologin(user)
+ end
+
+ def auth_whoami(m, params)
+ rep = ""
+ # if m.public?
+ # rep << m.source.nick << ", "
+ # end
+ rep << "you are "
+ rep << get_botusername_for(m.source).gsub(/^everyone$/, "no one that I know").gsub(/^owner$/, "my boss")
+ m.reply rep
+ end
+
+ def help(plugin, topic="")
+ case topic
+ when /^login/
+ return "login [<botuser>] [<pass>]: logs in to the bot as botuser <botuser> with password <pass>. <pass> can be omitted if <botuser> allows login-by-mask and your netmask is among the known ones. if <botuser> is omitted too autologin will be attempted"
+ when /^whoami/
+ return "whoami: names the botuser you're linked to"
+ when /^permission syntax/
+ return "A permission is specified as module::path::to::cmd; when you want to enable it, prefix it with +; when you want to disable it, prefix it with -; when using the +reset+ command, do not use any prefix"
+ when /^permission/
+ return "permissions (re)set <permission> [in <channel>] for <user>: sets or resets the permissions for botuser <user> in channel <channel> (use ? to change the permissions for private addressing)"
+ else
+ return "#{name}: login, whoami, permission syntax, permissions"
+ end
+ end
+
+ def need_args(cmd)
+ "sorry, I need more arguments to #{cmd}"
+ end
+
+ def not_args(cmd, *stuff)
+ "I can only #{cmd} these: #{stuff.join(', ')}"
+ end
+
+ def set_bool_prop(botuser, prop, val)
+ k = prop.to_s.gsub("-","_")
+ botuser.send( (k + "=").to_sym, val)
+ end
+
+ def reset_bool_prop(botuser, prop)
+ k = prop.to_s.gsub("-","_")
+ botuser.send( (k + "=").to_sym, @bot.config['auth.' + k])
+ end
+
+ def ask_bool_prop(botuser, prop)
+ k = prop.to_s.gsub("-","_")
+ botuser.send( (k + "?").to_sym)
+ end
+
+ def auth_manage_user(m, params)
+ splits = params[:data]
+
+ cmd = splits.first
+ return auth_whoami(m, params) if cmd.nil?
+
+ botuser = get_botuser_for(m.source)
+ # By default, we do stuff on the botuser the irc user is bound to
+ butarget = botuser
+
+ has_for = splits[-2] == "for"
+ butarget = @bot.auth.get_botuser(splits[-1]) if has_for
+ return m.reply "you can't mess with #{butarget.username}" if butarget == @bot.auth.botowner && botuser != butarget
+ splits.slice!(-2,2) if has_for
+
+ bools = [:autologin, :"login-by-mask"]
+ can_set = [:password] + bools
+ can_reset = can_set + [:netmasks]
+
+ case cmd.to_sym
+
+ when :show, :list
+ return "you can't see the properties of #{butarget.username}" if botuser != butarget and !botuser.permit?("auth::show::other")
+
+ case splits[1]
+ when nil, "all"
+ props = can_reset
+ when "password"
+ return m.reply "you can't ask for someone else's password" if botuser != butarget and !botuser.permit?("auth::show::other::password")
+ return m.reply "c'mon, you can't be asking me seriously to tell you the password in public!" if m.public?
+ return m.reply "the password for #{butarget.username} is #{butarget.password}"
+ else
+ props = splits[1..-1]
+ end
+
+ str = []
+
+ props.each { |arg|
+ k = arg.to_sym
+ next if k == :password
+ case k
+ when *bools
+ str << "can"
+ str.last << "not" unless ask_bool_prop(butarget, k)
+ str.last << " #{k}"
+ when :netmasks
+ str << "knows "
+ if butarget.netmasks.empty?
+ str.last << "no netmasks"
+ else
+ str.last << butarget.netmasks.join(", ")
+ end
+ end
+ }
+ return m.reply "#{butarget.username} #{str.join('; ')}"
+
+ when :enable, :disable
+ return m.reply "you can't change the default user" if butarget == @bot.auth.everyone and !botuser.permit?("auth::edit::default")
+ return m.reply "you can't edit #{butarget.username}" if butarget != botuser and !botuser.permit?("auth::edit::other")
+
+ return m.reply need_args(cmd) unless splits[1]
+ things = []
+ splits[1..-1].each { |a|
+ arg = a.to_sym
+ if bools.include?(arg)
+ set_bool_prop(butarget, arg, cmd.to_sym == :enable)
+ else
+ m.reply not_args(cmd, *bools)
+ end
+ things << a
+ }
+ return auth_manage_user(m, {:data => ["show"] + things })
+
+ when :set
+ return m.reply "you can't change the default user" if butarget == @bot.auth.everyone and !botuser.permit?("auth::edit::default")
+ return m.reply "you can't edit #{butarget.username}" if butarget != botuser and !botuser.permit?("auth::edit::other")
+
+ return need_args(cmd) unless splits[1]
+ things = []
+ # TODO
+ #return not_args(cmd, *can_set) unless bools.include?(arg)
+
+ when :reset
+ return m.reply "you can't change the default user" if butarget == @bot.auth.everyone and !botuser.permit?("auth::edit::default")
+ return m.reply "you can't edit #{butarget.username}" if butarget != botuser and !botuser.permit?("auth::edit::other")
+
+ return need_args(cmd) unless splits[1]
+ things = []
+ # TODO
+ else
+ m.reply "sorry, I don't know how to #{m.message}"
+ end
+ end
+
end
auth = AuthModule.new
-auth.map "permissions set *args for :user",
- :action => 'auth_set',
- :auth_path => ':edit::set:'
+auth.map "user *data",
+ :action => 'auth_manage_user'
-auth.map "permissions reset *args for :user",
- :action => 'auth_reset',
- :auth_path => ':edit::reset:'
+auth.default_auth("user", true)
+
+auth.map "whoami",
+ :action => 'auth_whoami',
+ :auth_path => '!*!'
auth.map "login :botuser :password",
:action => 'auth_login',
@@ -158,8 +327,19 @@ auth.map "login :botuser :password", auth.map "login :botuser",
:action => 'auth_login',
- :defaults => { :password => nil },
:auth_path => '!login!'
+auth.map "login",
+ :action => 'auth_autologin',
+ :auth_path => '!login!'
+
+auth.map "permissions set *args for :user",
+ :action => 'auth_set',
+ :auth_path => ':edit::set:'
+
+auth.map "permissions reset *args for :user",
+ :action => 'auth_reset',
+ :auth_path => ':edit::reset:'
+
auth.default_auth('*', false)
|