3 files changed, 14 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index f76d53fc..5a334901 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
 
 	* Script plugin: new (UNSAFE!) echo functions. Just like eval, but
 	m.replies the result of the evaluation.
+	* New Auth Framework: config keys now have their own permissions. So
+	you can allow people to view or edit only some of the config values.
+	auth.password defaults to false. Still needs some work.
 
 2006-08-26  Giuseppe Bilotta <giuseppe.bilotta@gmail.com>
 
diff --git a/lib/rbot/config.rb b/lib/rbot/config.rb
index e8cea284..ef079429 100644
--- a/lib/rbot/config.rb
+++ b/lib/rbot/config.rb
@@ -25,6 +25,7 @@ module Irc
     attr_reader :requires_rescan
     attr_reader :order
     attr_reader :manager
+    attr_reader :auth_path
     def initialize(key, params)
       @manager = BotConfig::configmanager
       # Keys must be in the form 'module.name'.
@@ -48,6 +49,7 @@ module Irc
       @wizard = params[:wizard]
       @requires_restart = params[:requires_restart]
       @requires_rescan = params[:requires_rescan]
+      @auth_path = "config::key::#{key.sub('.','::')}"
     end
     def default
       if @default.instance_of?(Proc)
diff --git a/lib/rbot/core/config.rb b/lib/rbot/core/config.rb
index dfbaaab6..1fe2da22 100644
--- a/lib/rbot/core/config.rb
+++ b/lib/rbot/core/config.rb
@@ -36,6 +36,7 @@ class ConfigModule < CoreBotModule
       m.reply "no such config key #{key}"

       return

     end

+    return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)

     value = @bot.config.items[key].to_s

     m.reply "#{key}: #{value}"

   end

@@ -54,6 +55,7 @@ class ConfigModule < CoreBotModule
     unless @bot.config.items.has_key?(key)

       m.reply "no such config key #{key}"

     end

+    return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)

     @bot.config.items[key].unset

     handle_get(m, params)

     m.reply "this config change will take effect on the next restart" if @bot.config.items[key].requires_restart

@@ -67,6 +69,7 @@ class ConfigModule < CoreBotModule
       m.reply "no such config key #{key}"

       return

     end

+    return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)

     begin

       @bot.config.items[key].set_string(value)

     rescue ArgumentError => e

@@ -93,6 +96,7 @@ class ConfigModule < CoreBotModule
       m.reply "config key #{key} is not an array"

       return

     end

+    return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)

     begin

       @bot.config.items[key].add(value)

     rescue ArgumentError => e

@@ -115,6 +119,7 @@ class ConfigModule < CoreBotModule
       m.reply "config key #{key} is not an array"

       return

     end

+    return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)

     begin

       @bot.config.items[key].rm(value)

     rescue ArgumentError => e

@@ -253,4 +258,8 @@ conf.map 'config help :topic',
 

 conf.default_auth('*', false)

 conf.default_auth('show::status', true)

+# TODO these shouldn't be set here, we need a way to let the default

+# permission be specified together with the BotConfigValue

+conf.default_auth('key', true)

+conf.default_auth('key::auth::password', false)