+ virtual int OnAccessCheck(userrec* source,userrec* dest,chanrec* channel,int access_type)
+ {
+ // here we perform access checks, this is the important bit that actually stops kicking/deopping
+ // etc of protected users. There are many types of access check, we're going to handle
+ // a relatively small number of them relevent to our module using a switch statement.
+
+ // don't allow action if:
+ // (A) Theyre founder (no matter what)
+ // (B) Theyre protected, and you're not
+ // always allow the action if:
+ // (A) The source is ulined
+
+
+ // firstly, if a ulined nick, or a server, is setting the mode, then allow them to set the mode
+ // without any access checks, we're not worthy :p
+ if ((Srv->IsUlined(source->nick)) || (Srv->IsUlined(source->server)) || (!strcmp(source->server,"")))
+ {
+ return ACR_ALLOW;
+ }
+
+ switch (access_type)
+ {
+ // a user has been deopped. Do we let them? hmmm...
+ case AC_DEOP:
+ if (dest->GetExt("cm_founder_"+std::string(channel->name)))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't deop "+std::string(dest->nick)+" as the're a channel founder");
+ return ACR_DENY;
+ }
+ if ((dest->GetExt("cm_protect_"+std::string(channel->name))) && (!source->GetExt("cm_protect_"+std::string(channel->name))))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't deop "+std::string(dest->nick)+" as the're protected (+a)");
+ return ACR_DENY;
+ }
+ break;
+
+ // a user is being kicked. do we chop off the end of the army boot?
+ case AC_KICK:
+ if (dest->GetExt("cm_founder_"+std::string(channel->name)))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't kick "+std::string(dest->nick)+" as the're a channel founder");
+ return ACR_DENY;
+ }
+ if ((dest->GetExt("cm_protect_"+std::string(channel->name))) && (!source->GetExt("cm_protect_"+std::string(channel->name))))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't kick "+std::string(dest->nick)+" as the're protected (+a)");
+ return ACR_DENY;
+ }
+ break;
+
+ // a user is being dehalfopped. Yes, we do disallow -h of a +ha user
+ case AC_DEHALFOP:
+ if (dest->GetExt("cm_founder_"+std::string(channel->name)))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't de-halfop "+std::string(dest->nick)+" as the're a channel founder");
+ return ACR_DENY;
+ }
+ if ((dest->GetExt("cm_protect_"+std::string(channel->name))) && (!source->GetExt("cm_protect_"+std::string(channel->name))))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't de-halfop "+std::string(dest->nick)+" as the're protected (+a)");
+ return ACR_DENY;
+ }
+ break;
+
+ // same with devoice.
+ case AC_DEVOICE:
+ if (dest->GetExt("cm_founder_"+std::string(channel->name)))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't devoice "+std::string(dest->nick)+" as the're a channel founder");
+ return ACR_DENY;
+ }
+ if ((dest->GetExt("cm_protect_"+std::string(channel->name))) && (!source->GetExt("cm_protect_"+std::string(channel->name))))
+ {
+ Srv->SendServ(source->fd,"484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't devoice "+std::string(dest->nick)+" as the're protected (+a)");
+ return ACR_DENY;
+ }
+ break;
+ }
+
+ // we dont know what this access check is, or dont care. just carry on, nothing to see here.
+ return ACR_DEFAULT;
+ }
+