BotConfig.register BotConfigStringValue.new( 'auth.password',\r
:default => 'rbotauth', :wizard => true,\r
:desc => 'Password for the bot owner' )\r
+ BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',\r
+ :default => 'true',\r
+ :desc => 'Set false to prevent new botusers from logging in without a password when the user netmask is known')\r
+ BotConfig.register BotConfigBooleanValue.new( 'auth.autologin',\r
+ :default => 'true',\r
+ :desc => 'Set false to prevent new botusers from recognizing IRC users without a need to manually login')\r
# BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',\r
# :default => 10, :wizard => true,\r
# :desc => 'The default level for new/unknown users' )\r
\r
# Generate a random password of length _l_\r
#\r
- def random_password(l=8)\r
+ def Auth.random_password(l=8)\r
pwd = ""\r
8.times do\r
pwd += (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr\r
# This class describes a permission set\r
class PermissionSet\r
\r
+ attr_reader :perm\r
# Create a new (empty) PermissionSet\r
#\r
def initialize\r
end\r
\r
\r
- # This is the basic class for bot users: they have a username, a password, a\r
- # list of netmasks to match against, and a list of permissions.\r
+ # This is the error that gets raised when an invalid password is met\r
+ #\r
+ class InvalidPassword < RuntimeError\r
+ end\r
+\r
+\r
+ # This is the basic class for bot users: they have a username, a password,\r
+ # a list of netmasks to match against, and a list of permissions.\r
#\r
class BotUser\r
\r
attr_reader :username\r
attr_reader :password\r
attr_reader :netmasks\r
+ attr_reader :perm\r
+ attr_writer :login_by_mask\r
+ attr_writer :autologin\r
\r
# Create a new BotUser with given username\r
def initialize(username)\r
@password = nil\r
@netmasks = NetmaskList.new\r
@perm = {}\r
+ reset_login_by_mask\r
+ reset_autologin\r
end\r
\r
# Inspection\r
str << " @username=#{@username.inspect}"\r
str << " @netmasks=#{@netmasks.inspect}"\r
str << " @perm=#{@perm.inspect}"\r
- str\r
+ str << " @login_by_mask=#{@login_by_mask}"\r
+ str << " @autologin=#{@autologin}"\r
+ str << ">"\r
+ end\r
+\r
+ # In strings\r
+ def to_s\r
+ @username\r
end\r
\r
# Convert into a hash\r
:username => @username,\r
:password => @password,\r
:netmasks => @netmasks,\r
- :perm => @perm\r
+ :perm => @perm,\r
+ :login_by_mask => @login_by_mask,\r
+ :autologin => @autologin\r
}\r
end\r
\r
+ # Do we allow logging in without providing the password?\r
+ #\r
+ def login_by_mask?\r
+ @login_by_mask\r
+ end\r
+\r
+ # Reset the login-by-mask option\r
+ #\r
+ def reset_login_by_mask\r
+ @login_by_mask = Auth.authmanager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask)\r
+ end\r
+\r
+ # Reset the autologin option\r
+ #\r
+ def reset_autologin\r
+ @autologin = Auth.authmanager.bot.config['auth.autologin'] unless defined?(@autologin)\r
+ end\r
+\r
+ # Do we allow automatic logging in?\r
+ #\r
+ def autologin?\r
+ @autologin\r
+ end\r
+\r
# Restore from hash\r
def from_hash(h)\r
@username = h[:username] if h.has_key?(:username)\r
@password = h[:password] if h.has_key?(:password)\r
@netmasks = h[:netmasks] if h.has_key?(:netmasks)\r
@perm = h[:perm] if h.has_key?(:perm)\r
+ @login_by_mask = h[:login_by_mask] if h.has_key?(:login_by_mask)\r
+ @autologin = h[:autologin] if h.has_key?(:autologin)\r
end\r
\r
# This method sets the password if the proposed new password\r
\r
# Resets the password by creating a new onw\r
def reset_password\r
- @password = random_password\r
+ @password = Auth.random_password\r
end\r
\r
# Sets the permission for command _cmd_ to _val_ on channel _chan_\r
\r
# Removes all <code>Netmask</code>s\r
#\r
- def reset_netmask_list\r
+ def reset_netmasks\r
@netmasks = NetmaskList.new\r
end\r
\r
# is right. If it is, the Netmask of the user is added to the\r
# list of acceptable Netmask unless it's already matched.\r
def login(user, password)\r
- if password == @password\r
+ if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user))\r
add_netmask(user) unless knows?(user)\r
debug "#{user} logged in as #{self.inspect}"\r
return true\r
# and replacing any nonalphanumeric character with _\r
#\r
def BotUser.sanitize_username(name)\r
- return name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")\r
+ candidate = name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")\r
+ raise "sanitized botusername #{candidate} too short" if candidate.length < 3\r
+ return candidate\r
end\r
\r
end\r
#\r
class DefaultBotUserClass < BotUser\r
\r
- private :login, :add_netmask, :delete_netmask\r
+ private :add_netmask, :delete_netmask\r
\r
include Singleton\r
\r
+ # The default BotUser is named 'everyone'\r
+ #\r
def initialize\r
+ reset_login_by_mask\r
+ reset_autologin\r
super("everyone")\r
@default_perm = PermissionSet.new\r
end\r
\r
+ # This method returns without changing anything\r
+ #\r
+ def login_by_mask=(val)\r
+ debug "Tried to change the login-by-mask for default bot user, ignoring"\r
+ return @login_by_mask\r
+ end\r
+\r
+ # The default botuser allows logins by mask\r
+ #\r
+ def reset_login_by_mask\r
+ @login_by_mask = true\r
+ end\r
+\r
+ # This method returns without changing anything\r
+ #\r
+ def autologin=(val)\r
+ debug "Tried to change the autologin for default bot user, ignoring"\r
+ return\r
+ end\r
+\r
+ # The default botuser doesn't allow autologin (meaningless)\r
+ #\r
+ def reset_autologin\r
+ @autologin = false\r
+ end\r
+\r
# Sets the default permission for the default user (i.e. the ones\r
# set by the BotModule writers) on all channels\r
#\r
return true if user.to_irc_user\r
end\r
\r
+ # We always allow logging in as the default user\r
+ def login(user, password)\r
+ return true\r
+ end\r
+\r
# Resets the NetmaskList\r
- def reset_netmask_list\r
+ def reset_netmasks\r
super\r
add_netmask("*!*@*")\r
end\r
include Singleton\r
\r
def initialize\r
+ @login_by_mask = false\r
+ @autologin = true\r
super("owner")\r
end\r
\r
\r
attr_reader :everyone\r
attr_reader :botowner\r
+ attr_reader :bot\r
\r
# The instance manages two <code>Hash</code>es: one that maps\r
# <code>Irc::User</code>s onto <code>BotUser</code>s, and the other that maps\r
\r
# Maps <code>Irc::User</code> to BotUser\r
def irc_to_botuser(ircuser)\r
- # TODO check netmasks\r
- @botusers[ircuser.to_irc_user] || everyone\r
+ logged = @botusers[ircuser.to_irc_user]\r
+ return logged if logged\r
+ return autologin(ircuser)\r
end\r
\r
# creates a new BotUser\r
def create_botuser(name, password=nil)\r
n = BotUser.sanitize_username(name)\r
k = n.to_sym\r
- raise "BotUser #{n} exists" if include?(k)\r
+ raise "botuser #{n} exists" if include?(k)\r
bu = BotUser.new(n)\r
bu.password = password\r
@allbotusers[k] = bu\r
+ return bu\r
end\r
\r
# returns the botuser with name _name_\r
@allbotusers.fetch(BotUser.sanitize_username(name).to_sym)\r
end\r
\r
- # Logs Irc::User _ircuser_ in to BotUser _botusername_ with password _pwd_\r
+ # Logs Irc::User _user_ in to BotUser _botusername_ with password _pwd_\r
#\r
# raises an error if _botusername_ is not a known BotUser username\r
#\r
# It is possible to autologin by Netmask, on request\r
#\r
- def login(user, botusername, pwd, bymask = false)\r
+ def login(user, botusername, pwd=nil)\r
ircuser = user.to_irc_user\r
n = BotUser.sanitize_username(botusername)\r
k = n.to_sym\r
raise "No such BotUser #{n}" unless include?(k)\r
if @botusers.has_key?(ircuser)\r
+ return true if @botusers[ircuser].username == n\r
# TODO\r
# @botusers[ircuser].logout(ircuser)\r
end\r
bu = @allbotusers[k]\r
- if bymask && bu.knows?(ircuser)\r
- @botusers[ircuser] = bu\r
- return true\r
- elsif bu.login(ircuser, pwd)\r
+ if bu.login(ircuser, pwd)\r
@botusers[ircuser] = bu\r
return true\r
end\r
return false\r
end\r
\r
+ # Tries to auto-login Irc::User _user_ by looking at the known botusers that allow autologin\r
+ # and trying to login without a password\r
+ #\r
+ def autologin(user)\r
+ ircuser = user.to_irc_user\r
+ debug "Trying to autlogin #{ircuser}"\r
+ return @botusers[ircuser] if @botusers.has_key?(ircuser)\r
+ @allbotusers.each { |n, bu|\r
+ debug "Checking with #{n}"\r
+ return bu if bu.autologin? and login(ircuser, n)\r
+ }\r
+ return everyone\r
+ end\r
+\r
# Checks if User _user_ can do _cmd_ on _chan_.\r
#\r
# Permission are checked in this order, until a true or false\r
# * everyone on all channels\r
#\r
def permit?(user, cmdtxt, channel=nil)\r
- botuser = irc_to_botuser(user)\r
+ if user.class <= BotUser\r
+ botuser = user\r
+ else\r
+ botuser = irc_to_botuser(user)\r
+ end\r
cmd = cmdtxt.to_irc_auth_command\r
\r
chan = channel\r
raise "Could not check permission for user #{user.inspect} to run #{cmdtxt.inspect} on #{chan.inspect}"\r
end\r
\r
- # Checks if command _cmd_ is allowed to User _user_ on _chan_\r
+ # Checks if command _cmd_ is allowed to User _user_ on _chan_, optionally\r
+ # telling if the user is authorized\r
+ #\r
def allow?(cmdtxt, user, chan=nil)\r
- permit?(user, cmdtxt, chan)\r
+ if permit?(user, cmdtxt, chan)\r
+ return true\r
+ else\r
+ # cmds = cmdtxt.split('::')\r
+ # @bot.say chan, "you don't have #{cmds.last} (#{cmds.first}) permissions here" if chan\r
+ @bot.say chan, "#{user}, you don't have '#{cmdtxt}' permissions here" if chan\r
+ return false\r
+ end\r
end\r
\r
end\r