# License:: GPLv2\r
\r
require 'singleton'\r
+require 'set'\r
\r
\r
module Irc\r
\r
BotConfig.register BotConfigStringValue.new( 'auth.password',\r
:default => 'rbotauth', :wizard => true,\r
- :desc => 'Password for the bot owner' )\r
+ :on_change => Proc.new {|bot, v| bot.auth.botowner.password = v},\r
+ :desc => _('Password for the bot owner'))\r
BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',\r
:default => 'true',\r
- :desc => 'Set false to prevent new botusers from logging in without a password when the user netmask is known')\r
+ :desc => _('Set false to prevent new botusers from logging in without a password when the user netmask is known'))\r
BotConfig.register BotConfigBooleanValue.new( 'auth.autologin',\r
:default => 'true',\r
- :desc => 'Set false to prevent new botusers from recognizing IRC users without a need to manually login')\r
+ :desc => _('Set false to prevent new botusers from recognizing IRC users without a need to manually login'))\r
+ BotConfig.register BotConfigBooleanValue.new( 'auth.autouser',\r
+ :default => 'false',\r
+ :desc => _('Set true to allow new botusers to be created automatically'))\r
# BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',\r
# :default => 10, :wizard => true,\r
# :desc => 'The default level for new/unknown users' )\r
#\r
def Auth.random_password(l=8)\r
pwd = ""\r
- 8.times do\r
- pwd += (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr\r
+ l.times do\r
+ pwd << (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr\r
end\r
return pwd\r
end\r
k.to_sym\r
}\r
@command = path.last\r
- debug "Created command #{@command.inspect} with path #{@path.join(', ')}"\r
+ debug "Created command #{@command.inspect} with path #{@path.pretty_inspect}"\r
end\r
\r
# Returs self\r
end\r
\r
\r
+class Symbol\r
+\r
+ # Returns an Irc::Auth::Comand from the receiver\r
+ def to_irc_auth_command\r
+ Irc::Auth::Command.new(self)\r
+ end\r
+\r
+end\r
+\r
+\r
module Irc\r
\r
\r
# This class describes a permission set\r
class PermissionSet\r
\r
+ attr_reader :perm\r
# Create a new (empty) PermissionSet\r
#\r
def initialize\r
end\r
\r
\r
- # This is the basic class for bot users: they have a username, a password,\r
- # a list of netmasks to match against, and a list of permissions.\r
+ # This is the error that gets raised when an invalid password is met\r
+ #\r
+ class InvalidPassword < RuntimeError\r
+ end\r
+\r
+\r
+ # This is the basic class for bot users: they have a username, a\r
+ # password, a list of netmasks to match against, and a list of\r
+ # permissions. A BotUser can be marked as 'transient', usually meaning\r
+ # it's not intended for permanent storage. Transient BotUsers have lower\r
+ # priority than nontransient ones for autologin purposes.\r
+ #\r
+ # To initialize a BotUser, you pass a _username_ and an optional\r
+ # hash of options. Currently, only two options are recognized:\r
+ #\r
+ # transient:: true or false, determines if the BotUser is transient or\r
+ # permanent (default is false, permanent BotUser).\r
+ #\r
+ # Transient BotUsers are initialized by prepending an\r
+ # asterisk (*) to the username, and appending a sanitized\r
+ # version of the object_id. The username can be empty.\r
+ # A random password is generated.\r
+ #\r
+ # Permanent Botusers need the username as is, and no\r
+ # password is generated.\r
+ #\r
+ # masks:: an array of Netmasks to initialize the NetmaskList. This\r
+ # list is used as-is for permanent BotUsers.\r
+ #\r
+ # Transient BotUsers will alter the list elements which are\r
+ # Irc::User by globbing the nick and any initial nonletter\r
+ # part of the ident.\r
+ #\r
+ # The masks option is optional for permanent BotUsers, but\r
+ # obligatory (non-empty) for transients.\r
#\r
class BotUser\r
\r
attr_reader :username\r
attr_reader :password\r
attr_reader :netmasks\r
+ attr_reader :perm\r
attr_writer :login_by_mask\r
attr_writer :autologin\r
+ attr_writer :transient\r
+\r
+ # Checks if the BotUser is transient\r
+ def transient?\r
+ @transient\r
+ end\r
+\r
+ # Checks if the BotUser is permanent (not transient)\r
+ def permanent?\r
+ !@permanent\r
+ end\r
+\r
+ # Sets if the BotUser is permanent or not\r
+ def permanent=(bool)\r
+ @transient=!bool\r
+ end\r
\r
# Create a new BotUser with given username\r
- def initialize(username)\r
- @username = BotUser.sanitize_username(username)\r
- @password = nil\r
+ def initialize(username, options={})\r
+ opts = {:transient => false}.merge(options)\r
+ @transient = opts[:transient]\r
+\r
+ if @transient\r
+ @username = "*"\r
+ @username << BotUser.sanitize_username(username) if username and not username.to_s.empty?\r
+ @username << BotUser.sanitize_username(object_id)\r
+ reset_password\r
+ @login_by_mask=true\r
+ @autologin=true\r
+ else\r
+ @username = BotUser.sanitize_username(username)\r
+ @password = nil\r
+ reset_login_by_mask\r
+ reset_autologin\r
+ end\r
+\r
@netmasks = NetmaskList.new\r
+ if opts.key?(:masks) and opts[:masks]\r
+ masks = opts[:masks]\r
+ masks = [masks] unless masks.respond_to?(:each)\r
+ masks.each { |m|\r
+ mask = m.to_irc_netmask\r
+ if @transient and User === m\r
+ mask.nick = "*"\r
+ mask.host = m.host.dup\r
+ mask.user = "*" + m.user.sub(/^\w?[^\w]+/,'')\r
+ end\r
+ add_netmask(mask) unless mask.to_s == "*"\r
+ }\r
+ end\r
+ raise "must provide a usable mask for transient BotUser #{@username}" if @transient and @netmasks.empty?\r
+\r
@perm = {}\r
- reset_login_by_mask\r
- reset_autologin\r
end\r
\r
# Inspection\r
def inspect\r
- str = "<#{self.class}:#{'0x%08x' % self.object_id}:"\r
+ str = "<#{self.class}:#{'0x%08x' % self.object_id}"\r
+ str << " (transient)" if @transient\r
+ str << ":"\r
str << " @username=#{@username.inspect}"\r
str << " @netmasks=#{@netmasks.inspect}"\r
str << " @perm=#{@perm.inspect}"\r
str << ">"\r
end\r
\r
+ # In strings\r
+ def to_s\r
+ @username\r
+ end\r
+\r
# Convert into a hash\r
def to_hash\r
{\r
# This method sets the password if the proposed new password\r
# is valid\r
def password=(pwd=nil)\r
- if pwd\r
+ pass = pwd.to_s\r
+ if pass.empty?\r
+ reset_password\r
+ else\r
begin\r
- raise InvalidPassword, "#{pwd} contains invalid characters" if pwd !~ /^[A-Za-z0-9]+$/\r
- raise InvalidPassword, "#{pwd} too short" if pwd.length < 4\r
- @password = pwd\r
+ raise InvalidPassword, "#{pass} contains invalid characters" if pass !~ /^[\x21-\x7e]+$/\r
+ raise InvalidPassword, "#{pass} too short" if pass.length < 4\r
+ @password = pass\r
rescue InvalidPassword => e\r
raise e\r
rescue => e\r
- raise InvalidPassword, "Exception #{e.inspect} while checking #{pwd}"\r
+ raise InvalidPassword, "Exception #{e.inspect} while checking #{pass.inspect} (#{pwd.inspect})"\r
end\r
- else\r
- reset_password\r
end\r
end\r
\r
# It returns true or false depending on whether the password\r
# is right. If it is, the Netmask of the user is added to the\r
# list of acceptable Netmask unless it's already matched.\r
- def login(user, password)\r
+ def login(user, password=nil)\r
if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user))\r
add_netmask(user) unless knows?(user)\r
debug "#{user} logged in as #{self.inspect}"\r
\r
end\r
\r
-\r
# This is the default BotUser: it's used for all users which haven't\r
# identified with the bot\r
#\r
#\r
def set_default_permission(cmd, val)\r
@default_perm.set_permission(Command.new(cmd), val)\r
- debug "Default permissions now:\n#{@default_perm.inspect}"\r
+ debug "Default permissions now: #{@default_perm.pretty_inspect}"\r
end\r
\r
# default knows everybody\r
[everyone, botowner].each { |x|\r
@allbotusers[x.username.to_sym] = x\r
}\r
+ @transients = Set.new\r
end\r
\r
def load_array(ary, forced)\r
+ unless ary\r
+ warning "Tried to load an empty array"\r
+ return\r
+ end\r
raise "Won't load with unsaved changes" if @has_changes and not forced\r
reset_hashes\r
ary.each { |x|\r
create_botuser(u)\r
end\r
get_botuser(u).from_hash(x)\r
+ get_botuser(u).transient = false\r
}\r
@has_changes=false\r
end\r
\r
def save_array\r
@allbotusers.values.map { |x|\r
- x.to_hash\r
- }\r
+ x.transient? ? nil : x.to_hash\r
+ }.compact\r
end\r
\r
# checks if we know about a certain BotUser username\r
k = n.to_sym\r
raise "No such BotUser #{n}" unless include?(k)\r
if @botusers.has_key?(ircuser)\r
- return true if @botusers[ircuser].name = n\r
+ return true if @botusers[ircuser].username == n\r
# TODO\r
# @botusers[ircuser].logout(ircuser)\r
end\r
#\r
def autologin(user)\r
ircuser = user.to_irc_user\r
- debug "Trying to autlogin #{ircuser}"\r
+ debug "Trying to autologin #{ircuser}"\r
return @botusers[ircuser] if @botusers.has_key?(ircuser)\r
@allbotusers.each { |n, bu|\r
debug "Checking with #{n}"\r
return bu if bu.autologin? and login(ircuser, n)\r
}\r
+ # Check with transient users\r
+ @transients.each { |bu|\r
+ return bu if bu.login(ircuser)\r
+ }\r
+ # Finally, create a transient if we're set to allow it\r
+ if @bot.config['auth.autouser']\r
+ bu = create_transient_botuser(ircuser)\r
+ return bu\r
+ end\r
return everyone\r
end\r
\r
+ # Creates a new transient BotUser associated with Irc::User _user_,\r
+ # automatically logging him in\r
+ #\r
+ def create_transient_botuser(user)\r
+ ircuser = user.to_irc_user\r
+ bu = BotUser.new(ircuser, :transient => true, :masks => ircuser)\r
+ bu.login(ircuser)\r
+ @transients << bu\r
+ return bu\r
+ end\r
+\r
# Checks if User _user_ can do _cmd_ on _chan_.\r
#\r
# Permission are checked in this order, until a true or false\r
raise "Could not check permission for user #{user.inspect} to run #{cmdtxt.inspect} on #{chan.inspect}"\r
end\r
\r
- # Checks if command _cmd_ is allowed to User _user_ on _chan_\r
+ # Checks if command _cmd_ is allowed to User _user_ on _chan_, optionally\r
+ # telling if the user is authorized\r
+ #\r
def allow?(cmdtxt, user, chan=nil)\r
- permit?(user, cmdtxt, chan)\r
+ if permit?(user, cmdtxt, chan)\r
+ return true\r
+ else\r
+ # cmds = cmdtxt.split('::')\r
+ # @bot.say chan, "you don't have #{cmds.last} (#{cmds.first}) permissions here" if chan\r
+ @bot.say chan, _("%{user}, you don't have '%{command}' permissions here") %\r
+ {:user=>user, :command=>cmdtxt} if chan\r
+ return false\r
+ end\r
end\r
\r
end\r