#-- vim:sw=2:et\r
#++\r
-\r
+#\r
+# :title: rbot auth management from IRC\r
+#\r
+# Author:: Giuseppe "Oblomov" Bilotta <giuseppe.bilotta@gmail.com>\r
+# Copyright:: (C) 2006,2007 Giuseppe Bilotta\r
+# License:: GPL v2\r
\r
class AuthModule < CoreBotModule\r
\r
def initialize\r
super\r
load_array(:default, true)\r
- debug "Initialized auth. Botusers: #{@bot.auth.save_array.inspect}"\r
+ debug "initialized auth. Botusers: #{@bot.auth.save_array.pretty_inspect}"\r
end\r
\r
def save\r
if @bot.auth.changed?\r
@registry[key] = @bot.auth.save_array\r
@bot.auth.reset_changed\r
- debug "saved botusers (#{key}): #{@registry[key].inspect}"\r
+ debug "saved botusers (#{key}): #{@registry[key].pretty_inspect}"\r
end\r
end\r
\r
def load_array(key=:default, forced=false)\r
- debug "loading botusers (#{key}): #{@registry[key].inspect}"\r
+ debug "loading botusers (#{key}): #{@registry[key].pretty_inspect}"\r
@bot.auth.load_array(@registry[key], forced) if @registry.has_key?(key)\r
end\r
\r
next\r
end\r
if "+-".include?(x[0])\r
- warns << ArgumentError("please do not use + or - in front of command #{x} when resetting") unless setting\r
+ warns << ArgumentError.new(_("please do not use + or - in front of command %{command} when resetting") % {:command => x}) unless setting\r
else\r
- warns << ArgumentError("+ or - expected in front of #{x}") if setting\r
+ warns << ArgumentError.new(_("+ or - expected in front of %{string}") % {:string => command}) if setting\r
end\r
cmds << x\r
else # parse locations\r
when false\r
locs << x.gsub(/^here$/,'_').gsub(/^private$/,'?')\r
else\r
- warns << ArgumentError("#{x} doesn't look like a channel name") unless @bot.server.supports[:chantypes].include?(x[0])\r
+ warns << ArgumentError.new(_("'%{string}' doesn't look like a channel name") % {:string => x}) unless @bot.server.supports[:chantypes].include?(x[0])\r
locs << x\r
end\r
- unless wants_more\r
+ unless want_more\r
last_idx = i\r
break\r
end\r
end\r
}\r
- warns << "trailing comma" if wants_more\r
- warns << "you probably forgot a comma" unless last_idx == ar.length - 1\r
+ warns << _("trailing comma") if want_more\r
+ warns << _("you probably forgot a comma") unless last_idx == ar.length - 1\r
return cmds, locs, warns\r
end\r
\r
- def auth_set(m, params)\r
- cmds, locs, warns = parse_args(params[:args])\r
- errs = warns.select { |w| w.kind_of?(Exception) }\r
- unless errs.empty?\r
- m.reply "couldn't satisfy your request: #{errs.join(',')}"\r
- return\r
- end\r
- user = params[:user].sub(/^all$/,"everyone")\r
+ def auth_edit_perm(m, params)\r
+\r
+ setting = m.message.split[1] == "set"\r
+ splits = params[:args]\r
+\r
+ has_for = splits[-2] == "for"\r
+ return usage(m) unless has_for\r
+\r
begin\r
- bu = @bot.auth.get_botuser(user)\r
+ user = @bot.auth.get_botuser(splits[-1].sub(/^all$/,"everyone"))\r
rescue\r
- m.reply "couldn't find botuser #{user}"\r
+ return m.reply(_("couldn't find botuser %{name}") % {:name => splits[-1]})\r
+ end\r
+ return m.reply(_("you can't change permissions for %{username}") % {:username => user.username}) if user == @bot.auth.botowner\r
+ splits.slice!(-2,2) if has_for\r
+\r
+ cmds, locs, warns = parse_args(splits, setting)\r
+ errs = warns.select { |w| w.kind_of?(Exception) }\r
+\r
+ unless errs.empty?\r
+ m.reply _("couldn't satisfy your request: %{errors}") % {:errors => errs.join(',')}\r
return\r
end\r
+\r
if locs.empty?\r
locs << "*"\r
end\r
ch = m.target.to_s if loc == "_"\r
end\r
cmds.each { |setval|\r
- val = setval[0].chr == '+'\r
- cmd = setval[1..-1]\r
- bu.set_permission(cmd, val, ch)\r
+ if setting\r
+ val = setval[0].chr == '+'\r
+ cmd = setval[1..-1]\r
+ user.set_permission(cmd, val, ch)\r
+ else\r
+ cmd = setval\r
+ user.reset_permission(cmd, ch)\r
+ end\r
}\r
}\r
rescue => e\r
- m.reply "Something went wrong while trying to set the permissions"\r
+ m.reply "something went wrong while trying to set the permissions"\r
raise\r
end\r
@bot.auth.set_changed\r
- debug "User #{user} permissions changed"\r
- m.reply "Ok, #{user} now also has permissions #{params[:args].join(' ')}"\r
+ debug "user #{user} permissions changed"\r
+ m.okay\r
end\r
\r
- def auth_login(m, params)\r
+ def auth_view_perm(m, params)\r
begin\r
- if params[:password]\r
- li = @bot.auth.login(m.source, params[:botuser], params[:password])\r
+ if params[:user].nil?\r
+ user = get_botusername_for(m.source)\r
+ return m.reply(_("you are owner, you can do anything")) if user == @bot.auth.botwoner\r
else\r
- li = @bot.auth.login(m.source, params[:botuser], params[:password], true)\r
+ user = @bot.auth.get_botuser(params[:user].sub(/^all$/,"everyone"))\r
+ return m.reply(_("owner can do anything")) if user.username == "owner"\r
end\r
- case li\r
+ rescue\r
+ return m.reply(_("couldn't find botuser %{name}") % {:name => params[:user]})\r
+ end\r
+ perm = user.perm\r
+ str = []\r
+ perm.each { |k, val|\r
+ next if val.perm.empty?\r
+ case k\r
+ when :*\r
+ str << _("on any channel: ")\r
+ when :"?"\r
+ str << _("in private: ")\r
+ else\r
+ str << _("on #{k}: ")\r
+ end\r
+ sub = []\r
+ val.perm.each { |cmd, bool|\r
+ sub << (bool ? "+" : "-")\r
+ sub.last << cmd.to_s\r
+ }\r
+ str.last << sub.join(', ')\r
+ }\r
+ if str.empty?\r
+ m.reply _("no permissions set for %{user}") % {:user => user.username}\r
+ else\r
+ m.reply _("permissions for %{user}:: %{permissions}") %\r
+ { :user => user.username, :permissions => str.join('; ')}\r
+ end\r
+ end\r
+\r
+ def get_botuser_for(user)\r
+ @bot.auth.irc_to_botuser(user)\r
+ end\r
+\r
+ def get_botusername_for(user)\r
+ get_botuser_for(user).username\r
+ end\r
+\r
+ def welcome(user)\r
+ _("welcome, %{user}") % {:user => get_botusername_for(user)}\r
+ end\r
+\r
+ def auth_auth(m, params)\r
+ params[:botuser] = 'owner'\r
+ auth_login(m,params)\r
+ end\r
+\r
+ def auth_login(m, params)\r
+ begin\r
+ case @bot.auth.login(m.source, params[:botuser], params[:password])\r
when true\r
- m.reply "welcome, #{@bot.auth.irc_to_botuser(m.source).username}"\r
+ m.reply welcome(m.source)\r
@bot.auth.set_changed\r
else\r
- m.reply "sorry, can't do"\r
+ m.reply _("sorry, can't do")\r
end\r
rescue => e\r
- m.reply "couldn't login: #{e}"\r
+ m.reply _("couldn't login: %{exception}") % {:exception => e}\r
raise\r
end\r
end\r
\r
+ def auth_autologin(m, params)\r
+ u = do_autologin(m.source)\r
+ case u.username\r
+ when 'everyone'\r
+ m.reply _("I couldn't find anything to let you login automatically")\r
+ else\r
+ m.reply welcome(m.source)\r
+ end\r
+ end\r
+\r
+ def do_autologin(user)\r
+ @bot.auth.autologin(user)\r
+ end\r
+\r
+ def auth_whoami(m, params)\r
+ rep = ""\r
+ # if m.public?\r
+ # rep << m.source.nick << ", "\r
+ # end\r
+ m.reply _("you are %{who}") % {\r
+ :who => get_botusername_for(m.source).gsub(\r
+ /^everyone$/, _("no one that I know")).gsub(\r
+ /^owner$/, _("my boss"))\r
+ }\r
+ end\r
+\r
+ def help(cmd, topic="")\r
+ case cmd\r
+ when "login"\r
+ return _("login [<botuser>] [<pass>]: logs in to the bot as botuser <botuser> with password <pass>. When using the full form, you must contact the bot in private. <pass> can be omitted if <botuser> allows login-by-mask and your netmask is among the known ones. if <botuser> is omitted too autologin will be attempted")\r
+ when "whoami"\r
+ return _("whoami: names the botuser you're linked to")\r
+ when /^permission/\r
+ case topic\r
+ when "syntax"\r
+ return _("a permission is specified as module::path::to::cmd; when you want to enable it, prefix it with +; when you want to disable it, prefix it with -; when using the +reset+ command, do not use any prefix")\r
+ when "set", "reset", "[re]set", "(re)set"\r
+ return _("permissions [re]set <permission> [in <channel>] for <user>: sets or resets the permissions for botuser <user> in channel <channel> (use ? to change the permissions for private addressing)")\r
+ when "view"\r
+ return _("permissions view [for <user>]: display the permissions for user <user>")\r
+ else\r
+ return _("permission topics: syntax, (re)set, view")\r
+ end\r
+ when "user"\r
+ case topic\r
+ when "show"\r
+ return _("user show <what> : shows info about the user; <what> can be any of autologin, login-by-mask, netmasks")\r
+ when /^(en|dis)able/\r
+ return _("user enable|disable <what> : turns on or off <what> (autologin, login-by-mask)")\r
+ when "set"\r
+ return _("user set password <blah> : sets the user password to <blah>; passwords can only contain upper and lowercase letters and numbers, and must be at least 4 characters long")\r
+ when "add", "rm"\r
+ return _("user add|rm netmask <mask> : adds/removes netmask <mask> from the list of netmasks known to the botuser you're linked to")\r
+ when "reset"\r
+ return _("user reset <what> : resets <what> to the default values. <what> can be +netmasks+ (the list will be emptied), +autologin+ or +login-by-mask+ (will be reset to the default value) or +password+ (a new one will be generated and you'll be told in private)")\r
+ when "tell"\r
+ return _("user tell <who> the password for <botuser> : contacts <who> in private to tell him/her the password for <botuser>")\r
+ when "create"\r
+ return _("user create <name> <password> : create botuser named <name> with password <password>. The password can be omitted, in which case a random one will be generated. The <name> should only contain alphanumeric characters and the underscore (_)")\r
+ when "list"\r
+ return _("user list : lists all the botusers")\r
+ when "destroy"\r
+ return _("user destroy <botuser> <password> : destroys <botuser>; this function %{highlight}must%{highlight} be called in two steps. On the first call, no password must be specified: <botuser> is then queued for destruction. On the second call, you must specify the correct password for <botuser>, and it will be destroyed. If you want to cancel the destruction, issue the command +user cancel destroy <botuser>+") % {:highlight => Bold}\r
+ else\r
+ return _("user topics: show, enable|disable, add|rm netmask, set, reset, tell, create, list, destroy")\r
+ end\r
+ when "auth"\r
+ return _("auth <masterpassword>: log in as the bot owner; other commands: login, whoami, permission syntax, permissions [re]set, permissions view, user")\r
+ else\r
+ return _("auth commands: auth, login, whoami, permission[s], user")\r
+ end\r
+ end\r
+\r
+ def need_args(cmd)\r
+ _("sorry, I need more arguments to %{command}") % {:command => cmd}\r
+ end\r
+\r
+ def not_args(cmd, *stuff)\r
+ _("I can only %{command} these: %{arguments}") %\r
+ {:command => cmd, :arguments => stuff.join(', ')}\r
+ end\r
+\r
+ def set_prop(botuser, prop, val)\r
+ k = prop.to_s.gsub("-","_")\r
+ botuser.send( (k + "=").to_sym, val)\r
+ if prop == :password and botuser == @bot.auth.botowner\r
+ @bot.config.items[:'auth.password'].set_string(@bot.auth.botowner.password)\r
+ end\r
+ end\r
+\r
+ def reset_prop(botuser, prop)\r
+ k = prop.to_s.gsub("-","_")\r
+ botuser.send( ("reset_"+k).to_sym)\r
+ end\r
+\r
+ def ask_bool_prop(botuser, prop)\r
+ k = prop.to_s.gsub("-","_")\r
+ botuser.send( (k + "?").to_sym)\r
+ end\r
+\r
+ def auth_manage_user(m, params)\r
+ splits = params[:data]\r
+\r
+ cmd = splits.first\r
+ return auth_whoami(m, params) if cmd.nil?\r
+\r
+ botuser = get_botuser_for(m.source)\r
+ # By default, we do stuff on the botuser the irc user is bound to\r
+ butarget = botuser\r
+\r
+ has_for = splits[-2] == "for"\r
+ butarget = @bot.auth.get_botuser(splits[-1]) if has_for\r
+ return m.reply(_("you can't mess with %{user}") % {:user => butarget.username}) \\r
+ if butarget == @bot.auth.botowner && botuser != butarget\r
+ splits.slice!(-2,2) if has_for\r
+\r
+ bools = [:autologin, :"login-by-mask"]\r
+ can_set = [:password]\r
+ can_addrm = [:netmasks]\r
+ can_reset = bools + can_set + can_addrm\r
+ can_show = can_reset + ["perms"]\r
+\r
+ case cmd.to_sym\r
+\r
+ when :show\r
+ return _("you can't see the properties of %{user}") %\r
+ {:user => butarget.username} if botuser != butarget &&\r
+ !botuser.permit?("auth::show::other")\r
+\r
+ case splits[1]\r
+ when nil, "all"\r
+ props = can_reset\r
+ when "password"\r
+ if botuser != butarget\r
+ return m.reply(_("no way I'm telling you the master password!")) if butarget == @bot.auth.botowner\r
+ return m.reply(_("you can't ask for someone else's password"))\r
+ end\r
+ return m.reply(_("c'mon, you can't be asking me seriously to tell you the password in public!")) if m.public?\r
+ return m.reply(_("the password for %{user} is %{password}") %\r
+ { :user => butarget.username, :password => butarget.password })\r
+ else\r
+ props = splits[1..-1]\r
+ end\r
+\r
+ str = []\r
+\r
+ props.each { |arg|\r
+ k = arg.to_sym\r
+ next if k == :password\r
+ case k\r
+ when *bools\r
+ if ask_bool_prop(butarget, k)\r
+ str << _("can %{action}") % {:action => k}\r
+ else\r
+ str << _("can not %{action}") % {:action => k}\r
+ end\r
+ when :netmasks\r
+ if butarget.netmasks.empty?\r
+ str << _("knows no netmasks")\r
+ else\r
+ str << _("knows %{netmasks}") % {:netmasks => butarget.netmasks.join(", ")}\r
+ end\r
+ end\r
+ }\r
+ return m.reply("#{butarget.username} #{str.join('; ')}")\r
+\r
+ when :enable, :disable\r
+ return m.reply(_("you can't change the default user")) if butarget == @bot.auth.everyone && !botuser.permit?("auth::edit::other::default")\r
+ return m.reply(_("you can't edit %{user}") % {:user => butarget.username}) if butarget != botuser && !botuser.permit?("auth::edit::other")\r
+\r
+ return m.reply(need_args(cmd)) unless splits[1]\r
+ things = []\r
+ skipped = []\r
+ splits[1..-1].each { |a|\r
+ arg = a.to_sym\r
+ if bools.include?(arg)\r
+ set_prop(butarget, arg, cmd.to_sym == :enable)\r
+ things << a\r
+ else\r
+ skipped << a\r
+ end\r
+ }\r
+\r
+ m.reply(_("I ignored %{things} because %{reason}") % {\r
+ :things => skipped.join(', '),\r
+ :reason => not_args(cmd, *bools)}) unless skipped.empty?\r
+ if things.empty?\r
+ m.reply _("I haven't changed anything")\r
+ else\r
+ @bot.auth.set_changed\r
+ return auth_manage_user(m, {:data => ["show"] + things + ["for", butarget.username] })\r
+ end\r
+\r
+ when :set\r
+ return m.reply(_("you can't change the default user")) if\r
+ butarget == @bot.auth.everyone && !botuser.permit?("auth::edit::default")\r
+ return m.reply(_("you can't edit %{user}") % {:user=>butarget.username}) if\r
+ butarget != botuser && !botuser.permit?("auth::edit::other")\r
+\r
+ return m.reply(need_args(cmd)) unless splits[1]\r
+ arg = splits[1].to_sym\r
+ return m.reply(not_args(cmd, *can_set)) unless can_set.include?(arg)\r
+ argarg = splits[2]\r
+ return m.reply(need_args([cmd, splits[1]].join(" "))) unless argarg\r
+ if arg == :password && m.public?\r
+ return m.reply(_("is that a joke? setting the password in public?"))\r
+ end\r
+ set_prop(butarget, arg, argarg)\r
+ @bot.auth.set_changed\r
+ auth_manage_user(m, {:data => ["show", arg, "for", butarget.username] })\r
+\r
+ when :reset\r
+ return m.reply(_("you can't change the default user")) if\r
+ butarget == @bot.auth.everyone && !botuser.permit?("auth::edit::default")\r
+ return m.reply(_("you can't edit %{user}") % {:user=>butarget.username}) if\r
+ butarget != botuser && !botuser.permit?("auth::edit::other")\r
+\r
+ return m.reply(need_args(cmd)) unless splits[1]\r
+ things = []\r
+ skipped = []\r
+ splits[1..-1].each { |a|\r
+ arg = a.to_sym\r
+ if can_reset.include?(arg)\r
+ reset_prop(butarget, arg)\r
+ things << a\r
+ else\r
+ skipped << a\r
+ end\r
+ }\r
+\r
+ m.reply(_("I ignored %{things} because %{reason}") %\r
+ { :things => skipped.join(', '),\r
+ :reason => not_args(cmd, *can_reset)}) unless skipped.empty?\r
+ if things.empty?\r
+ m.reply _("I haven't changed anything")\r
+ else\r
+ @bot.auth.set_changed\r
+ @bot.say(m.source, _("the password for %{user} is now %{password}") %\r
+ {:user => butarget.username, :password => butarget.password}) if\r
+ things.include?("password")\r
+ return auth_manage_user(m, {:data => (["show"] + things - ["password"]) + ["for", butarget.username]})\r
+ end\r
+\r
+ when :add, :rm, :remove, :del, :delete\r
+ return m.reply(_("you can't change the default user")) if\r
+ butarget == @bot.auth.everyone && !botuser.permit?("auth::edit::default")\r
+ return m.reply(_("you can't edit %{user}") % {:user => butarget.username}) if\r
+ butarget != botuser && !botuser.permit?("auth::edit::other")\r
+\r
+ arg = splits[1]\r
+ if arg.nil? or arg !~ /netmasks?/ or splits[2].nil?\r
+ return m.reply(_("I can only add/remove netmasks. See +help user add+ for more instructions"))\r
+ end\r
+\r
+ method = cmd.to_sym == :add ? :add_netmask : :delete_netmask\r
+\r
+ failed = []\r
+\r
+ splits[2..-1].each { |mask|\r
+ begin\r
+ butarget.send(method, mask.to_irc_netmask(:server => @bot.server))\r
+ rescue\r
+ failed << mask\r
+ end\r
+ }\r
+ m.reply "I failed to #{cmd} #{failed.join(', ')}" unless failed.empty?\r
+ @bot.auth.set_changed\r
+ return auth_manage_user(m, {:data => ["show", "netmasks", "for", butarget.username] })\r
+\r
+ else\r
+ m.reply _("sorry, I don't know how to %{request}") % {:request => m.message}\r
+ end\r
+ end\r
+\r
+ def auth_tell_password(m, params)\r
+ user = params[:user]\r
+ begin\r
+ botuser = @bot.auth.get_botuser(params[:botuser])\r
+ rescue\r
+ return m.reply(_("couldn't find botuser %{user}") % {:user => params[:botuser]})\r
+ end\r
+ m.reply(_("I'm not telling the master password to anyway, pal")) if botuser == @bot.auth.botowner\r
+ msg = _("the password for botuser %{user} is %{password}") %\r
+ {:user => botuser.username, :password => botuser.password}\r
+ @bot.say user, msg\r
+ @bot.say m.source, _("I told %{user} that %{message}") % {:user => user, :message => msg}\r
+ end\r
+\r
+ def auth_create_user(m, params)\r
+ name = params[:name]\r
+ password = params[:password]\r
+ return m.reply(_("are you nuts, creating a botuser with a publicly known password?")) if m.public? and not password.nil?\r
+ begin\r
+ bu = @bot.auth.create_botuser(name, password)\r
+ @bot.auth.set_changed\r
+ rescue => e\r
+ m.reply(_("failed to create %{user}: %{exception}") % {:user => name, :exception => e})\r
+ debug e.inspect + "\n" + e.backtrace.join("\n")\r
+ return\r
+ end\r
+ m.reply(_("created botuser %{user}") % {:user => bu.username})\r
+ end\r
+\r
+ def auth_list_users(m, params)\r
+ # TODO name regexp to filter results\r
+ list = @bot.auth.save_array.inject([]) { |list, x| list << x[:username] } - ['everyone', 'owner']\r
+ if defined?(@destroy_q)\r
+ list.map! { |x|\r
+ @destroy_q.include?(x) ? x + _(" (queued for destruction)") : x\r
+ }\r
+ end\r
+ return m.reply(_("I have no botusers other than the default ones")) if list.empty?\r
+ return m.reply(n_("botuser: %{list}", "botusers: %{list}", list.length) %\r
+ {:list => list.join(', ')})\r
+ end\r
+\r
+ def auth_destroy_user(m, params)\r
+ @destroy_q = [] unless defined?(@destroy_q)\r
+ buname = params[:name]\r
+ return m.reply(_("You can't destroy %{user}") % {:user => buname}) if\r
+ ["everyone", "owner"].include?(buname)\r
+ cancel = m.message.split[1] == 'cancel'\r
+ password = params[:password]\r
+\r
+ buser_array = @bot.auth.save_array\r
+ buser_hash = buser_array.inject({}) { |h, u|\r
+ h[u[:username]] = u\r
+ h\r
+ }\r
+\r
+ return m.reply(_("no such botuser %{user}") % {:user=>buname}) unless\r
+ buser_hash.keys.include?(buname)\r
+\r
+ if cancel\r
+ if @destroy_q.include?(buname)\r
+ @destroy_q.delete(buname)\r
+ m.reply(_("%{user} removed from the destruction queue") % {:user=>buname})\r
+ else\r
+ m.reply(_("%{user} was not queued for destruction") % {:user=>buname})\r
+ end\r
+ return\r
+ end\r
+\r
+ if password.nil?\r
+ if @destroy_q.include?(buname)\r
+ return m.reply(_("%{user} already queued for destruction, use %{highlight}user destroy %{user} <password>%{highlight} to destroy it") % {:user=>buname, :highlight=>Bold})\r
+ else\r
+ @destroy_q << buname\r
+ return m.reply(_("%{user} queued for destruction, use %{highlight}user destroy %{user} <password>%{highlight} to destroy it") % {:user=>buname, :highlight=>Bold})\r
+ end\r
+ else\r
+ begin\r
+ return m.reply(_("%{user} is not queued for destruction yet") %\r
+ {:user=>buname}) unless @destroy_q.include?(buname)\r
+ return m.reply(_("wrong password for %{user}") %\r
+ {:user=>buname}) unless buser_hash[buname][:password] == password\r
+ buser_array.delete_if { |u|\r
+ u[:username] == buname\r
+ }\r
+ @destroy_q.delete(buname)\r
+ @bot.auth.load_array(buser_array, true)\r
+ @bot.auth.set_changed\r
+ rescue => e\r
+ return m.reply(_("failed: %{exception}") % {:exception => e})\r
+ end\r
+ return m.reply(_("botuser %{user} destroyed") % {:user => buname})\r
+ end\r
+\r
+ end\r
+\r
+ def auth_copy_ren_user(m, params)\r
+ source = Auth::BotUser.sanitize_username(params[:source])\r
+ dest = Auth::BotUser.sanitize_username(params[:dest])\r
+ return m.reply(_("please don't touch the default users")) unless\r
+ (["everyone", "owner"] & [source, dest]).empty?\r
+\r
+ buser_array = @bot.auth.save_array\r
+ buser_hash = buser_array.inject({}) { |h, u|\r
+ h[u[:username]] = u\r
+ h\r
+ }\r
+\r
+ return m.reply(_("no such botuser %{source}") % {:source=>source}) unless\r
+ buser_hash.keys.include?(source)\r
+ return m.reply(_("botuser %{dest} exists already") % {:dest=>dest}) if\r
+ buser_hash.keys.include?(dest)\r
+\r
+ copying = m.message.split[1] == "copy"\r
+ begin\r
+ if copying\r
+ h = {}\r
+ buser_hash[source].each { |k, val|\r
+ h[k] = val.dup\r
+ }\r
+ else\r
+ h = buser_hash[source]\r
+ end\r
+ h[:username] = dest\r
+ buser_array << h if copying\r
+\r
+ @bot.auth.load_array(buser_array, true)\r
+ @bot.auth.set_changed\r
+ rescue => e\r
+ return m.reply(_("failed: %{exception}") % {:exception=>e})\r
+ end\r
+ return m.reply(_("botuser %{source} copied to %{dest}") %\r
+ {:source=>source, :dest=>dest}) if copying\r
+ return m.reply(_("botuser %{source} renamed to %{dest}") %\r
+ {:source=>source, :dest=>dest})\r
+\r
+ end\r
+\r
+ def auth_export(m, params)\r
+\r
+ exportfile = "#{@bot.botclass}/new-auth.users"\r
+\r
+ what = params[:things]\r
+\r
+ has_to = what[-2] == "to"\r
+ if has_to\r
+ exportfile = "#{@bot.botclass}/#{what[-1]}"\r
+ what.slice!(-2,2)\r
+ end\r
+\r
+ what.delete("all")\r
+\r
+ m.reply _("selecting data to export ...")\r
+\r
+ buser_array = @bot.auth.save_array\r
+ buser_hash = buser_array.inject({}) { |h, u|\r
+ h[u[:username]] = u\r
+ h\r
+ }\r
+\r
+ if what.empty?\r
+ we_want = buser_hash\r
+ else\r
+ we_want = buser_hash.delete_if { |key, val|\r
+ not what.include?(key)\r
+ }\r
+ end\r
+\r
+ m.reply _("preparing data for export ...")\r
+ begin\r
+ yaml_hash = {}\r
+ we_want.each { |k, val|\r
+ yaml_hash[k] = {}\r
+ val.each { |kk, v|\r
+ case kk\r
+ when :username\r
+ next\r
+ when :netmasks\r
+ yaml_hash[k][kk] = []\r
+ v.each { |nm|\r
+ yaml_hash[k][kk] << {\r
+ :fullform => nm.fullform,\r
+ :casemap => nm.casemap.to_s\r
+ }\r
+ }\r
+ else\r
+ yaml_hash[k][kk] = v\r
+ end\r
+ }\r
+ }\r
+ rescue => e\r
+ m.reply _("failed to prepare data: %{exception}") % {:exception=>e}\r
+ debug e.backtrace.dup.unshift(e.inspect).join("\n")\r
+ return\r
+ end\r
+\r
+ m.reply _("exporting to %{file} ...") % {:file=>exportfile}\r
+ begin\r
+ # m.reply yaml_hash.inspect\r
+ File.open(exportfile, "w") do |file|\r
+ file.puts YAML::dump(yaml_hash)\r
+ end\r
+ rescue => e\r
+ m.reply _("failed to export users: %{exception}") % {:exception=>e}\r
+ debug e.backtrace.dup.unshift(e.inspect).join("\n")\r
+ return\r
+ end\r
+ m.reply _("done")\r
+ end\r
+\r
+ def auth_import(m, params)\r
+\r
+ importfile = "#{@bot.botclass}/new-auth.users"\r
+\r
+ what = params[:things]\r
+\r
+ has_from = what[-2] == "from"\r
+ if has_from\r
+ importfile = "#{@bot.botclass}/#{what[-1]}"\r
+ what.slice!(-2,2)\r
+ end\r
+\r
+ what.delete("all")\r
+\r
+ m.reply _("reading %{file} ...") % {:file=>importfile}\r
+ begin\r
+ yaml_hash = YAML::load_file(importfile)\r
+ rescue => e\r
+ m.reply _("failed to import from: %{exception}") % {:exception=>e}\r
+ debug e.backtrace.dup.unshift(e.inspect).join("\n")\r
+ return\r
+ end\r
+\r
+ # m.reply yaml_hash.inspect\r
+\r
+ m.reply _("selecting data to import ...")\r
+\r
+ if what.empty?\r
+ we_want = yaml_hash\r
+ else\r
+ we_want = yaml_hash.delete_if { |key, val|\r
+ not what.include?(key)\r
+ }\r
+ end\r
+\r
+ m.reply _("parsing data from import ...")\r
+\r
+ buser_hash = {}\r
+\r
+ begin\r
+ yaml_hash.each { |k, val|\r
+ buser_hash[k] = { :username => k }\r
+ val.each { |kk, v|\r
+ case kk\r
+ when :netmasks\r
+ buser_hash[k][kk] = []\r
+ v.each { |nm|\r
+ buser_hash[k][kk] << nm[:fullform].to_irc_netmask(:casemap => nm[:casemap].to_irc_casemap).to_irc_netmask(:server => @bot.server)\r
+ }\r
+ else\r
+ buser_hash[k][kk] = v\r
+ end\r
+ }\r
+ }\r
+ rescue => e\r
+ m.reply _("failed to parse data: %{exception}") % {:exception=>e}\r
+ debug e.backtrace.dup.unshift(e.inspect).join("\n")\r
+ return\r
+ end\r
+\r
+ # m.reply buser_hash.inspect\r
+\r
+ org_buser_array = @bot.auth.save_array\r
+ org_buser_hash = org_buser_array.inject({}) { |h, u|\r
+ h[u[:username]] = u\r
+ h\r
+ }\r
+\r
+ # TODO we may want to do a(n optional) key-by-key merge\r
+ #\r
+ org_buser_hash.merge!(buser_hash)\r
+ new_buser_array = org_buser_hash.values\r
+ @bot.auth.load_array(new_buser_array, true)\r
+ @bot.auth.set_changed\r
+\r
+ m.reply _("done")\r
+ end\r
+\r
end\r
\r
auth = AuthModule.new\r
\r
-auth.map "permissions set *args for :user",\r
- :action => 'auth_set',\r
- :auth_path => ':edit::set:'\r
+auth.map "user export *things",\r
+ :action => 'auth_export',\r
+ :defaults => { :things => ['all'] },\r
+ :auth_path => ':manage:fedex:'\r
\r
-auth.map "permissions reset *args for :user",\r
- :action => 'auth_reset',\r
- :auth_path => ':edit::reset:'\r
+auth.map "user import *things",\r
+ :action => 'auth_import',\r
+ :auth_path => ':manage:fedex:'\r
+\r
+auth.map "user create :name :password",\r
+ :action => 'auth_create_user',\r
+ :defaults => {:password => nil},\r
+ :auth_path => ':manage:'\r
+\r
+auth.map "user [cancel] destroy :name :password",\r
+ :action => 'auth_destroy_user',\r
+ :defaults => { :password => nil },\r
+ :auth_path => ':manage::destroy:'\r
+\r
+auth.map "user copy :source [to] :dest",\r
+ :action => 'auth_copy_ren_user',\r
+ :auth_path => ':manage:'\r
+\r
+auth.map "user rename :source [to] :dest",\r
+ :action => 'auth_copy_ren_user',\r
+ :auth_path => ':manage:'\r
+\r
+auth.default_auth("user::manage", false)\r
+\r
+auth.map "user tell :user the password for :botuser",\r
+ :action => 'auth_tell_password',\r
+ :auth_path => '::'\r
+\r
+auth.map "user list",\r
+ :action => 'auth_list_users',\r
+ :auth_path => '::'\r
+\r
+auth.map "user *data",\r
+ :action => 'auth_manage_user'\r
+\r
+auth.default_auth("user", true)\r
+auth.default_auth("edit::other", false)\r
+\r
+auth.map "whoami",\r
+ :action => 'auth_whoami',\r
+ :auth_path => '!*!'\r
+\r
+auth.map "auth :password",\r
+ :action => 'auth_auth',\r
+ :public => false,\r
+ :auth_path => '!login!'\r
\r
auth.map "login :botuser :password",\r
:action => 'auth_login',\r
\r
auth.map "login :botuser",\r
:action => 'auth_login',\r
- :defaults => { :password => nil },\r
:auth_path => '!login!'\r
\r
+auth.map "login",\r
+ :action => 'auth_autologin',\r
+ :auth_path => '!login!'\r
+\r
+auth.map "permissions set *args",\r
+ :action => 'auth_edit_perm',\r
+ :auth_path => ':edit::set:'\r
+\r
+auth.map "permissions reset *args",\r
+ :action => 'auth_edit_perm',\r
+ :auth_path => ':edit::reset:'\r
+\r
+auth.map "permissions view [for :user]",\r
+ :action => 'auth_view_perm',\r
+ :auth_path => '::'\r
+\r
auth.default_auth('*', false)\r
\r
projects / user / henk / code / ruby / rbot.git / blobdiff