protected:
bool& remove_own_privs;
bool& remove_other_privs;
+ bool& add_other_privs;
public:
- FounderProtectBase(InspIRCd* Instance, const std::string &ext, const std::string &mtype, int l, int e, bool &remove_own, bool &remove_others) :
- MyInstance(Instance), extend(ext), type(mtype), list(l), end(e), remove_own_privs(remove_own), remove_other_privs(remove_others)
+ FounderProtectBase(InspIRCd* Instance, const std::string &ext, const std::string &mtype, int l, int e, bool &remove_own, bool &remove_others, bool &add_others) :
+ MyInstance(Instance), extend(ext), type(mtype), list(l), end(e), remove_own_privs(remove_own), remove_other_privs(remove_others), add_other_privs(add_others)
{
}
std::string item = extend + std::string(channel->name);
std::vector<std::string> mode_junk;
mode_junk.push_back(channel->name);
- irc::modestacker modestack(ServerInstance, false);
- std::deque<std::string> stackresult;
+ irc::modestacker modestack(MyInstance, false);
+ std::deque<std::string> stackresult;
for (CUList::iterator i = cl->begin(); i != cl->end(); i++)
{
bool CanRemoveOthers(User* u1, User* u2, Channel* c)
{
std::string item = extend+std::string(c->name);
- return (u1->GetExt(item) && u2->GetExt(item));
+ return (remove_other_privs && u1->GetExt(item) && u2->GetExt(item));
+ }
+
+ bool CanAddOthers(User* u1, User* u2, Channel* c)
+ {
+ std::string item = extend+std::string(c->name);
+ return (add_other_privs && u1->GetExt(item));
}
ModeAction HandleChange(User* source, User* theuser, bool adding, Channel* channel, std::string ¶meter)
class ChanFounder : public ModeHandler, public FounderProtectBase
{
public:
- ChanFounder(InspIRCd* Instance, char my_prefix, bool &depriv_self, bool &depriv_others)
+ ChanFounder(InspIRCd* Instance, char my_prefix, bool &depriv_self, bool &depriv_others, bool &priv_others)
: ModeHandler(Instance, 'q', 1, 1, true, MODETYPE_CHANNEL, false, my_prefix, 0),
- FounderProtectBase(Instance, "cm_founder_", "founder", 386, 387, depriv_self, depriv_others) { }
+ FounderProtectBase(Instance, "cm_founder_", "founder", 386, 387, depriv_self, depriv_others, priv_others) { }
unsigned int GetPrefixRank()
{
{
return FounderProtectBase::HandleChange(source, theuser, adding, channel, parameter);
}
- else
+
+ // If they have it, allow them to give it.
+ if (adding && FounderProtectBase::CanAddOthers(source, theuser, channel))
{
- // whoops, someones being naughty!
- source->WriteNumeric(468, "%s %s :Only servers may set channel mode +q", source->nick.c_str(), channel->name.c_str());
- parameter.clear();
- return MODEACTION_DENY;
+ return FounderProtectBase::HandleChange(source, theuser, adding, channel, parameter);
}
+
+ // whoops, someones being naughty!
+ source->WriteNumeric(468, "%s %s :You are not permitted to set additional founders", source->nick.c_str(), channel->name.c_str());
+ parameter.clear();
+ return MODEACTION_DENY;
}
void DisplayList(User* user, Channel* channel)
class ChanProtect : public ModeHandler, public FounderProtectBase
{
public:
- ChanProtect(InspIRCd* Instance, char my_prefix, bool &depriv_self, bool &depriv_others)
+ ChanProtect(InspIRCd* Instance, char my_prefix, bool &depriv_self, bool &depriv_others, bool &priv_others)
: ModeHandler(Instance, 'a', 1, 1, true, MODETYPE_CHANNEL, false, my_prefix, 0),
- FounderProtectBase(Instance,"cm_protect_","protected user", 388, 389, depriv_self, depriv_others) { }
+ FounderProtectBase(Instance,"cm_protect_","protected user", 388, 389, depriv_self, depriv_others, priv_others) { }
unsigned int GetPrefixRank()
{
std::string founder = "cm_founder_"+std::string(channel->name);
- if ((!adding) && FounderProtectBase::CanRemoveOthers(source, theuser, channel))
+ if (!adding && FounderProtectBase::CanRemoveOthers(source, theuser, channel))
{
return FounderProtectBase::HandleChange(source, theuser, adding, channel, parameter);
}
+
// source has +q, is a server, or ulined, we'll let them +-a the user.
if (source == ServerInstance->FakeClient ||
- ((source == theuser) && (!adding) && (FounderProtectBase::remove_own_privs)) ||
+ ((source == theuser) && (!adding) && (FounderProtectBase::remove_own_privs)) ||
(ServerInstance->ULine(source->nick.c_str())) ||
(ServerInstance->ULine(source->server)) ||
(!*source->server) ||
{
return FounderProtectBase::HandleChange(source, theuser, adding, channel, parameter);
}
- else
+
+ // If they have it, allow them to give it.
+ if (adding && FounderProtectBase::CanAddOthers(source, theuser, channel))
{
- // bzzzt, wrong answer!
- source->WriteNumeric(482, "%s %s :You are not a channel founder", source->nick.c_str(), channel->name.c_str());
- return MODEACTION_DENY;
+ return FounderProtectBase::HandleChange(source, theuser, adding, channel, parameter);
}
+
+ // bzzzt, wrong answer!
+ source->WriteNumeric(482, "%s %s :You are not a channel founder", source->nick.c_str(), channel->name.c_str());
+ return MODEACTION_DENY;
}
virtual void DisplayList(User* user, Channel* channel)
class ModuleChanProtect : public Module
{
-
+
bool FirstInGetsFounder;
char QPrefix;
char APrefix;
bool DeprivSelf;
bool DeprivOthers;
+ bool PrivOthers;
bool booting;
ChanProtect* cp;
ChanFounder* cf;
-
+
public:
-
+
ModuleChanProtect(InspIRCd* Me)
: Module(Me), FirstInGetsFounder(false), QPrefix(0), APrefix(0), DeprivSelf(false), DeprivOthers(false), booting(true), cp(NULL), cf(NULL)
{
/* Initialise module variables */
- cp = new ChanProtect(ServerInstance, APrefix, DeprivSelf, DeprivOthers);
- cf = new ChanFounder(ServerInstance, QPrefix, DeprivSelf, DeprivOthers);
+ cp = new ChanProtect(ServerInstance, APrefix, DeprivSelf, DeprivOthers, PrivOthers);
+ cf = new ChanFounder(ServerInstance, QPrefix, DeprivSelf, DeprivOthers, PrivOthers);
if (!ServerInstance->Modes->AddMode(cp) || !ServerInstance->Modes->AddMode(cf))
{
user->Shrink("cm_protect_"+std::string(chan->name));
}
- virtual void OnUserPart(User* user, Channel* channel, const std::string &partreason, bool &silent)
+ virtual void OnUserPart(User* user, Channel* channel, std::string &partreason, bool &silent)
{
// FIX: when someone parts a channel we must remove their Extensibles!
user->Shrink("cm_founder_"+std::string(channel->name));
if (cf && ServerInstance->Modes->FindPrefix(QPrefix) == cf)
throw ModuleException("Looks like the +q prefix you picked for m_chanprotect is already in use. Pick another.");
- DeprivSelf = Conf.ReadFlag("options","deprotectself",0);
- DeprivOthers = Conf.ReadFlag("options","deprotectothers",0);
+ DeprivSelf = Conf.ReadFlag("options","deprotectself", "yes", 0);
+ DeprivOthers = Conf.ReadFlag("options","deprotectothers", "yes", 0);
+ DeprivOthers = Conf.ReadFlag("options","setprivsonothers", "yes", 0);
}
-
+
virtual int OnUserPreJoin(User *user, Channel *chan, const char *cname, std::string &privs, const std::string &keygiven)
{
// if the user is the first user into the channel, mark them as the founder, but only if
// the config option for it is set
if (FirstInGetsFounder && !chan)
- privs = QPrefix + "@";
-
+ privs = std::string(1, QPrefix) + "@";
+
return 0;
}
-
+
virtual void OnPostJoin(User *user, Channel *channel)
{
// This *must* be in PostJoin, not UserJoin - the former will make it appear to happen
// before the client is in the channel
-
+
// This notice was here originally because it was all done prior to the creation of
// privs in OnUserPreJoin. I've left it because it might still be wanted, but i'm
// not sure it really should be here - ops don't get shown, obviously, and the prefix
if (FirstInGetsFounder && channel->GetUserCounter() == 1)
user->WriteServ("MODE %s +q %s", channel->name.c_str(), user->nick.c_str());
}
-
+
virtual int OnAccessCheck(User* source,User* dest,Channel* channel,int access_type)
{
// here we perform access checks, this is the important bit that actually stops kicking/deopping
// a relatively small number of them relevent to our module using a switch statement.
// don't allow action if:
// (A) Theyre founder (no matter what)
- // (B) Theyre protected, and you're not
+ // (B) Theyre protected, unless you're founder or are protected and DeprivOthers is enabled
// always allow the action if:
// (A) The source is ulined
-
-
+
// firstly, if a ulined nick, or a server, is setting the mode, then allow them to set the mode
// without any access checks, we're not worthy :p
if ((ServerInstance->ULine(source->nick.c_str())) || (ServerInstance->ULine(source->server)) || (!*source->server))
std::string founder("cm_founder_"+channel->name);
std::string protect("cm_protect_"+channel->name);
+ // Can do anything to yourself if deprotectself is enabled.
+ if (DeprivSelf && source == dest)
+ return ACR_DEFAULT;
+
+ bool candepriv_founder = (DeprivOthers && source->GetExt(founder));
+ bool candepriv_protected = (source->GetExt(founder) || (DeprivOthers && source->GetExt(protect))); // Can the source remove +a?
+
switch (access_type)
{
// a user has been deopped. Do we let them? hmmm...
case AC_DEOP:
- if (dest->GetExt(founder))
+ if (dest->GetExt(founder) && !candepriv_founder)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't deop "+dest->nick+" as they're a channel founder");
return ACR_DENY;
}
- if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+ if ((dest->GetExt(protect)) && !candepriv_protected)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't deop "+dest->nick+" as they're protected (+a)");
return ACR_DENY;
// a user is being kicked. do we chop off the end of the army boot?
case AC_KICK:
- if (dest->GetExt(founder))
+ if (dest->GetExt(founder) && !candepriv_founder)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't kick "+dest->nick+" as they're a channel founder");
return ACR_DENY;
}
- if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+ if ((dest->GetExt(protect)) && !candepriv_protected)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't kick "+dest->nick+" as they're protected (+a)");
return ACR_DENY;
// a user is being dehalfopped. Yes, we do disallow -h of a +ha user
case AC_DEHALFOP:
- if (dest->GetExt(founder))
+ if (dest->GetExt(founder) && !candepriv_founder)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't de-halfop "+dest->nick+" as they're a channel founder");
return ACR_DENY;
}
- if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+ if ((dest->GetExt(protect)) && !candepriv_protected)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't de-halfop "+dest->nick+" as they're protected (+a)");
return ACR_DENY;
// same with devoice.
case AC_DEVOICE:
- if (dest->GetExt(founder))
+ if (dest->GetExt(founder) && !candepriv_founder)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't devoice "+dest->nick+" as they're a channel founder");
return ACR_DENY;
}
- if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+ if ((dest->GetExt(protect)) && !candepriv_protected)
{
source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't devoice "+dest->nick+" as they're protected (+a)");
return ACR_DENY;
}
break;
}
-
+
// we dont know what this access check is, or dont care. just carry on, nothing to see here.
return ACR_DEFAULT;
}
-
+
virtual ~ModuleChanProtect()
{
ServerInstance->Modes->DelMode(cp);
delete cp;
delete cf;
}
-
+
virtual Version GetVersion()
{
- return Version(1, 2, 0, 0, VF_COMMON | VF_VENDOR, API_VERSION);
+ return Version("$Id$", VF_COMMON | VF_VENDOR, API_VERSION);
}
};
projects / user / henk / code / inspircd.git / blobdiff