X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=lib%2Frbot%2Fbotuser.rb;h=83fb26240333a0456a743fe662b3c61f26ebce01;hb=b1debac35f5e45545066da07027ddaaf6c9faca7;hp=3363d5835f4dff3faf0fb122a2d265e0c812e104;hpb=8d566aa8ef469c09f147ec1532e79b3c8cacbdca;p=user%2Fhenk%2Fcode%2Fruby%2Frbot.git diff --git a/lib/rbot/botuser.rb b/lib/rbot/botuser.rb index 3363d583..83fb2624 100644 --- a/lib/rbot/botuser.rb +++ b/lib/rbot/botuser.rb @@ -8,25 +8,47 @@ # License:: GPLv2 require 'singleton' +require 'set' +# This would be a good idea if it was failproof, but the truth +# is that other methods can indirectly modify the hash. *sigh* +# +# class AuthNotifyingHash < Hash +# %w(clear default= delete delete_if replace invert +# merge! update rehash reject! replace shift []= store).each { |m| +# class_eval { +# define_method(m) { |*a| +# r = super(*a) +# Irc::Bot::Auth.manager.set_changed +# r +# } +# } +# } +# end +# module Irc +class Bot # This module contains the actual Authentication stuff # module Auth - BotConfig.register BotConfigStringValue.new( 'auth.password', + Config.register Config::StringValue.new( 'auth.password', :default => 'rbotauth', :wizard => true, - :desc => 'Password for the bot owner' ) - BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask', + :on_change => Proc.new {|bot, v| bot.auth.botowner.password = v}, + :desc => _('Password for the bot owner')) + Config.register Config::BooleanValue.new( 'auth.login_by_mask', :default => 'true', - :desc => 'Set false to prevent new botusers from logging in without a password when the user netmask is known') - BotConfig.register BotConfigBooleanValue.new( 'auth.autologin', + :desc => _('Set false to prevent new botusers from logging in without a password when the user netmask is known')) + Config.register Config::BooleanValue.new( 'auth.autologin', :default => 'true', - :desc => 'Set false to prevent new botusers from recognizing IRC users without a need to manually login') - # BotConfig.register BotConfigIntegerValue.new( 'auth.default_level', + :desc => _('Set false to prevent new botusers from recognizing IRC users without a need to manually login')) + Config.register Config::BooleanValue.new( 'auth.autouser', + :default => 'false', + :desc => _('Set true to allow new botusers to be created automatically')) + # Config.register Config::IntegerValue.new( 'auth.default_level', # :default => 10, :wizard => true, # :desc => 'The default level for new/unknown users' ) @@ -34,14 +56,14 @@ module Irc # def Auth.random_password(l=8) pwd = "" - 8.times do - pwd += (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr + l.times do + pwd << (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr end return pwd end - # An Irc::Auth::Command defines a command by its "path": + # An Irc::Bot::Auth::Command defines a command by its "path": # # base::command::subcommand::subsubcommand::subsubsubcommand # @@ -76,7 +98,7 @@ module Irc k.to_sym } @command = path.last - debug "Created command #{@command.inspect} with path #{@path.join(', ')}" + debug "Created command #{@command.inspect} with path #{@path.pretty_inspect}" end # Returs self @@ -89,19 +111,31 @@ module Irc end end +end class String - # Returns an Irc::Auth::Comand from the receiver + # Returns an Irc::Bot::Auth::Comand from the receiver + def to_irc_auth_command + Irc::Bot::Auth::Command.new(self) + end + +end + + +class Symbol + + # Returns an Irc::Bot::Auth::Comand from the receiver def to_irc_auth_command - Irc::Auth::Command.new(self) + Irc::Bot::Auth::Command.new(self) end end module Irc +class Bot module Auth @@ -160,8 +194,41 @@ module Irc end - # This is the basic class for bot users: they have a username, a password, - # a list of netmasks to match against, and a list of permissions. + # This is the error that gets raised when an invalid password is met + # + class InvalidPassword < RuntimeError + end + + + # This is the basic class for bot users: they have a username, a + # password, a list of netmasks to match against, and a list of + # permissions. A BotUser can be marked as 'transient', usually meaning + # it's not intended for permanent storage. Transient BotUsers have lower + # priority than nontransient ones for autologin purposes. + # + # To initialize a BotUser, you pass a _username_ and an optional + # hash of options. Currently, only two options are recognized: + # + # transient:: true or false, determines if the BotUser is transient or + # permanent (default is false, permanent BotUser). + # + # Transient BotUsers are initialized by prepending an + # asterisk (*) to the username, and appending a sanitized + # version of the object_id. The username can be empty. + # A random password is generated. + # + # Permanent Botusers need the username as is, and no + # password is generated. + # + # masks:: an array of Netmasks to initialize the NetmaskList. This + # list is used as-is for permanent BotUsers. + # + # Transient BotUsers will alter the list elements which are + # Irc::User by globbing the nick and any initial nonletter + # part of the ident. + # + # The masks option is optional for permanent BotUsers, but + # obligatory (non-empty) for transients. # class BotUser @@ -169,30 +236,92 @@ module Irc attr_reader :password attr_reader :netmasks attr_reader :perm + # Please remember to #set_changed() the Auth.manager + # when modifying data + attr_reader :data attr_writer :login_by_mask attr_writer :autologin + attr_writer :transient + + # Checks if the BotUser is transient + def transient? + @transient + end + + # Checks if the BotUser is permanent (not transient) + def permanent? + !@permanent + end + + # Sets if the BotUser is permanent or not + def permanent=(bool) + @transient=!bool + end # Create a new BotUser with given username - def initialize(username) - @username = BotUser.sanitize_username(username) - @password = nil + def initialize(username, options={}) + opts = {:transient => false}.merge(options) + @transient = opts[:transient] + + if @transient + @username = "*" + @username << BotUser.sanitize_username(username) if username and not username.to_s.empty? + @username << BotUser.sanitize_username(object_id) + reset_password + @login_by_mask=true + @autologin=true + else + @username = BotUser.sanitize_username(username) + @password = nil + reset_login_by_mask + reset_autologin + end + @netmasks = NetmaskList.new + if opts.key?(:masks) and opts[:masks] + masks = opts[:masks] + masks = [masks] unless masks.respond_to?(:each) + masks.each { |m| + mask = m.to_irc_netmask + if @transient and User === m + mask.nick = "*" + mask.host = m.host.dup + mask.user = "*" + m.user.sub(/^\w?[^\w]+/,'') + end + add_netmask(mask) unless mask.to_s == "*" + } + end + raise "must provide a usable mask for transient BotUser #{@username}" if @transient and @netmasks.empty? + @perm = {} - reset_login_by_mask - reset_autologin + + # @data = AuthNotifyingHash.new + @data = {} end # Inspection def inspect - str = "<#{self.class}:#{'0x%08x' % self.object_id}:" + str = "<#{self.class}:#{'0x%08x' % self.object_id}" + str << " (transient)" if @transient + str << ":" str << " @username=#{@username.inspect}" str << " @netmasks=#{@netmasks.inspect}" str << " @perm=#{@perm.inspect}" str << " @login_by_mask=#{@login_by_mask}" str << " @autologin=#{@autologin}" + if @data.empty? + str << " no data" + else + str << " data for #{@data.keys.join(', ')}" + end str << ">" end + # In strings + def to_s + @username + end + # Convert into a hash def to_hash { @@ -201,7 +330,8 @@ module Irc :netmasks => @netmasks, :perm => @perm, :login_by_mask => @login_by_mask, - :autologin => @autologin + :autologin => @autologin, + :data => @data } end @@ -214,13 +344,13 @@ module Irc # Reset the login-by-mask option # def reset_login_by_mask - @login_by_mask = Auth.authmanager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask) + @login_by_mask = Auth.manager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask) end # Reset the autologin option # def reset_autologin - @autologin = Auth.authmanager.bot.config['auth.autologin'] unless defined?(@autologin) + @autologin = Auth.manager.bot.config['auth.autologin'] unless defined?(@autologin) end # Do we allow automatic logging in? @@ -237,23 +367,25 @@ module Irc @perm = h[:perm] if h.has_key?(:perm) @login_by_mask = h[:login_by_mask] if h.has_key?(:login_by_mask) @autologin = h[:autologin] if h.has_key?(:autologin) + @data.replace(h[:data]) if h.has_key?(:data) end # This method sets the password if the proposed new password # is valid def password=(pwd=nil) - if pwd + pass = pwd.to_s + if pass.empty? + reset_password + else begin - raise InvalidPassword, "#{pwd} contains invalid characters" if pwd !~ /^[A-Za-z0-9]+$/ - raise InvalidPassword, "#{pwd} too short" if pwd.length < 4 - @password = pwd + raise InvalidPassword, "#{pass} contains invalid characters" if pass !~ /^[\x21-\x7e]+$/ + raise InvalidPassword, "#{pass} too short" if pass.length < 4 + @password = pass rescue InvalidPassword => e raise e rescue => e - raise InvalidPassword, "Exception #{e.inspect} while checking #{pwd}" + raise InvalidPassword, "Exception #{e.inspect} while checking #{pass.inspect} (#{pwd.inspect})" end - else - reset_password end end @@ -329,7 +461,7 @@ module Irc # It returns true or false depending on whether the password # is right. If it is, the Netmask of the user is added to the # list of acceptable Netmask unless it's already matched. - def login(user, password) + def login(user, password=nil) if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user)) add_netmask(user) unless knows?(user) debug "#{user} logged in as #{self.inspect}" @@ -355,7 +487,6 @@ module Irc end - # This is the default BotUser: it's used for all users which haven't # identified with the bot # @@ -405,7 +536,7 @@ module Irc # def set_default_permission(cmd, val) @default_perm.set_permission(Command.new(cmd), val) - debug "Default permissions now:\n#{@default_perm.inspect}" + debug "Default permissions now: #{@default_perm.pretty_inspect}" end # default knows everybody @@ -470,10 +601,10 @@ module Irc end - # This is the AuthManagerClass singleton, used to manage User/BotUser connections and - # everything + # This is the ManagerClass singleton, used to manage + # Irc::User/Irc::Bot::Auth::BotUser connections and everything # - class AuthManagerClass + class ManagerClass include Singleton @@ -522,9 +653,14 @@ module Irc [everyone, botowner].each { |x| @allbotusers[x.username.to_sym] = x } + @transients = Set.new end def load_array(ary, forced) + unless ary + warning "Tried to load an empty array" + return + end raise "Won't load with unsaved changes" if @has_changes and not forced reset_hashes ary.each { |x| @@ -534,14 +670,15 @@ module Irc create_botuser(u) end get_botuser(u).from_hash(x) + get_botuser(u).transient = false } @has_changes=false end def save_array @allbotusers.values.map { |x| - x.to_hash - } + x.transient? ? nil : x.to_hash + }.compact end # checks if we know about a certain BotUser username @@ -584,7 +721,7 @@ module Irc k = n.to_sym raise "No such BotUser #{n}" unless include?(k) if @botusers.has_key?(ircuser) - return true if @botusers[ircuser].name = n + return true if @botusers[ircuser].username == n # TODO # @botusers[ircuser].logout(ircuser) end @@ -601,15 +738,43 @@ module Irc # def autologin(user) ircuser = user.to_irc_user - debug "Trying to autlogin #{ircuser}" + debug "Trying to autologin #{ircuser}" return @botusers[ircuser] if @botusers.has_key?(ircuser) @allbotusers.each { |n, bu| debug "Checking with #{n}" return bu if bu.autologin? and login(ircuser, n) } + # Check with transient users + @transients.each { |bu| + return bu if bu.login(ircuser) + } + # Finally, create a transient if we're set to allow it + if @bot.config['auth.autouser'] + bu = create_transient_botuser(ircuser) + return bu + end return everyone end + # Creates a new transient BotUser associated with Irc::User _user_, + # automatically logging him in. Note that transient botuser creation can + # fail, typically if we don't have the complete user netmask (e.g. for + # messages coming in from a linkbot) + # + def create_transient_botuser(user) + ircuser = user.to_irc_user + bu = everyone + begin + bu = BotUser.new(ircuser, :transient => true, :masks => ircuser) + bu.login(ircuser) + @transients << bu + rescue + warning "failed to create transient for #{user}" + error $! + end + return bu + end + # Checks if User _user_ can do _cmd_ on _chan_. # # Permission are checked in this order, until a true or false @@ -652,19 +817,78 @@ module Irc raise "Could not check permission for user #{user.inspect} to run #{cmdtxt.inspect} on #{chan.inspect}" end - # Checks if command _cmd_ is allowed to User _user_ on _chan_ + # Checks if command _cmd_ is allowed to User _user_ on _chan_, optionally + # telling if the user is authorized + # def allow?(cmdtxt, user, chan=nil) - permit?(user, cmdtxt, chan) + if permit?(user, cmdtxt, chan) + return true + else + # cmds = cmdtxt.split('::') + # @bot.say chan, "you don't have #{cmds.last} (#{cmds.first}) permissions here" if chan + @bot.say chan, _("%{user}, you don't have '%{command}' permissions here") % + {:user=>user, :command=>cmdtxt} if chan + return false + end end end - # Returns the only instance of AuthManagerClass + # Returns the only instance of ManagerClass # - def Auth.authmanager - return AuthManagerClass.instance + def Auth.manager + return ManagerClass.instance end end +end + + class User + + # A convenience method to automatically found the botuser + # associated with the receiver + # + def botuser + Irc::Bot::Auth.manager.irc_to_botuser(self) + end + + # Bot-specific data can be stored with Irc::Users. This is + # internally obtained by storing data to the associated BotUser, + # but this is a detail plugin writers shouldn't care about. + # bot_data(:key) can be used to retrieve a particular data set. + # This method is intended for data retrieval, and if the retrieved + # data is modified directly there is no guarantee the changes will + # be saved back. Use #set_bot_data() for that. + # + def bot_data(key=nil) + return self.botuser.data if key.nil? + return self.botuser.data[key] + end + + # This method is used to store bot-specific data for the receiver. + # If no block is passed, _value_ is stored for the key _key_; + # if a block is passed, it will be called with the previous + # _key_ value as parameter, and its return value will be stored + # as the new value. If _value_ is present in the block form, it + # will be used to initialize _key_ if it's missing + # + def set_bot_data(key,value=nil,&block) + if not block_given? + self.botuser.data[key]=value + Irc::Bot::Auth.manager.set_changed + return value + end + if value and not bot_data.has_key?(key) + set_bot_data(key, value) + end + r = value + begin + r = yield bot_data(key) + ensure + Irc::Bot::Auth.manager.set_changed + end + return r + end + end end