X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=lib%2Frbot%2Fbotuser.rb;h=d859e9c3f3f1d74e963e4a248f533ef9d8204da4;hb=c4502412f30f69c1ffa053b160e01d3974b338aa;hp=1c2ef929dfe3d3475cc0d7cc0753af204e7e5873;hpb=0b705e79109fa004bf8956ef65288cf00a9f3312;p=user%2Fhenk%2Fcode%2Fruby%2Frbot.git
diff --git a/lib/rbot/botuser.rb b/lib/rbot/botuser.rb
index 1c2ef929..d859e9c3 100644
--- a/lib/rbot/botuser.rb
+++ b/lib/rbot/botuser.rb
@@ -19,17 +19,23 @@ module Irc
BotConfig.register BotConfigStringValue.new( 'auth.password',
:default => 'rbotauth', :wizard => true,
- :desc => 'Password for the bot owner' )
+ :desc => _('Password for the bot owner'))
+ BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',
+ :default => 'true',
+ :desc => _('Set false to prevent new botusers from logging in without a password when the user netmask is known'))
+ BotConfig.register BotConfigBooleanValue.new( 'auth.autologin',
+ :default => 'true',
+ :desc => _('Set false to prevent new botusers from recognizing IRC users without a need to manually login'))
# BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',
# :default => 10, :wizard => true,
# :desc => 'The default level for new/unknown users' )
# Generate a random password of length _l_
#
- def random_password(l=8)
+ def Auth.random_password(l=8)
pwd = ""
- 8.times do
- pwd += (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr
+ l.times do
+ pwd << (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr
end
return pwd
end
@@ -70,7 +76,7 @@ module Irc
k.to_sym
}
@command = path.last
- debug "Created command #{@command.inspect} with path #{@path.join(', ')}"
+ debug "Created command #{@command.inspect} with path #{@path.pretty_inspect}"
end
# Returs self
@@ -95,6 +101,16 @@ class String
end
+class Symbol
+
+ # Returns an Irc::Auth::Comand from the receiver
+ def to_irc_auth_command
+ Irc::Auth::Command.new(self)
+ end
+
+end
+
+
module Irc
@@ -104,6 +120,7 @@ module Irc
# This class describes a permission set
class PermissionSet
+ attr_reader :perm
# Create a new (empty) PermissionSet
#
def initialize
@@ -153,14 +170,23 @@ module Irc
end
- # This is the basic class for bot users: they have a username, a password, a
- # list of netmasks to match against, and a list of permissions.
+ # This is the error that gets raised when an invalid password is met
+ #
+ class InvalidPassword < RuntimeError
+ end
+
+
+ # This is the basic class for bot users: they have a username, a password,
+ # a list of netmasks to match against, and a list of permissions.
#
class BotUser
attr_reader :username
attr_reader :password
attr_reader :netmasks
+ attr_reader :perm
+ attr_writer :login_by_mask
+ attr_writer :autologin
# Create a new BotUser with given username
def initialize(username)
@@ -168,6 +194,8 @@ module Irc
@password = nil
@netmasks = NetmaskList.new
@perm = {}
+ reset_login_by_mask
+ reset_autologin
end
# Inspection
@@ -176,7 +204,14 @@ module Irc
str << " @username=#{@username.inspect}"
str << " @netmasks=#{@netmasks.inspect}"
str << " @perm=#{@perm.inspect}"
- str
+ str << " @login_by_mask=#{@login_by_mask}"
+ str << " @autologin=#{@autologin}"
+ str << ">"
+ end
+
+ # In strings
+ def to_s
+ @username
end
# Convert into a hash
@@ -185,39 +220,68 @@ module Irc
:username => @username,
:password => @password,
:netmasks => @netmasks,
- :perm => @perm
+ :perm => @perm,
+ :login_by_mask => @login_by_mask,
+ :autologin => @autologin
}
end
+ # Do we allow logging in without providing the password?
+ #
+ def login_by_mask?
+ @login_by_mask
+ end
+
+ # Reset the login-by-mask option
+ #
+ def reset_login_by_mask
+ @login_by_mask = Auth.authmanager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask)
+ end
+
+ # Reset the autologin option
+ #
+ def reset_autologin
+ @autologin = Auth.authmanager.bot.config['auth.autologin'] unless defined?(@autologin)
+ end
+
+ # Do we allow automatic logging in?
+ #
+ def autologin?
+ @autologin
+ end
+
# Restore from hash
def from_hash(h)
@username = h[:username] if h.has_key?(:username)
@password = h[:password] if h.has_key?(:password)
@netmasks = h[:netmasks] if h.has_key?(:netmasks)
@perm = h[:perm] if h.has_key?(:perm)
+ @login_by_mask = h[:login_by_mask] if h.has_key?(:login_by_mask)
+ @autologin = h[:autologin] if h.has_key?(:autologin)
end
# This method sets the password if the proposed new password
# is valid
def password=(pwd=nil)
- if pwd
+ pass = pwd.to_s
+ if pass.empty?
+ reset_password
+ else
begin
- raise InvalidPassword, "#{pwd} contains invalid characters" if pwd !~ /^[A-Za-z0-9]+$/
- raise InvalidPassword, "#{pwd} too short" if pwd.length < 4
- @password = pwd
+ raise InvalidPassword, "#{pass} contains invalid characters" if pass !~ /^[\x21-\x7e]+$/
+ raise InvalidPassword, "#{pass} too short" if pass.length < 4
+ @password = pass
rescue InvalidPassword => e
raise e
rescue => e
- raise InvalidPassword, "Exception #{e.inspect} while checking #{pwd}"
+ raise InvalidPassword, "Exception #{e.inspect} while checking #{pass.inspect} (#{pwd.inspect})"
end
- else
- reset_password
end
end
# Resets the password by creating a new onw
def reset_password
- @password = random_password
+ @password = Auth.random_password
end
# Sets the permission for command _cmd_ to _val_ on channel _chan_
@@ -265,7 +329,7 @@ module Irc
# Removes all Netmask
s
#
- def reset_netmask_list
+ def reset_netmasks
@netmasks = NetmaskList.new
end
@@ -288,7 +352,7 @@ module Irc
# is right. If it is, the Netmask of the user is added to the
# list of acceptable Netmask unless it's already matched.
def login(user, password)
- if password == @password
+ if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user))
add_netmask(user) unless knows?(user)
debug "#{user} logged in as #{self.inspect}"
return true
@@ -306,7 +370,9 @@ module Irc
# and replacing any nonalphanumeric character with _
#
def BotUser.sanitize_username(name)
- return name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")
+ candidate = name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")
+ raise "sanitized botusername #{candidate} too short" if candidate.length < 3
+ return candidate
end
end
@@ -317,21 +383,51 @@ module Irc
#
class DefaultBotUserClass < BotUser
- private :login, :add_netmask, :delete_netmask
+ private :add_netmask, :delete_netmask
include Singleton
+ # The default BotUser is named 'everyone'
+ #
def initialize
+ reset_login_by_mask
+ reset_autologin
super("everyone")
@default_perm = PermissionSet.new
end
+ # This method returns without changing anything
+ #
+ def login_by_mask=(val)
+ debug "Tried to change the login-by-mask for default bot user, ignoring"
+ return @login_by_mask
+ end
+
+ # The default botuser allows logins by mask
+ #
+ def reset_login_by_mask
+ @login_by_mask = true
+ end
+
+ # This method returns without changing anything
+ #
+ def autologin=(val)
+ debug "Tried to change the autologin for default bot user, ignoring"
+ return
+ end
+
+ # The default botuser doesn't allow autologin (meaningless)
+ #
+ def reset_autologin
+ @autologin = false
+ end
+
# Sets the default permission for the default user (i.e. the ones
# set by the BotModule writers) on all channels
#
def set_default_permission(cmd, val)
@default_perm.set_permission(Command.new(cmd), val)
- debug "Default permissions now:\n#{@default_perm.inspect}"
+ debug "Default permissions now: #{@default_perm.pretty_inspect}"
end
# default knows everybody
@@ -340,8 +436,13 @@ module Irc
return true if user.to_irc_user
end
+ # We always allow logging in as the default user
+ def login(user, password)
+ return true
+ end
+
# Resets the NetmaskList
- def reset_netmask_list
+ def reset_netmasks
super
add_netmask("*!*@*")
end
@@ -373,6 +474,8 @@ module Irc
include Singleton
def initialize
+ @login_by_mask = false
+ @autologin = true
super("owner")
end
@@ -398,6 +501,7 @@ module Irc
attr_reader :everyone
attr_reader :botowner
+ attr_reader :bot
# The instance manages two Hash
es: one that maps
# Irc::User
s onto BotUser
s, and the other that maps
@@ -443,6 +547,10 @@ module Irc
end
def load_array(ary, forced)
+ unless ary
+ warn "Tried to load an empty array"
+ return
+ end
raise "Won't load with unsaved changes" if @has_changes and not forced
reset_hashes
ary.each { |x|
@@ -469,18 +577,20 @@ module Irc
# Maps Irc::User
to BotUser
def irc_to_botuser(ircuser)
- # TODO check netmasks
- @botusers[ircuser.to_irc_user] || everyone
+ logged = @botusers[ircuser.to_irc_user]
+ return logged if logged
+ return autologin(ircuser)
end
# creates a new BotUser
def create_botuser(name, password=nil)
n = BotUser.sanitize_username(name)
k = n.to_sym
- raise "BotUser #{n} exists" if include?(k)
+ raise "botuser #{n} exists" if include?(k)
bu = BotUser.new(n)
bu.password = password
@allbotusers[k] = bu
+ return bu
end
# returns the botuser with name _name_
@@ -488,32 +598,44 @@ module Irc
@allbotusers.fetch(BotUser.sanitize_username(name).to_sym)
end
- # Logs Irc::User _ircuser_ in to BotUser _botusername_ with password _pwd_
+ # Logs Irc::User _user_ in to BotUser _botusername_ with password _pwd_
#
# raises an error if _botusername_ is not a known BotUser username
#
# It is possible to autologin by Netmask, on request
#
- def login(user, botusername, pwd, bymask = false)
+ def login(user, botusername, pwd=nil)
ircuser = user.to_irc_user
n = BotUser.sanitize_username(botusername)
k = n.to_sym
raise "No such BotUser #{n}" unless include?(k)
if @botusers.has_key?(ircuser)
+ return true if @botusers[ircuser].username == n
# TODO
# @botusers[ircuser].logout(ircuser)
end
bu = @allbotusers[k]
- if bymask && bu.knows?(ircuser)
- @botusers[ircuser] = bu
- return true
- elsif bu.login(ircuser, pwd)
+ if bu.login(ircuser, pwd)
@botusers[ircuser] = bu
return true
end
return false
end
+ # Tries to auto-login Irc::User _user_ by looking at the known botusers that allow autologin
+ # and trying to login without a password
+ #
+ def autologin(user)
+ ircuser = user.to_irc_user
+ debug "Trying to autlogin #{ircuser}"
+ return @botusers[ircuser] if @botusers.has_key?(ircuser)
+ @allbotusers.each { |n, bu|
+ debug "Checking with #{n}"
+ return bu if bu.autologin? and login(ircuser, n)
+ }
+ return everyone
+ end
+
# Checks if User _user_ can do _cmd_ on _chan_.
#
# Permission are checked in this order, until a true or false
@@ -524,7 +646,11 @@ module Irc
# * everyone on all channels
#
def permit?(user, cmdtxt, channel=nil)
- botuser = irc_to_botuser(user)
+ if user.class <= BotUser
+ botuser = user
+ else
+ botuser = irc_to_botuser(user)
+ end
cmd = cmdtxt.to_irc_auth_command
chan = channel
@@ -552,9 +678,19 @@ module Irc
raise "Could not check permission for user #{user.inspect} to run #{cmdtxt.inspect} on #{chan.inspect}"
end
- # Checks if command _cmd_ is allowed to User _user_ on _chan_
+ # Checks if command _cmd_ is allowed to User _user_ on _chan_, optionally
+ # telling if the user is authorized
+ #
def allow?(cmdtxt, user, chan=nil)
- permit?(user, cmdtxt, chan)
+ if permit?(user, cmdtxt, chan)
+ return true
+ else
+ # cmds = cmdtxt.split('::')
+ # @bot.say chan, "you don't have #{cmds.last} (#{cmds.first}) permissions here" if chan
+ @bot.say chan, _("%{user}, you don't have '%{command}' permissions here") %
+ {:user=>user, :command=>cmdtxt} if chan
+ return false
+ end
end
end