X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=lib%2Frbot%2Fbotuser.rb;h=e498ce6c2cabdbef086511de386f71e10e811380;hb=c986bc82f4b856818e97e24fbf5fc11eef5f25c2;hp=ea47fcbd7641b33ab51ae3966bb783fd63c8947e;hpb=6bf3094ac4ad043f00a3ef8cc2af48a8c23d114a;p=user%2Fhenk%2Fcode%2Fruby%2Frbot.git
diff --git a/lib/rbot/botuser.rb b/lib/rbot/botuser.rb
index ea47fcbd..e498ce6c 100644
--- a/lib/rbot/botuser.rb
+++ b/lib/rbot/botuser.rb
@@ -9,19 +9,8 @@
require 'singleton'
-module Irc
-
- # This method raises a TypeError if _user_ is not of class User
- #
- def Irc.error_if_not_user(user)
- raise TypeError, "#{user.inspect} must be of type Irc::User and not #{user.class}" unless user.class <= User
- end
- # This method raises a TypeError if _chan_ is not of class Chan
- #
- def Irc.error_if_not_channel(chan)
- raise TypeError, "#{chan.inspect} must be of type Irc::User and not #{chan.class}" unless chan.class <= Channel
- end
+module Irc
# This module contains the actual Authentication stuff
@@ -30,17 +19,24 @@ module Irc
BotConfig.register BotConfigStringValue.new( 'auth.password',
:default => 'rbotauth', :wizard => true,
- :desc => 'Password for the bot owner' )
+ :on_change => Proc.new {|bot, v| bot.auth.botowner.password = v},
+ :desc => _('Password for the bot owner'))
+ BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',
+ :default => 'true',
+ :desc => _('Set false to prevent new botusers from logging in without a password when the user netmask is known'))
+ BotConfig.register BotConfigBooleanValue.new( 'auth.autologin',
+ :default => 'true',
+ :desc => _('Set false to prevent new botusers from recognizing IRC users without a need to manually login'))
# BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',
# :default => 10, :wizard => true,
# :desc => 'The default level for new/unknown users' )
# Generate a random password of length _l_
#
- def random_password(l=8)
+ def Auth.random_password(l=8)
pwd = ""
- 8.times do
- pwd += (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr
+ l.times do
+ pwd << (rand(26) + (rand(2) == 0 ? 65 : 97) ).chr
end
return pwd
end
@@ -81,21 +77,51 @@ module Irc
k.to_sym
}
@command = path.last
- debug "Created command #{@command.inspect} with path #{@path.join(', ')}"
+ debug "Created command #{@command.inspect} with path #{@path.pretty_inspect}"
end
- end
+ # Returs self
+ def to_irc_auth_command
+ self
+ end
- # This method raises a TypeError if _user_ is not of class User
- #
- def Irc.error_if_not_command(cmd)
- raise TypeError, "#{cmd.inspect} must be of type Irc::Auth::Command and not #{cmd.class}" unless cmd.class <= Command
end
+ end
+
+end
+
+
+class String
+
+ # Returns an Irc::Auth::Comand from the receiver
+ def to_irc_auth_command
+ Irc::Auth::Command.new(self)
+ end
+
+end
+
+
+class Symbol
+
+ # Returns an Irc::Auth::Comand from the receiver
+ def to_irc_auth_command
+ Irc::Auth::Command.new(self)
+ end
+
+end
+
+
+module Irc
+
+
+ module Auth
+
# This class describes a permission set
class PermissionSet
+ attr_reader :perm
# Create a new (empty) PermissionSet
#
def initialize
@@ -109,8 +135,8 @@ module Irc
# Sets the permission for command _cmd_ to _val_,
#
- def set_permission(cmd, val)
- Irc::error_if_not_command(cmd)
+ def set_permission(str, val)
+ cmd = str.to_irc_auth_command
case val
when true, false
@perm[cmd.command] = val
@@ -130,8 +156,8 @@ module Irc
# Tells if command _cmd_ is permitted. We do this by returning
# the value of the deepest Command#path that matches.
#
- def permit?(cmd)
- Irc::error_if_not_command(cmd)
+ def permit?(str)
+ cmd = str.to_irc_auth_command
allow = nil
cmd.path.reverse.each { |k|
if @perm.has_key?(k)
@@ -145,14 +171,23 @@ module Irc
end
- # This is the basic class for bot users: they have a username, a password, a
- # list of netmasks to match against, and a list of permissions.
+ # This is the error that gets raised when an invalid password is met
+ #
+ class InvalidPassword < RuntimeError
+ end
+
+
+ # This is the basic class for bot users: they have a username, a password,
+ # a list of netmasks to match against, and a list of permissions.
#
class BotUser
attr_reader :username
attr_reader :password
attr_reader :netmasks
+ attr_reader :perm
+ attr_writer :login_by_mask
+ attr_writer :autologin
# Create a new BotUser with given username
def initialize(username)
@@ -160,6 +195,8 @@ module Irc
@password = nil
@netmasks = NetmaskList.new
@perm = {}
+ reset_login_by_mask
+ reset_autologin
end
# Inspection
@@ -168,7 +205,14 @@ module Irc
str << " @username=#{@username.inspect}"
str << " @netmasks=#{@netmasks.inspect}"
str << " @perm=#{@perm.inspect}"
- str
+ str << " @login_by_mask=#{@login_by_mask}"
+ str << " @autologin=#{@autologin}"
+ str << ">"
+ end
+
+ # In strings
+ def to_s
+ @username
end
# Convert into a hash
@@ -177,39 +221,68 @@ module Irc
:username => @username,
:password => @password,
:netmasks => @netmasks,
- :perm => @perm
+ :perm => @perm,
+ :login_by_mask => @login_by_mask,
+ :autologin => @autologin
}
end
+ # Do we allow logging in without providing the password?
+ #
+ def login_by_mask?
+ @login_by_mask
+ end
+
+ # Reset the login-by-mask option
+ #
+ def reset_login_by_mask
+ @login_by_mask = Auth.authmanager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask)
+ end
+
+ # Reset the autologin option
+ #
+ def reset_autologin
+ @autologin = Auth.authmanager.bot.config['auth.autologin'] unless defined?(@autologin)
+ end
+
+ # Do we allow automatic logging in?
+ #
+ def autologin?
+ @autologin
+ end
+
# Restore from hash
def from_hash(h)
@username = h[:username] if h.has_key?(:username)
@password = h[:password] if h.has_key?(:password)
@netmasks = h[:netmasks] if h.has_key?(:netmasks)
@perm = h[:perm] if h.has_key?(:perm)
+ @login_by_mask = h[:login_by_mask] if h.has_key?(:login_by_mask)
+ @autologin = h[:autologin] if h.has_key?(:autologin)
end
# This method sets the password if the proposed new password
# is valid
def password=(pwd=nil)
- if pwd
+ pass = pwd.to_s
+ if pass.empty?
+ reset_password
+ else
begin
- raise InvalidPassword, "#{pwd} contains invalid characters" if pwd !~ /^[A-Za-z0-9]+$/
- raise InvalidPassword, "#{pwd} too short" if pwd.length < 4
- @password = pwd
+ raise InvalidPassword, "#{pass} contains invalid characters" if pass !~ /^[\x21-\x7e]+$/
+ raise InvalidPassword, "#{pass} too short" if pass.length < 4
+ @password = pass
rescue InvalidPassword => e
raise e
rescue => e
- raise InvalidPassword, "Exception #{e.inspect} while checking #{pwd}"
+ raise InvalidPassword, "Exception #{e.inspect} while checking #{pass.inspect} (#{pwd.inspect})"
end
- else
- reset_password
end
end
# Resets the password by creating a new onw
def reset_password
- @password = random_password
+ @password = Auth.random_password
end
# Sets the permission for command _cmd_ to _val_ on channel _chan_
@@ -217,12 +290,7 @@ module Irc
def set_permission(cmd, val, chan="*")
k = chan.to_s.to_sym
@perm[k] = PermissionSet.new unless @perm.has_key?(k)
- case cmd
- when String
- @perm[k].set_permission(Command.new(cmd), val)
- else
- @perm[k].set_permission(cmd, val)
- end
+ @perm[k].set_permission(cmd, val)
end
# Resets the permission for command _cmd_ on channel _chan_
@@ -250,34 +318,26 @@ module Irc
# Adds a Netmask
#
def add_netmask(mask)
- case mask
- when Netmask
- @netmasks << mask
- else
- @netmasks << Netmask.new(mask)
- end
+ @netmasks << mask.to_irc_netmask
end
# Removes a Netmask
#
def delete_netmask(mask)
- case mask
- when Netmask
- m = mask
- else
- m << Netmask.new(mask)
- end
+ m = mask.to_irc_netmask
@netmasks.delete(m)
end
# Removes all Netmasks
- def reset_netmask_list
+ #
+ def reset_netmasks
@netmasks = NetmaskList.new
end
# This method checks if BotUser has a Netmask that matches _user_
- def knows?(user)
- Irc::error_if_not_user(user)
+ #
+ def knows?(usr)
+ user = usr.to_irc_user
known = false
@netmasks.each { |n|
if user.matches?(n)
@@ -293,7 +353,7 @@ module Irc
# is right. If it is, the Netmask of the user is added to the
# list of acceptable Netmask unless it's already matched.
def login(user, password)
- if password == @password
+ if password == @password or (password.nil? and (@login_by_mask || @autologin) and knows?(user))
add_netmask(user) unless knows?(user)
debug "#{user} logged in as #{self.inspect}"
return true
@@ -311,7 +371,9 @@ module Irc
# and replacing any nonalphanumeric character with _
#
def BotUser.sanitize_username(name)
- return name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")
+ candidate = name.to_s.chomp.downcase.gsub(/[^a-z0-9]/,"_")
+ raise "sanitized botusername #{candidate} too short" if candidate.length < 3
+ return candidate
end
end
@@ -322,32 +384,66 @@ module Irc
#
class DefaultBotUserClass < BotUser
- private :login, :add_netmask, :delete_netmask
+ private :add_netmask, :delete_netmask
include Singleton
+ # The default BotUser is named 'everyone'
+ #
def initialize
+ reset_login_by_mask
+ reset_autologin
super("everyone")
@default_perm = PermissionSet.new
end
+ # This method returns without changing anything
+ #
+ def login_by_mask=(val)
+ debug "Tried to change the login-by-mask for default bot user, ignoring"
+ return @login_by_mask
+ end
+
+ # The default botuser allows logins by mask
+ #
+ def reset_login_by_mask
+ @login_by_mask = true
+ end
+
+ # This method returns without changing anything
+ #
+ def autologin=(val)
+ debug "Tried to change the autologin for default bot user, ignoring"
+ return
+ end
+
+ # The default botuser doesn't allow autologin (meaningless)
+ #
+ def reset_autologin
+ @autologin = false
+ end
+
# Sets the default permission for the default user (i.e. the ones
# set by the BotModule writers) on all channels
#
def set_default_permission(cmd, val)
@default_perm.set_permission(Command.new(cmd), val)
- debug "Default permissions now:\n#{@default_perm.inspect}"
+ debug "Default permissions now: #{@default_perm.pretty_inspect}"
end
# default knows everybody
#
def knows?(user)
- Irc::error_if_not_user(user)
+ return true if user.to_irc_user
+ end
+
+ # We always allow logging in as the default user
+ def login(user, password)
return true
end
# Resets the NetmaskList
- def reset_netmask_list
+ def reset_netmasks
super
add_netmask("*!*@*")
end
@@ -379,6 +475,8 @@ module Irc
include Singleton
def initialize
+ @login_by_mask = false
+ @autologin = true
super("owner")
end
@@ -404,6 +502,7 @@ module Irc
attr_reader :everyone
attr_reader :botowner
+ attr_reader :bot
# The instance manages two Hashes: one that maps
# Irc::Users onto BotUsers, and the other that maps
@@ -449,10 +548,14 @@ module Irc
end
def load_array(ary, forced)
+ unless ary
+ warning "Tried to load an empty array"
+ return
+ end
raise "Won't load with unsaved changes" if @has_changes and not forced
reset_hashes
ary.each { |x|
- raise TypeError, "#{x} should be a Hash" unless x.class <= Hash
+ raise TypeError, "#{x} should be a Hash" unless x.kind_of?(Hash)
u = x[:username]
unless include?(u)
create_botuser(u)
@@ -475,19 +578,20 @@ module Irc
# Maps Irc::User to BotUser
def irc_to_botuser(ircuser)
- Irc::error_if_not_user(ircuser)
- # TODO check netmasks
- return @botusers[ircuser] || everyone
+ logged = @botusers[ircuser.to_irc_user]
+ return logged if logged
+ return autologin(ircuser)
end
# creates a new BotUser
def create_botuser(name, password=nil)
n = BotUser.sanitize_username(name)
k = n.to_sym
- raise "BotUser #{n} exists" if include?(k)
+ raise "botuser #{n} exists" if include?(k)
bu = BotUser.new(n)
bu.password = password
@allbotusers[k] = bu
+ return bu
end
# returns the botuser with name _name_
@@ -495,32 +599,44 @@ module Irc
@allbotusers.fetch(BotUser.sanitize_username(name).to_sym)
end
- # Logs Irc::User _ircuser_ in to BotUser _botusername_ with password _pwd_
+ # Logs Irc::User _user_ in to BotUser _botusername_ with password _pwd_
#
# raises an error if _botusername_ is not a known BotUser username
#
# It is possible to autologin by Netmask, on request
#
- def login(ircuser, botusername, pwd, bymask = false)
- Irc::error_if_not_user(ircuser)
+ def login(user, botusername, pwd=nil)
+ ircuser = user.to_irc_user
n = BotUser.sanitize_username(botusername)
k = n.to_sym
raise "No such BotUser #{n}" unless include?(k)
if @botusers.has_key?(ircuser)
+ return true if @botusers[ircuser].username == n
# TODO
# @botusers[ircuser].logout(ircuser)
end
bu = @allbotusers[k]
- if bymask && bu.knows?(ircuser)
- @botusers[ircuser] = bu
- return true
- elsif bu.login(ircuser, pwd)
+ if bu.login(ircuser, pwd)
@botusers[ircuser] = bu
return true
end
return false
end
+ # Tries to auto-login Irc::User _user_ by looking at the known botusers that allow autologin
+ # and trying to login without a password
+ #
+ def autologin(user)
+ ircuser = user.to_irc_user
+ debug "Trying to autlogin #{ircuser}"
+ return @botusers[ircuser] if @botusers.has_key?(ircuser)
+ @allbotusers.each { |n, bu|
+ debug "Checking with #{n}"
+ return bu if bu.autologin? and login(ircuser, n)
+ }
+ return everyone
+ end
+
# Checks if User _user_ can do _cmd_ on _chan_.
#
# Permission are checked in this order, until a true or false
@@ -530,10 +646,15 @@ module Irc
# * everyone on _chan_
# * everyone on all channels
#
- def permit?(user, cmdtxt, chan=nil)
- botuser = irc_to_botuser(user)
- cmd = Command.new(cmdtxt)
+ def permit?(user, cmdtxt, channel=nil)
+ if user.class <= BotUser
+ botuser = user
+ else
+ botuser = irc_to_botuser(user)
+ end
+ cmd = cmdtxt.to_irc_auth_command
+ chan = channel
case chan
when User
chan = "?"
@@ -558,9 +679,19 @@ module Irc
raise "Could not check permission for user #{user.inspect} to run #{cmdtxt.inspect} on #{chan.inspect}"
end
- # Checks if command _cmd_ is allowed to User _user_ on _chan_
+ # Checks if command _cmd_ is allowed to User _user_ on _chan_, optionally
+ # telling if the user is authorized
+ #
def allow?(cmdtxt, user, chan=nil)
- permit?(user, cmdtxt, chan)
+ if permit?(user, cmdtxt, chan)
+ return true
+ else
+ # cmds = cmdtxt.split('::')
+ # @bot.say chan, "you don't have #{cmds.last} (#{cmds.first}) permissions here" if chan
+ @bot.say chan, _("%{user}, you don't have '%{command}' permissions here") %
+ {:user=>user, :command=>cmdtxt} if chan
+ return false
+ end
end
end