From 6f3fcc5f21331a4d93ff73d2ab7f374aeb17305c Mon Sep 17 00:00:00 2001
From: aquanight <aquanight@e03df62e-2008-0410-955e-edbf42e46eb7>
Date: Sun, 10 Aug 2008 21:34:01 +0000
Subject: [PATCH] Fix bug #555 : <options:deprotectothers> now works correctly,
 and applies to what other things a +q/+a can do to other +q/+a users (eg,
 -ohv and kick)

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@10139 e03df62e-2008-0410-955e-edbf42e46eb7
---
 src/modules/m_chanprotect.cpp | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/src/modules/m_chanprotect.cpp b/src/modules/m_chanprotect.cpp
index 014590745..95641891f 100644
--- a/src/modules/m_chanprotect.cpp
+++ b/src/modules/m_chanprotect.cpp
@@ -123,7 +123,7 @@ class FounderProtectBase
 	bool CanRemoveOthers(User* u1, User* u2, Channel* c)
 	{
 		std::string item = extend+std::string(c->name);
-		return (u1->GetExt(item) && u2->GetExt(item));
+		return (remove_other_privs && u1->GetExt(item) && u2->GetExt(item));
 	}
 
 	ModeAction HandleChange(User* source, User* theuser, bool adding, Channel* channel, std::string &parameter)
@@ -398,11 +398,10 @@ class ModuleChanProtect : public Module
 		// a relatively small number of them relevent to our module using a switch statement.
 		// don't allow action if:
 		// (A) Theyre founder (no matter what)
-		// (B) Theyre protected, and you're not
+		// (B) Theyre protected, unless you're founder or are protected and DeprivOthers is enabled
 		// always allow the action if:
 		// (A) The source is ulined
 
-
 		// firstly, if a ulined nick, or a server, is setting the mode, then allow them to set the mode
 		// without any access checks, we're not worthy :p
 		if ((ServerInstance->ULine(source->nick.c_str())) || (ServerInstance->ULine(source->server)) || (!*source->server))
@@ -411,16 +410,23 @@ class ModuleChanProtect : public Module
 		std::string founder("cm_founder_"+channel->name);
 		std::string protect("cm_protect_"+channel->name);
 
+		// Can do anything to yourself if deprotectself is enabled.
+		if (DeprivSelf && source == dest)
+			return ACR_DEFAULT;
+
+		bool candepriv_founder = (DeprivOthers && source->GetExt(founder));
+		bool candepriv_protected = (source->GetExt(founder) || (DeprivOthers && source->GetExt(protect))); // Can the source remove +a?
+
 		switch (access_type)
 		{
 			// a user has been deopped. Do we let them? hmmm...
 			case AC_DEOP:
-				if (dest->GetExt(founder))
+				if (dest->GetExt(founder) && !candepriv_founder)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't deop "+dest->nick+" as they're a channel founder");
 					return ACR_DENY;
 				}
-				if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+				if ((dest->GetExt(protect)) && !candepriv_protected)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't deop "+dest->nick+" as they're protected (+a)");
 					return ACR_DENY;
@@ -429,12 +435,12 @@ class ModuleChanProtect : public Module
 
 			// a user is being kicked. do we chop off the end of the army boot?
 			case AC_KICK:
-				if (dest->GetExt(founder))
+				if (dest->GetExt(founder) && !candepriv_founder)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't kick "+dest->nick+" as they're a channel founder");
 					return ACR_DENY;
 				}
-				if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+				if ((dest->GetExt(protect)) && !candepriv_protected)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't kick "+dest->nick+" as they're protected (+a)");
 					return ACR_DENY;
@@ -443,12 +449,12 @@ class ModuleChanProtect : public Module
 
 			// a user is being dehalfopped. Yes, we do disallow -h of a +ha user
 			case AC_DEHALFOP:
-				if (dest->GetExt(founder))
+				if (dest->GetExt(founder) && !candepriv_founder)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't de-halfop "+dest->nick+" as they're a channel founder");
 					return ACR_DENY;
 				}
-				if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+				if ((dest->GetExt(protect)) && !candepriv_protected)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't de-halfop "+dest->nick+" as they're protected (+a)");
 					return ACR_DENY;
@@ -457,12 +463,12 @@ class ModuleChanProtect : public Module
 
 			// same with devoice.
 			case AC_DEVOICE:
-				if (dest->GetExt(founder))
+				if (dest->GetExt(founder) && !candepriv_founder)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't devoice "+dest->nick+" as they're a channel founder");
 					return ACR_DENY;
 				}
-				if ((dest->GetExt(protect)) && (!source->GetExt(protect)))
+				if ((dest->GetExt(protect)) && !candepriv_protected)
 				{
 					source->WriteNumeric(484, source->nick+" "+channel->name+" :Can't devoice "+dest->nick+" as they're protected (+a)");
 					return ACR_DENY;
-- 
2.39.2