From d66ce94423efeba77c8ce51454b90eeab7cb627f Mon Sep 17 00:00:00 2001
From: danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7>
Date: Tue, 3 Mar 2009 17:45:31 +0000
Subject: Restrict some /WHO options to opers

There is no reason to be able to query the umodes of other users or the port
they connected on; this can contain private information.

If HideWhoisServer is on, also restrict local/far query.

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@11164 e03df62e-2008-0410-955e-edbf42e46eb7
---
 src/commands/cmd_who.cpp | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'src/commands/cmd_who.cpp')

diff --git a/src/commands/cmd_who.cpp b/src/commands/cmd_who.cpp
index 1b77dd004..b201b9815 100644
--- a/src/commands/cmd_who.cpp
+++ b/src/commands/cmd_who.cpp
@@ -250,7 +250,8 @@ CmdResult CommandWho::Handle (const std::vector<std::string>& parameters, User *
 					opt_realname = true;
 					break;
 				case 'm':
-					opt_mode = true;
+					if (user->HasPrivPermission("users/auspex"))
+						opt_mode = true;
 					break;
 				case 'M':
 					if (user->HasPrivPermission("users/auspex"))
@@ -260,16 +261,19 @@ CmdResult CommandWho::Handle (const std::vector<std::string>& parameters, User *
 					opt_ident = true;
 					break;
 				case 'p':
-					opt_port = true;
+					if (user->HasPrivPermission("users/auspex"))
+						opt_port = true;
 					break;
 				case 'a':
 					opt_away = true;
 					break;
 				case 'l':
-					opt_local = true;
+					if (user->HasPrivPermission("users/auspex") || !*ServerInstance->Config->HideWhoisServer)
+						opt_local = true;
 					break;
 				case 'f':
-					opt_far = true;
+					if (user->HasPrivPermission("users/auspex") || !*ServerInstance->Config->HideWhoisServer)
+						opt_far = true;
 					break;
 				case 't':
 					opt_time = true;
-- 
cgit v1.2.3