diff options
author | Chris Gahan <chris@ill-logic.com> | 2006-06-01 06:10:25 +0000 |
---|---|---|
committer | Chris Gahan <chris@ill-logic.com> | 2006-06-01 06:10:25 +0000 |
commit | 8836539ba33a7507c23af1f410dbf78d36503148 (patch) | |
tree | 2666a44c185e07841fed79a776c6fa0a77acfdd1 | |
parent | f841a9060041bdb57dbfa3169212ba57936619c9 (diff) |
giuseppe.bilotta's patch:
"The auth module has a number of bugs that prevent it from functioning correctly. The attached patch fixes all the bugs I've come across and additionally introduces the command setpassword that allows a user to set his/her own password without requiring auth access. This is a provisional fix: it would be better to let the user allow full usermod access except for usermod level."
-rw-r--r-- | lib/rbot/auth.rb | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/lib/rbot/auth.rb b/lib/rbot/auth.rb index 9868e6ea..3fbf4b69 100644 --- a/lib/rbot/auth.rb +++ b/lib/rbot/auth.rb @@ -41,7 +41,7 @@ module Irc File.open( "#{@bot.botclass}/users.yaml" ) { |file| # work around YAML not maintaining the default proc @loadedusers = YAML::parse(file).transform - @users.merge(@loadedusers) + @users.update(@loadedusers) } end if(File.exist?("#{@bot.botclass}/levels.rbot")) @@ -125,7 +125,7 @@ module Irc return true else debug "usermod: Tried to modify unknown item #{item}" - @bot.say tell, "Unknown item #{item}" if tell + # @bot.say tell, "Unknown item #{item}" if tell end end return false @@ -155,8 +155,9 @@ module Irc end def identify( mask, username, password ) - usermod( username, '+hostmask', mask ) if @users.has_key? username && @users[username].password == password - debug "User identified: #{username}" + return false unless @users.has_key?(username) && @users[username].password == password + @bot.auth.usermod( username, '+hostmask', mask ) + return true end # return all currently defined commands (for which auth is required) and @@ -241,27 +242,39 @@ module Irc m.reply "Failed to set #$2 of #$1 to #$3" end end + when( /^setpassword\s+(\S+)/ ) + password = $1 + user = @bot.auth.matchingUser( m.source ) + if user + if @bot.auth.usermod(user, 'password', password) + m.reply "Your password has been set to #{password}" + else + m.reply "Couldn't set password" + end + else + m.reply 'You don\'t belong to any user.' + end when (/^auth\s+(\S+)/) if( $1 == @bot.config['auth.password'] ) if ! @users.has_key? 'master' @bot.auth.useradd( 'master', 1000, @bot.config['auth.password'], m.source ) else - @bot.usermod( 'master', '+hostmask', m.source ) + @bot.auth.usermod( 'master', '+hostmask', m.source ) end m.reply 'Identified, security level maxed out' else m.reply 'Incorrect password' end when( /^identify\s+(\S+)\s+(\S+)/ ) - if( @bot.auth.identify( m.source, $1, $2 ) ) - m.reply "Identified as #$1(#{@users[$1].level($1)}" + if @bot.auth.identify( m.source, $1, $2 ) + m.reply "Identified as #$1 (#{@users[$1].level})" else m.reply 'Incorrect username/password' end when( 'whoami' ) user = @bot.auth.matchingUser( m.source ) if user - m.reply "I recognize you as #{user}(#{@users[user].level})" + m.reply "I recognize you as #{user} (#{@users[user].level})" else m.reply 'You don\'t belong to any user.' end |