diff options
| author | Giuseppe Bilotta <giuseppe.bilotta@gmail.com> | 2006-08-29 09:49:58 +0000 |
|---|---|---|
| committer | Giuseppe Bilotta <giuseppe.bilotta@gmail.com> | 2006-08-29 09:49:58 +0000 |
| commit | a3dc8d973b49d6a4bf1446093c194aed5f69916f (patch) | |
| tree | 3553bcfb3d2667b93859ff978f58d466c445264c /lib | |
| parent | b565bf81cbe456205b9f9fcf9e3960109c5b7de6 (diff) | |
Introduce BotConfigValue permissions, to protect particularly sensitive config options while still allowing access to more innocent ones
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/rbot/config.rb | 2 | ||||
| -rw-r--r-- | lib/rbot/core/config.rb | 9 |
2 files changed, 11 insertions, 0 deletions
diff --git a/lib/rbot/config.rb b/lib/rbot/config.rb index e8cea284..ef079429 100644 --- a/lib/rbot/config.rb +++ b/lib/rbot/config.rb @@ -25,6 +25,7 @@ module Irc attr_reader :requires_rescan attr_reader :order attr_reader :manager + attr_reader :auth_path def initialize(key, params) @manager = BotConfig::configmanager # Keys must be in the form 'module.name'. @@ -48,6 +49,7 @@ module Irc @wizard = params[:wizard] @requires_restart = params[:requires_restart] @requires_rescan = params[:requires_rescan] + @auth_path = "config::key::#{key.sub('.','::')}" end def default if @default.instance_of?(Proc) diff --git a/lib/rbot/core/config.rb b/lib/rbot/core/config.rb index dfbaaab6..1fe2da22 100644 --- a/lib/rbot/core/config.rb +++ b/lib/rbot/core/config.rb @@ -36,6 +36,7 @@ class ConfigModule < CoreBotModule m.reply "no such config key #{key}"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
value = @bot.config.items[key].to_s
m.reply "#{key}: #{value}"
end
@@ -54,6 +55,7 @@ class ConfigModule < CoreBotModule unless @bot.config.items.has_key?(key)
m.reply "no such config key #{key}"
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
@bot.config.items[key].unset
handle_get(m, params)
m.reply "this config change will take effect on the next restart" if @bot.config.items[key].requires_restart
@@ -67,6 +69,7 @@ class ConfigModule < CoreBotModule m.reply "no such config key #{key}"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].set_string(value)
rescue ArgumentError => e
@@ -93,6 +96,7 @@ class ConfigModule < CoreBotModule m.reply "config key #{key} is not an array"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].add(value)
rescue ArgumentError => e
@@ -115,6 +119,7 @@ class ConfigModule < CoreBotModule m.reply "config key #{key} is not an array"
return
end
+ return if !@bot.auth.allow?(@bot.config.items[key].auth_path, m.source, m.replyto)
begin
@bot.config.items[key].rm(value)
rescue ArgumentError => e
@@ -253,4 +258,8 @@ conf.map 'config help :topic', conf.default_auth('*', false)
conf.default_auth('show::status', true)
+# TODO these shouldn't be set here, we need a way to let the default
+# permission be specified together with the BotConfigValue
+conf.default_auth('key', true)
+conf.default_auth('key::auth::password', false)
|