summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/rbot/core/auth.rb86
1 files changed, 78 insertions, 8 deletions
diff --git a/lib/rbot/core/auth.rb b/lib/rbot/core/auth.rb
index 8da26979..82b784e3 100644
--- a/lib/rbot/core/auth.rb
+++ b/lib/rbot/core/auth.rb
@@ -6,11 +6,13 @@
# destruction
# * <code>user destroy _botuser_ _password_</code> would actually destroy
# _botuser_ if it was queued and the _password_ is correct
-# * user destruction can be done without changing botuser.rb by getting the
-# save_array for @bot.auth, manipulating it, and reloading it with @bot.auth.load_array
# * user copy
# * user rename
#
+# It should be fairly easy to implement all of this stuff by using
+# @bot.auth.load_array and @bot.auth.save_array: this means it can be tested
+# live and without any need to touch the rbot kernel file +botuser.rb+
+#
class AuthModule < CoreBotModule
@@ -210,8 +212,10 @@ class AuthModule < CoreBotModule
return "user create <name> <password> : create botuser named <name> with password <password>. The password can be omitted, in which case a random one will be generated. The <name> should only contain alphanumeric characters and the underscore (_)"
when /^user list/
return "user list : lists all the botusers"
+ when /^user destroy/
+ return "user destroy <botuser> <password> : destroys <botuser>; this function #{Bold}must#{Bold} be called in two steps. On the first call, no password must be specified: <botuser> is then queued for destruction. On the second call, you must specify the correct password for <botuser>, and it will be destroyed. If you want to cancel the destruction, issue the command +user cancel destroy <botuser>+"
when /^user/
- return "user show, enable|disable, add|rm netmask, set, reset, tell, create, list"
+ return "user show, enable|disable, add|rm netmask, set, reset, tell, create, list, destroy"
else
return "#{name}: login, whoami, permission syntax, permissions, user"
end
@@ -426,22 +430,88 @@ class AuthModule < CoreBotModule
def auth_list_users(m, params)
# TODO name regexp to filter results
list = @bot.auth.save_array.inject([]) { |list, x| list << x[:username] } - ['everyone', 'owner']
+ if defined?(@destroy_q)
+ list.map! { |x|
+ @destroy_q.include?(x) ? x + " (queued for destruction)" : x
+ }
+ end
return m.reply "I have no botusers other than the default ones" if list.empty?
return m.reply "Botuser#{'s' if list.length > 1}: #{list.join(', ')}"
end
+ def auth_destroy_user(m, params)
+ @destroy_q = [] unless defined?(@destroy_q)
+ buname = params[:name]
+ returm m.reply "You can't destroy #{buname}" if ["everyone", "owner"].include?(buname)
+ cancel = m.message.split[1] == 'cancel'
+ password = params[:password]
+ buser_array = @bot.auth.save_array
+ buser_hash = buser_array.inject({}) { |h, u|
+ h[u[:username]] = u
+ h
+ }
+
+ return m.reply "No such botuser #{buname}" unless buser_hash.keys.include?(buname)
+
+ if cancel
+ if @destroy_q.include?(buname)
+ @destroy_q.delete(buname)
+ m.reply "#{buname} removed from the destruction queue"
+ else
+ m.reply "#{buname} was not queued for destruction"
+ end
+ return
+ end
+
+ if password.nil?
+ if @destroy_q.include?(buname)
+ rep = "#{buname} already queued for destruction"
+ else
+ @destroy_q << buname
+ rep = "#{buname} queued for destruction"
+ end
+ return m.reply rep + ", use #{Bold}user destroy #{buname} <password>#{Bold} to destroy it"
+ else
+ begin
+ return m.reply "#{buname} is not queued for destruction yet" unless @destroy_q.include?(buname)
+ return m.reply "wrong password for #{buname}" unless buser_hash[buname][:password] == password
+ buser_array.delete_if { |u|
+ u[:username] == buname
+ }
+ @destroy_q.delete(buname)
+ @bot.auth.load_array(buser_array, true)
+ rescue => e
+ return m.reply "failed: #{e}"
+ end
+ return m.reply "user #{buname} destroyed"
+ end
+
+ end
+
end
auth = AuthModule.new
-auth.map "user tell :user the password for :botuser",
- :action => 'auth_tell_password',
- :auth_path => 'user::tell'
-
auth.map "user create :name :password",
:action => 'auth_create_user',
:defaults => {:password => nil},
- :auth_path => 'user::create!'
+ :auth_path => 'user::manage::create!'
+
+auth.map "user cancel destroy :name :password",
+ :action => 'auth_destroy_user',
+ :defaults => { :password => nil },
+ :auth_path => 'user::manage::destroy::cancel!'
+
+auth.map "user destroy :name :password",
+ :action => 'auth_destroy_user',
+ :defaults => { :password => nil },
+ :auth_path => 'user::manage::destroy!'
+
+auth.default_auth("user::manage", false)
+
+auth.map "user tell :user the password for :botuser",
+ :action => 'auth_tell_password',
+ :auth_path => 'user::tell'
auth.map "user list",
:action => 'auth_list_users',