From 135677d487beedb5d66274bcafb0db227e8865fb Mon Sep 17 00:00:00 2001
From: Giuseppe Bilotta <giuseppe.bilotta@gmail.com>
Date: Sat, 5 Aug 2006 10:58:20 +0000
Subject: Auth framework now allows automatic login and login-by-netmask (when
 enabled for the specific botusers) --defaults to off

---
 lib/rbot/botuser.rb   | 88 ++++++++++++++++++++++++++++++++++++++++++++-------
 lib/rbot/core/auth.rb |  7 +---
 2 files changed, 78 insertions(+), 17 deletions(-)

(limited to 'lib')

diff --git a/lib/rbot/botuser.rb b/lib/rbot/botuser.rb
index 1c2ef929..5cb05f17 100644
--- a/lib/rbot/botuser.rb
+++ b/lib/rbot/botuser.rb
@@ -20,6 +20,12 @@ module Irc
     BotConfig.register BotConfigStringValue.new( 'auth.password',
       :default => 'rbotauth', :wizard => true,
       :desc => 'Password for the bot owner' )
+    BotConfig.register BotConfigBooleanValue.new( 'auth.login_by_mask',
+      :default => 'false',
+      :desc => 'Set true if new botusers should allow logging in without a password when the user netmask is known')
+    BotConfig.register BotConfigBooleanValue.new( 'auth.login_auto',
+      :default => 'false',
+      :desc => 'Set true if new botusers should try to recognize IRC users without a need to manually login')
     # BotConfig.register BotConfigIntegerValue.new( 'auth.default_level',
     #   :default => 10, :wizard => true,
     #   :desc => 'The default level for new/unknown users' )
@@ -153,14 +159,16 @@ module Irc
     end
 
 
-    # This is the basic class for bot users: they have a username, a password, a
-    # list of netmasks to match against, and a list of permissions.
+    # This is the basic class for bot users: they have a username, a password,
+    # a list of netmasks to match against, and a list of permissions.
     #
     class BotUser
 
       attr_reader :username
       attr_reader :password
       attr_reader :netmasks
+      attr_writer :login_by_mask
+      attr_writer :autologin
 
       # Create a new BotUser with given username
       def initialize(username)
@@ -168,6 +176,8 @@ module Irc
         @password = nil
         @netmasks = NetmaskList.new
         @perm = {}
+        @login_by_mask = Auth.manager.bot.config['auth.login_by_mask'] unless defined?(@login_by_mask)
+        @autologin = Auth.manager.bot.config['auth.login_auto'] unless defined?(@autologin)
       end
 
       # Inspection
@@ -176,7 +186,9 @@ module Irc
         str << " @username=#{@username.inspect}"
         str << " @netmasks=#{@netmasks.inspect}"
         str << " @perm=#{@perm.inspect}"
-        str
+        str << " @login_by_mask=#{@login_by_mask}"
+        str << " @autologin=#{@autologin}"
+        str << ">"
       end
 
       # Convert into a hash
@@ -185,16 +197,32 @@ module Irc
           :username => @username,
           :password => @password,
           :netmasks => @netmasks,
-          :perm => @perm
+          :perm => @perm,
+          :login_by_mask => @login_by_mask,
+          :autologin => @autologin
         }
       end
 
+      # Do we allow logging in without providing the password?
+      #
+      def login_by_mask?
+        @login_by_mask
+      end
+
+      # Do we allow automatic logging in?
+      #
+      def autologin?
+        @autologin
+      end
+
       # Restore from hash
       def from_hash(h)
         @username = h[:username] if h.has_key?(:username)
         @password = h[:password] if h.has_key?(:password)
         @netmasks = h[:netmasks] if h.has_key?(:netmasks)
         @perm = h[:perm] if h.has_key?(:perm)
+        @login_by_mask = h[:login_by_mask] if h.has_key?(:login_by_mask)
+        @autologin = h[:autologin] if h.has_key?(:autologin)
       end
 
       # This method sets the password if the proposed new password
@@ -288,7 +316,7 @@ module Irc
       # is right. If it is, the Netmask of the user is added to the
       # list of acceptable Netmask unless it's already matched.
       def login(user, password)
-        if password == @password
+        if password == @password or (@password.nil? and @login_by_mask and knows?(user))
           add_netmask(user) unless knows?(user)
           debug "#{user} logged in as #{self.inspect}"
           return true
@@ -321,11 +349,30 @@ module Irc
 
       include Singleton
 
+      # The default BotUser is named 'everyone', it doesn't allow autologin
+      # (meaningless) and it allows login-by-mask
+      #
       def initialize
+        @login_by_mask = true
+        @autologin = false
         super("everyone")
         @default_perm = PermissionSet.new
       end
 
+      # This method returns without changing anything
+      #
+      def login_by_mask=(val)
+        debug "Tried to change the login-by-mask for default bot user, ignoring"
+        return @login_by_mask
+      end
+
+      # This method returns without changing anything
+      #
+      def autologin=(val)
+        debug "Tried to change the autologin for default bot user, ignoring"
+        return
+      end
+
       # Sets the default permission for the default user (i.e. the ones
       # set by the BotModule writers) on all channels
       #
@@ -340,6 +387,11 @@ module Irc
         return true if user.to_irc_user
       end
 
+      # We always allow logging in as the default user
+      def login(user, password)
+        return true
+      end
+
       # Resets the NetmaskList
       def reset_netmask_list
         super
@@ -373,6 +425,8 @@ module Irc
       include Singleton
 
       def initialize
+        @login_by_mask = false
+        @autologin = false
         super("owner")
       end
 
@@ -488,32 +542,44 @@ module Irc
         @allbotusers.fetch(BotUser.sanitize_username(name).to_sym)
       end
 
-      # Logs Irc::User _ircuser_ in to BotUser _botusername_ with password _pwd_
+      # Logs Irc::User _user_ in to BotUser _botusername_ with password _pwd_
       #
       # raises an error if _botusername_ is not a known BotUser username
       #
       # It is possible to autologin by Netmask, on request
       #
-      def login(user, botusername, pwd, bymask = false)
+      def login(user, botusername, pwd)
         ircuser = user.to_irc_user
         n = BotUser.sanitize_username(botusername)
         k = n.to_sym
         raise "No such BotUser #{n}" unless include?(k)
         if @botusers.has_key?(ircuser)
+          return true if @botusers[ircuser].name = n
           # TODO
           # @botusers[ircuser].logout(ircuser)
         end
         bu = @allbotusers[k]
-        if bymask && bu.knows?(ircuser)
-          @botusers[ircuser] = bu
-          return true
-        elsif bu.login(ircuser, pwd)
+        if bu.login(ircuser, pwd)
           @botusers[ircuser] = bu
           return true
         end
         return false
       end
 
+      # Tries to auto-login Irc::User _user_ by looking at the known botusers that allow autologin
+      # and trying to login without a password
+      #
+      def autologin(user)
+        ircuser = user.to_irc_user
+        debug "Trying to autlogin #{ircuser}"
+        return @botusers[ircuser] if @botusers.has_key?(ircuser)
+        @allbotusers.each { |n, bu|
+          debug "Checking with #{n}"
+          return bu if bu.autologin? and login(ircuser, n)
+        }
+        return everyone
+      end
+
       # Checks if User _user_ can do _cmd_ on _chan_.
       #
       # Permission are checked in this order, until a true or false
diff --git a/lib/rbot/core/auth.rb b/lib/rbot/core/auth.rb
index 228f76a8..53d88996 100644
--- a/lib/rbot/core/auth.rb
+++ b/lib/rbot/core/auth.rb
@@ -125,12 +125,7 @@ class AuthModule < CoreBotModule
 
   def auth_login(m, params)
     begin
-      if params[:password]
-        li = @bot.auth.login(m.source, params[:botuser], params[:password])
-      else
-        li = @bot.auth.login(m.source, params[:botuser], params[:password], true)
-      end
-      case li
+      case @bot.auth.login(m.source, params[:botuser], params[:password])
       when true
         m.reply "welcome, #{@bot.auth.irc_to_botuser(m.source).username}"
         @bot.auth.set_changed
-- 
cgit v1.2.3