Archive > AO official modules

Custom rights management

(1/4) > >>

Alreadythere:
Files as tgz

I've written a customizable rights management for the bot. It allows to set access rights to commands based on group membership (Guests, Members, all admin groups). All those rights can be changed online, without restarting the bot. If a rule exists for a channel/command combination for a single group, it defaults to false for all other groups. If no rule exists, it defaults to the setting command_default.

To set the rights, just use the !commands, only adding 2 rights on first start (!member for SA, !commands for SA). Hit [+] to enable, [-] to disable a command for a specific group.

The following is the diff of Bot.php, basically just add the var, and modify all lines containing if ($this -> is_command as shown below. If you have done some adds there, just doing it from hand is prolly easier.
+ in diff means new line, - remove line.

--- Code: ---@@ -69,6 +69,7 @@
     var $crontimer;
     var $lasttell;

+    var $rightsmanagement;


     /*
@@ -347,7 +348,7 @@
               $comms = array_keys($this -> commands["tell"]);
               for ($i = 0; $i < count($comms); $i++)
               {
-                if ($this -> is_command($comms[$i], $args[1]))
+               if ($this -> is_command($comms[$i], $args[1]) && $this -> rightsmanagement -> check_rights($user, $comms[$i], "tell"))
                 {
                   $this -> commands["tell"][$comms[$i]] -> tell ($user, $args[1]);
                   $i = count($comms);
@@ -363,7 +364,7 @@
               $comms = array_keys($this -> commands["tell2"]);
               for ($i = 0; $i < count($comms); $i++)
               {
-                if ($this -> is_command($comms[$i], $args[1]))
+               if ($this -> is_command($comms[$i], $args[1]) && $this -> rightsmanagement -> check_rights($user, $comms[$i], "tell2"))
                 {
                   $this -> commands["tell2"][$comms[$i]] -> tell2 ($user, $args[1]);
                   $i = count($comms);
@@ -484,7 +485,7 @@
           $comms = array_keys($this -> commands["pgmsg"]);
           for ($i = 0; $i < count($comms); $i++)
           {
-            if ($this -> is_command($comms[$i], $args[2]))
+            if ($this -> is_command($comms[$i], $args[2]) && $this -> rightsmanagement -> check_rights($user, $comms[$i], "pgmsg"))
             {
               $this -> commands["pgmsg"][$comms[$i]] -> pgmsg ($user, $args[2]);
               $i = count($comms);
@@ -539,7 +540,7 @@
             $comms = array_keys($this -> commands["gc"]);
             for ($i = 0; $i < count($comms); $i++)
             {
-              if ($this -> is_command($comms[$i], $args[2]))
+              if ($this -> is_command($comms[$i], $args[2]) && $this -> rightsmanagement -> check_rights($user, $comms[$i], "gc"))
               {
                 $this -> commands["gc"][$comms[$i]] -> gc ($user, $args[2]);
                 $i = count($comms);

--- End code ---

Khalem:
This is very nice indeed.

Small comment. Error on line 101 of RightsManagement.php

--- Code: ---
               $res = $this -> db -> select("SELECT * FROM settings WHERE setting = '" . $set . "'");

--- End code ---

Should be:

--- Code: ---
               $res = $this -> bot -> db -> select("SELECT * FROM settings WHERE setting = '" . $set . "'");

--- End code ---


Some small comments/questions (i havent had time to look into it much yet)
Does setting something as Guest also include if you are a member or admin? Or do you have to specifically set for each different group, regardless of if they are "higher" than the lowest access level set?

Also, it would be nice to allow members default access to at least normal commands when the bot is started for the first time (module started for the first time)

Alreadythere:
Oh - got the get_settings function in my Bot class, must have forgotten to modify it when copying it. Sorry about that.

Guests are all people (includes members, and any admin group).
Members are all that result in an is_member($name) == true.
For admin groups it's in_group(groupname, charname) == true.
I'm not quite sure if Guests has any sense for commands outside of the tell2 group, I haven't tested it that much with non-members myself.

Default rights are possible, sure.
I'll use cron like in Admin.php for it, and set all commands without any rights to true for a default groups. Will put that into settings, not everyone may want all new commands as members right away.
Will try to do it later today.

Alreadythere:
Added a cron function for default access rights after startup.
Adds default rights for all new commands if wished.

Just set $defaultgroup to the group you want, or "None" if you don't want any default rights.
It's a paramtere at the top of the file.

Added !commanlist, shows for all groups which commands they are allowed to use.

Old link still works, file updated, and error corrected.

Khalem:
Comitted updates to SVN

Navigation

[0] Message Index

[#] Next page

Go to full version