Merge pull request #28 from klondi/unrestricted_users

Allow unrestricted users on uhub
2014-12-15 09:36:49 +01:00 · 2014-12-15 09:36:49 +01:00 · dc80644471
parent 889807da1b 076daec846
commit dc80644471
8 changed files with 78 additions and 7 deletions
--- a/src/adc/adcconst.h
+++ b/src/adc/adcconst.h
@ -156,9 +156,10 @@ typedef uint32_t fourcc_t;
 #define ADC_SUP_FLAG_ADD                "AD"
 #define ADC_SUP_FLAG_REMOVE             "RM"

-#define ADC_CLIENT_TYPE_BOT             "1"
-#define ADC_CLIENT_TYPE_REGISTERED_USER "2"
-#define ADC_CLIENT_TYPE_OPERATOR        "4"
+#define ADC_CLIENT_TYPE_BOT              "1"
+#define ADC_CLIENT_TYPE_REGISTERED_USER  "2"
+#define ADC_CLIENT_TYPE_OPERATOR         "4"
+#define ADC_CLIENT_TYPE_HUBBOT           "5"  /* 1 + 4 */
 #define ADC_CLIENT_TYPE_SUPER_USER      "12"  /* 8 + 4 */
 #define ADC_CLIENT_TYPE_ADMIN           "20"  /* 16 + 4 = hub owner */
 #define ADC_CLIENT_TYPE_HUB             "32"  /* the hub itself */
--- a/src/adc/message.c
+++ b/src/adc/message.c
@ -310,7 +310,7 @@ struct adc_message* adc_msg_parse_verify(struct hub_user* u, const char* line, s
 	if (!command)
 		return 0;

-	if (command->source && (!u || command->source != u->id.sid))
+	if (command->source && (!u || (command->source != u->id.sid && !auth_cred_is_unrestricted(u->credentials))))
 	{
 		LOG_DEBUG("Command does not match user's SID (command->source=%d, user->id.sid=%d)", command->source, (u ? u->id.sid : 0));
 		adc_msg_free(command);
--- a/src/core/auth.c
+++ b/src/core/auth.c
@ -170,6 +170,9 @@ static int acl_parse_line(char* line, int line_count, void* ptr_data)
 	LOG_DEBUG("acl_parse_line: '%s'", line);

 	ACL_ADD_USER("bot",        handle->users, auth_cred_bot);
+	ACL_ADD_USER("ubot",        handle->users, auth_cred_ubot);
+	ACL_ADD_USER("opbot",        handle->users, auth_cred_opbot);
+	ACL_ADD_USER("opubot",        handle->users, auth_cred_opubot);
 	ACL_ADD_USER("user_admin", handle->users, auth_cred_admin);
 	ACL_ADD_USER("user_super", handle->users, auth_cred_super);
 	ACL_ADD_USER("user_op",    handle->users, auth_cred_operator);
--- a/src/core/hub.c
+++ b/src/core/hub.c
@ -23,7 +23,7 @@ struct hub_info* g_hub = 0;

 /* FIXME: Flood control should be done in a plugin! */
 #define CHECK_FLOOD(TYPE, WARN) \
-	if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_  ## TYPE, hub->config->flood_ctl_interval, net_get_time())) \
+	if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_  ## TYPE, hub->config->flood_ctl_interval, net_get_time()) &&  !auth_cred_is_unrestricted(u->credentials)) \
 	{ \
 		if (WARN) \
 		{ \
--- a/src/core/inf.c
+++ b/src/core/inf.c
@ -571,6 +571,10 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a
 			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT);
 			break;

+		case auth_cred_ubot:
+			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT);
+			break;
+
 		case auth_cred_guest:
 			/* Nothing to be added to the info message */
 			break;
@ -583,6 +587,14 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a
 			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_OPERATOR);
 			break;

+		case auth_cred_opbot:
+			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT);
+			break;
+
+		case auth_cred_opubot:
+			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT);
+			break;
+
 		case auth_cred_super:
 			adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_SUPER_USER);
 			break;
--- a/src/tools/uhub-passwd.c
+++ b/src/tools/uhub-passwd.c
@ -101,7 +101,19 @@ static const char* validate_cred(const char* cred_str)
 	if (!strcmp(cred_str, "user"))
 		return "user";

-	fprintf(stderr, "Invalid user credentials. Must be one of: 'admin', 'super', 'op' or 'user'\n");
+	if (!strcmp(cred_str, "bot"))
+		return "bot";
+
+	if (!strcmp(cred_str, "ubot"))
+		return "ubot";
+
+	if (!strcmp(cred_str, "opbot"))
+		return "opbot";
+
+	if (!strcmp(cred_str, "opubot"))
+		return "opubot";
+
+	fprintf(stderr, "Invalid user credentials. Must be one of: 'bot', 'ubot', 'opbot', 'opubot', 'admin', 'super', 'op' or 'user'\n");
 	exit(1);
 }

--- a/src/util/credentials.c
+++ b/src/util/credentials.c
@ -19,11 +19,33 @@

 #include "uhub.h"

+/**
+ * Returns 1 if a user is unrestricted.
+ * Unrestricted users override the limits of flood and can send messages in
+ * the name of other users.
+ * This is useful for amongst other external chatrooms.
+ */
+int auth_cred_is_unrestricted(enum auth_credentials cred)
+{
+	switch (cred)
+	{
+		case auth_cred_ubot:
+		case auth_cred_opubot:
+			return 1;
+		default:
+			break;
+	}
+	return 0;
+}
+
 int auth_cred_is_protected(enum auth_credentials cred)
 {
 	switch (cred)
 	{
 		case auth_cred_bot:
+		case auth_cred_ubot:
+		case auth_cred_opbot:
+		case auth_cred_opubot:
 		case auth_cred_operator:
 		case auth_cred_super:
 		case auth_cred_admin:
@ -45,6 +67,9 @@ int auth_cred_is_registered(enum auth_credentials cred)
 	switch (cred)
 	{
 		case auth_cred_bot:
+		case auth_cred_ubot:
+		case auth_cred_opbot:
+		case auth_cred_opubot:
 		case auth_cred_user:
 		case auth_cred_operator:
 		case auth_cred_super:
@ -64,6 +89,9 @@ const char* auth_cred_to_string(enum auth_credentials cred)
 	{
 		case auth_cred_none:         return "none";
 		case auth_cred_bot:          return "bot";
+		case auth_cred_ubot:         return "ubot";
+		case auth_cred_opbot:        return "opbot";
+		case auth_cred_opubot:       return "opubot";
 		case auth_cred_guest:        return "guest";
 		case auth_cred_user:         return "user";
 		case auth_cred_operator:     return "operator";
@ -95,14 +123,20 @@ int auth_string_to_cred(const char* str, enum auth_credentials* out)
 			if (!strcasecmp(str, "none")) { *out = auth_cred_none; return 1; }
 			if (!strcasecmp(str, "user")) { *out = auth_cred_user; return 1; }
 			if (!strcasecmp(str, "link")) { *out = auth_cred_link; return 1; }
+			if (!strcasecmp(str, "ubot")) { *out = auth_cred_ubot; return 1; }
 			return 0;

 		case 5:
 			if (!strcasecmp(str, "admin")) { *out = auth_cred_admin; return 1; }
 			if (!strcasecmp(str, "super")) { *out = auth_cred_super; return 1; }
+			if (!strcasecmp(str, "opbot")) { *out = auth_cred_opbot; return 1; }
 			if (!strcasecmp(str, "guest")) { *out = auth_cred_guest; return 1; }
 			return 0;

+		case 6:
+			if (!strcasecmp(str, "opubot")) { *out = auth_cred_opubot; return 1; }
+			return 0;
+
 		case 8:
 			if (!strcasecmp(str, "operator")) { *out = auth_cred_operator; return 1; }
 			return 0;
--- a/src/util/credentials.h
+++ b/src/util/credentials.h
@ -23,15 +23,24 @@
 enum auth_credentials
 {
 	auth_cred_none,                 /**<<< "User has no credentials (not yet logged in)" */
-	auth_cred_bot,                  /**<<< "User is a robot" */
 	auth_cred_guest,                /**<<< "User is a guest (unregistered user)" */
 	auth_cred_user,                 /**<<< "User is identified as a registered user" */
+	auth_cred_bot,                  /**<<< "User is a robot" */
+	auth_cred_ubot,                 /**<<< "User is an unrestricted robot" */
 	auth_cred_operator,             /**<<< "User is identified as a hub operator" */
+	auth_cred_opbot,                /**<<< "User is a operator robot" */
+	auth_cred_opubot,               /**<<< "User is an unrestricted operator robot" */
 	auth_cred_super,                /**<<< "User is a super user" (not used) */
 	auth_cred_link,                 /**<<< "User is a link (not used currently)" */
 	auth_cred_admin,                /**<<< "User is identified as a hub administrator/owner" */
 };

+/**
+ * Returns 1 if the credentials means that a user is unrestricted.
+ * Returns 0 otherwise.
+ */
+int auth_cred_is_unrestricted(enum auth_credentials cred);
+
 /**
 * Returns 1 if the credentials means that a user is protected.
 * Returns 0 otherwise.