First permissions restriction

This commit is contained in:
Blue 2025-03-15 00:06:58 +02:00
parent 60c8782bdd
commit f03f392cee
Signed by: blue
GPG Key ID: 9B203B252A63EE38
6 changed files with 34 additions and 13 deletions

View File

@ -15,5 +15,5 @@ modules:
alias: actor alias: actor
enabled: true enabled: true
permissions: permissions:
- read: [Owner, User] read: [Owner, User]
- write: [Owner] write: [Owner]

11
jay.cpp
View File

@ -10,11 +10,16 @@ static const std::map<
std::function< std::function<
std::shared_ptr<Module::Module>( std::shared_ptr<Module::Module>(
const std::shared_ptr<Core>&, const std::shared_ptr<Core>&,
const std::shared_ptr<Connection>& const std::shared_ptr<Connection>&,
const Module::Module::Permissions& permissions
) )
> >
> moduleNames = { > moduleNames = {
{"actor", [](const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection) { return std::make_shared<Module::Actor>(core, connection); }} {"actor", [](
const std::shared_ptr<Core>& core,
const std::shared_ptr<Connection>& connection,
const Module::Module::Permissions& permissions
) { return std::make_shared<Module::Actor>(core, connection, permissions); }}
}; };
Jay::Jay(const std::string& configPath): Jay::Jay(const std::string& configPath):
@ -56,7 +61,7 @@ void Jay::createModules() {
continue; continue;
core->logger.log(Logger::info, "enabling module " + pair.first, {"Jay"}); core->logger.log(Logger::info, "enabling module " + pair.first, {"Jay"});
modules.emplace_back(pair.second(core, connection)); modules.emplace_back(pair.second(core, connection, conf.permissions));
core->router.registerModule(pair.first, modules.back()); core->router.registerModule(pair.first, modules.back());
} }
} }

View File

@ -3,8 +3,8 @@
#include "actor.h" #include "actor.h"
Module::Actor::Actor(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection): Module::Actor::Actor(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection, const Permissions& permissions):
Module(core, connection) Module(core, connection, permissions)
{} {}
Module::Actor::~Actor() noexcept {} Module::Actor::~Actor() noexcept {}
@ -13,7 +13,7 @@ void Module::Actor::message(const std::shared_ptr<::Actor>& actor, const Module:
std::string result; std::string result;
if (args.front() == "list") if (args.front() == "list")
result = list(); result = hasPermission("read", actor) ? list() : "Can not tell you that";
if (!result.empty()) if (!result.empty())
connection->send(actor->jid, result); connection->send(actor->jid, result);

View File

@ -9,7 +9,7 @@ namespace Module {
class Actor : public Module { class Actor : public Module {
public: public:
Actor(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection); Actor(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection, const Permissions& permissions);
~Actor() noexcept; ~Actor() noexcept;
virtual void message(const std::shared_ptr<::Actor>& actor, const Tokens& args) override; virtual void message(const std::shared_ptr<::Actor>& actor, const Tokens& args) override;

View File

@ -3,13 +3,24 @@
#include "module.h" #include "module.h"
#include <algorithm>
#include "gloox/message.h" #include "gloox/message.h"
Module::Module::Module(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection): Module::Module::Module(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection, const Permissions& permissions):
core(core), core(core),
connection(connection) connection(connection),
permissions(permissions)
{} {}
bool Module::Module::hasPermission(const std::string& permission, const std::shared_ptr<::Actor>& actor) const {
Permissions::const_iterator itr = permissions.find(permission);
if (itr == permissions.end())
return false;
return std::find(itr->second.begin(), itr->second.end(), actor->getGroup()) != itr->second.end();
}
Module::Module::~Module() noexcept {} Module::Module::~Module() noexcept {}
std::vector<std::string> Module::Module::split(const std::string& string, const std::string& delimiter) { std::vector<std::string> Module::Module::split(const std::string& string, const std::string& delimiter) {

View File

@ -16,20 +16,25 @@ namespace Module {
class Module { class Module {
public: public:
typedef std::vector<std::string> Tokens; typedef std::vector<std::string> Tokens;
typedef std::vector<std::string> List;
typedef std::map<std::string, List> Permissions;
protected: protected:
Module(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection); Module(const std::shared_ptr<Core>& core, const std::shared_ptr<Connection>& connection, const Permissions& permissions);
bool hasPermission(const std::string& permission, const std::shared_ptr<::Actor>& actor) const;
public: public:
virtual ~Module() noexcept; virtual ~Module() noexcept;
static Tokens split(const std::string& string, const std::string& delimiter = " "); static Tokens split(const std::string& string, const std::string& delimiter = " ");
virtual void message(const std::shared_ptr<Actor>& actor, const Tokens& args) = 0; virtual void message(const std::shared_ptr<::Actor>& actor, const Tokens& args) = 0;
protected: protected:
std::shared_ptr<Core> core; std::shared_ptr<Core> core;
std::shared_ptr<Connection> connection; std::shared_ptr<Connection> connection;
Permissions permissions;
}; };