GitHub/PyLink
3
0
Fork 0
mirror of https://github.com/jlu5/PyLink.git synced 2024-11-01 09:19:23 +01:00
Code Issues Projects Releases Wiki Activity
91e39b7df9
PyLink/coremods/permissions.py
James Lu 91e39b7df9 WIP Permissions API (#190)
2016-08-25 00:45:05 -07:00

64 lines
2.4 KiB
Python
Raw Blame History

"""
permissions.py - Permissions Abstraction for PyLink IRC Services.
"""
from collections import defaultdict
import threading
# Global variables: these store mappings of hostmasks/exttargets to lists of permissions each target has.
default_permissions = defaultdict(set)
permissions = defaultdict(set)
# Only allow one thread to change the permissions index at once.
permissions_lock = threading.Lock()
from pylinkirc import conf, utils
from pylinkirc.log import log
def resetPermissions():
"""
Loads the permissions specified in the permissions: block of the PyLink configuration,
if such a block exists. Otherwise, fallback to the default permissions specified by plugins.
"""
with permissions_lock:
global permissions
log.debug('permissions.resetPermissions: old perm list: %s', permissions)
permissions = conf.conf.get('permissions', default_permissions)
log.debug('permissions.resetPermissions: new perm list: %s', permissions)
def addDefaultPermissions(perms):
"""Adds default permissions to the index."""
with permissions_lock:
global permissions
for target, permlist in perms.items():
permissions[target] |= permlist
def removeDefaultPermissions(perms):
"""Remove default permissions from the index."""
with permissions_lock:
global permissions
for target, permlist in perms.items():
permissions[target] -= permlist
def checkPermissions(irc, uid, perms):
"""
Checks permissions of the caller. If the caller has any of the permissions listed in perms,
this function returns True. Otherwise, NotAuthorizedError is raised.
"""
# Iterate over all hostmask->permission list mappings.
for host, permlist in permissions.copy().items():
if irc.matchHost(host, uid):
# Now, iterate over all the perms we are looking for.
for perm in perms:
# Use irc.matchHost to expand globs in an IRC-case insensitive and wildcard
# friendly way. e.g. 'xyz.*.#Channel\' will match 'xyz.manage.#channel|' on IRCds
# using the RFC1459 casemapping.
if any(irc.matchHost(perm, p) for p in permlist):
return True
raise utils.NotAuthorizedError("You are missing one of the following permissions: %s" %
(', '.join(perms)))
# This is called on first import.
resetPermissions()
Reference in New Issue View Git Blame Copy Permalink