-
Notifications
You must be signed in to change notification settings - Fork 1
Users and Authorization
Depending on which information is available, the bot will recognize an IRC user by their nick, their hostname or their authed nick. Recognizing a user by their nick is not secure as anyone could fake such user as such it's not advisable to rely on this for bot administration. Recognizing a user by their hostname is safer but it would require the user to have the +x flag, a static IP or some sort of cloak to ensure that the hostname remains unchanged. The best option is to rely on the IRC network authorization system. So far it's only implemented for Quakenet.
// User recognized by login nick, best option.
// No matter what nick or host they have a logged-in user will always be properly recognized
$driver->data->add_to_list('admin',new IRC_User('User1'));
// User recognized by hostname
// Assumes that the user always has the same hostname, they can change their nick and still be recognized.
$driver->data->add_to_list('admin',new IRC_User(null,'User2','example.com'));
// User recognized by their current nick.
// If they change their nick, they will no longer be recognized
// If someone else uses their nick, they can get access to every feature that this user can
$driver->data->add_to_list('admin',new IRC_User(null,'User3'));Currently the only option for the bot to recognize logged-in users in with Q on Quakenet. To retrieve information about the users, the bot itself needs to be logged in. When a user joins a channel, the bot will issue a WHOIS request to Q in order to retrieve the required information. When the bot joins a channel, the bot will issue a single USERS request for that channel, since sending a WHOIS message for every connected client would be very inefficient. That requires the bot to have at least +k CHANLEV on the required channels.
/// Creates a bot which will log in as Bot1
$bot1 = new MelanoBot($network_quakenet,'Bot1','Q Password',array());
/// Creates a bot which will log in as Bot1 but will use Bot2 as nick
$bot2 = new MelanoBot($network_quakenet,'Bot2','Q Password',array());
$bot2->auth_nick = 'Bot1';A user can be added to authorization lists in the bot data. Command executors will use their auth attribute to allow execution by user in the correct list (a null value will allow anyone to execute it).
A user list can authorize other lists to inherit access to its features, creating an authorization hierarchy.
/// Make User1 an admin
$driver->data->add_to_list('admin',new IRC_User('User1'));
/// Make User2 a "friend"
$driver->data->add_to_list('friend',new IRC_User('User2'));
/// Everything which can be done by a friend, can also be done by an admin
$driver->data->grant_access['friend'] = array('admin');
/// Only user with "friend" authority could execute this
new Executor_Action("please","friend"),The behavior can be customized to fit any need, but here are listed the lists used by executors and setup examples.
An owner is supposed to be able to perform anything, by default all bot administration commands (like quit and similar) require this level. The owner list by default inherits admin rights.
An admin should be able to do anything that's not too harmful to the bot. The cup management system requires admin rights to perform tournament administration.
The full example uses the list blacklist to make the bot ignore some users (using Filter_UserList). This list should not grant access to other lists as users in those lists would result in the blacklist.
By default, rcon administration commands require rcon-admin access. In the Setup examples, admin inherits rights from rcon-admin.
These are specific to the cup map picking sessions. The two players are assigned to the player list and they are the only ones who can pick the map. player-admin is for commands wich can be executed by said players and bot admins, and in the examples grants access to such lists.
Executor_UserList allows IRC users to add/remove other users from a list, the full example shows this for admin and blacklist.