You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
90 lines
2.6 KiB
90 lines
2.6 KiB
package main |
|
|
|
import ( |
|
"strings" |
|
|
|
"samhofi.us/x/keybase/types/chat1" |
|
) |
|
|
|
// checkPermissionAndExecute will check the minimum required role for the permission and execute the handler function if allowed |
|
func (b *bot) checkPermissionAndExecute(requiredRole string, m chat1.MsgSummary, f func(chat1.MsgSummary)) { |
|
// get the members of the conversation |
|
b.debug("Executing permissions check") |
|
// currently this doesn't work due to a keybase bug |
|
// the workaround is to check the general channel the old way |
|
//conversation, err := b.k.ListMembersOfConversation(m.ConvID) |
|
|
|
// **** <workaround> |
|
channel := chat1.ChatChannel{ |
|
Name: m.Channel.Name, |
|
MembersType: m.Channel.MembersType, |
|
TopicName: "general", |
|
} |
|
conversation, err := b.k.ListMembersOfChannel(channel) |
|
/// **** </workaround> |
|
|
|
if err != nil { |
|
eid := b.logError(err) |
|
b.k.ReactByConvID(m.ConvID, m.Id, "Error ID %s", eid) |
|
return |
|
} |
|
// create a map of valid roles, according to @dxb struc |
|
memberTypes := make(map[string]struct{}) |
|
memberTypes["owner"] = struct{}{} |
|
memberTypes["admin"] = struct{}{} |
|
memberTypes["writer"] = struct{}{} |
|
memberTypes["reader"] = struct{}{} |
|
|
|
// if the role is not in the map, its an invalid role |
|
if _, ok := memberTypes[strings.ToLower(requiredRole)]; !ok { |
|
// the role passed was not valid, so bail |
|
b.log("ERROR: %s is not a valid permissions level", requiredRole) |
|
return |
|
} |
|
|
|
// then descend permissions from top down |
|
for _, member := range conversation.Members.Owners { |
|
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) { |
|
f(m) |
|
return |
|
} |
|
b.debug("no") |
|
} |
|
// if the required role was owner, return and don't evaluate the rest |
|
if strings.ToLower(requiredRole) == "owner" { |
|
b.debug("user does not have required permission of: owner") |
|
return |
|
} |
|
// admins |
|
for _, member := range conversation.Members.Admins { |
|
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) { |
|
f(m) |
|
return |
|
} |
|
} |
|
if strings.ToLower(requiredRole) == "admin" { |
|
b.debug("user does not have required permission of: admin") |
|
return |
|
} |
|
// writers |
|
for _, member := range conversation.Members.Writers { |
|
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) { |
|
f(m) |
|
return |
|
} |
|
} |
|
if strings.ToLower(requiredRole) == "writer" { |
|
b.debug("user does not have required permission of: writer") |
|
return |
|
} |
|
// readers |
|
for _, member := range conversation.Members.Readers { |
|
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) { |
|
f(m) |
|
return |
|
} |
|
} |
|
// just return - restricted bots shouldn't be able to run commands |
|
b.debug("user does not have required permission of: reader") |
|
return |
|
}
|
|
|