bots
/
jitsibot
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
91 Commits
1 Branch
0 Tags
4.3 MiB
 
 
 
Tree: fec95b86a9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fec95b86a9'
${ noResults }
jitsibot/permissions.go

106 lines
3.2 KiB
Raw Blame History

package main
import (
"strings"
"samhofi.us/x/keybase/v2/types/chat1"
)
// checkPermissionAndExecute will check the minimum required role for the permission and execute the handler function if allowed
func (b *bot) checkPermissionAndExecute(requiredRole string, m chat1.MsgSummary, f func(chat1.MsgSummary)) {
// get the members of the conversation
b.debug("Executing permissions check")
// currently this doesn't work due to a keybase bug unless you're in the role of resticted bot
// the workaround is to check the general channel the old way
// so first check the new way
members, err := b.k.ListMembersOfConversation(m.ConvID)
if err != nil {
eid := b.logError(err)
b.k.ReactByConvID(m.ConvID, m.Id, "Error ID %s", eid)
return
}
// **** <workaround>
// check if the length of the lists are zero
// it'll look like this:
// {"owners":[],"admins":[],"writers":[],"readers":[],"bots":[],"restrictedBots":[]}
if len(members.Owners) == 0 &&
len(members.Admins) == 0 &&
len(members.Writers) == 0 &&
len(members.Readers) == 0 &&
len(members.Bots) == 0 &&
len(members.RestrictedBots) == 0 {
channel := chat1.ChatChannel{
Name: m.Channel.Name,
MembersType: m.Channel.MembersType,
TopicName: "general",
}
// re-map the members using the workaround, in case you're not in the restricted bot role
members, err = b.k.ListMembersOfChannel(channel)
if err != nil {
eid := b.logError(err)
b.k.ReactByConvID(m.ConvID, m.Id, "Error ID %s", eid)
return
}
}
/// **** </workaround>
// create a map of valid roles, according to @dxb struc
memberTypes := make(map[string]struct{})
memberTypes["owner"] = struct{}{}
memberTypes["admin"] = struct{}{}
memberTypes["writer"] = struct{}{}
memberTypes["reader"] = struct{}{}
// if the role is not in the map, its an invalid role
if _, ok := memberTypes[strings.ToLower(requiredRole)]; !ok {
// the role passed was not valid, so bail
b.log("ERROR: %s is not a valid permissions level", requiredRole)
return
}
// then descend permissions from top down
for _, member := range members.Owners {
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) {
f(m)
return
}
b.debug("no")
}
// if the required role was owner, return and don't evaluate the rest
if strings.ToLower(requiredRole) == "owner" {
b.debug("user does not have required permission of: owner")
return
}
// admins
for _, member := range members.Admins {
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) {
f(m)
return
}
}
if strings.ToLower(requiredRole) == "admin" {
b.debug("user does not have required permission of: admin")
return
}
// writers
for _, member := range members.Writers {
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) {
f(m)
return
}
}
if strings.ToLower(requiredRole) == "writer" {
b.debug("user does not have required permission of: writer")
return
}
// readers
for _, member := range members.Readers {
if strings.ToLower(member.Username) == strings.ToLower(m.Sender.Username) {
f(m)
return
}
}
// just return - restricted bots shouldn't be able to run commands
b.debug("user does not have required permission of: reader")
return
}