def addPermissionIfMissing(session,perm,desc):
"""
Adds a permission if it is nonexistant.
Returns True if it got added, False if it didn't.
"""
try:
db.getPerm(session,perm)
return False
except NoResultFound:
session.add(db.makePermission(perm,desc))
acserver.log("Authentication: Adding permission %s"%perm)
session.commit()
return True
def serverext(session,cn,ext,ext_text):
if ext == "auth":
args = ext_text.split()
if len(args) != 2:
acserver.msg("\f9Invalid arguments to auth/", cn)
return
name, pwd = args
try:
usr = session.query(db.User).filter(db.User.name==name).one()
except NoResultFound:
acserver.msg("\f9Invalid login!",cn)
return
if usr.checkPassword(pwd):
AuthenticatedClients[cn] = usr
acserver.msg("\fJLogin Succeeded!",cn)
acserver.log("Authenticated client (%d) %s as %s"%(cn,acserver.getClient(cn)['name'],name))
else:
acserver.msg("\f9Invalid login!",cn)
if ext == "adduser":
if hasPermission(cn,'addUser'):
args = ext_text.split()
if len(args) != 3:
acserver.msg("\f9Invalid arguments to register", cn)
return
name, email, pwd = args
usrcount = session.query(db.User).filter(db.User.name==name).count()
if usrcount:
acserver.msg("\f9User already exists!",cn)
session.close()
return
session.add(db.makeUser(name,pwd,email))
session.commit()
acserver.msg("\fJCreated user! Please login now with the credentials you provided.",cn)
else:
acserver.msg("\f3You don't have access to that command!",cn)
if ext == "claimadmin":
if hasPermission(cn,'serverOp'):
acserver.setAdmin(cn,1)
else:
acserver.msg("\f3You don't have access to that command!",cn)
if ext == "listusers":
if hasPermission(cn,'listUsers'):
acserver.msg("\fHUser List:",cn)
for usr in session.query(db.User).all():
if usr.id == AuthenticatedClients[cn].id:
acserver.msg("%d) \fQ%s \f5- \fI%s \f5: {\fN%s\f5}"%(usr.id, usr.name,usr.email,"\f5, \fN".join(map(lambda p: p.name, usr.permissions))),cn)
else:
acserver.msg("%d) \fR%s \f5- \fI%s \f5: {\fN%s\f5}"%(usr.id, usr.name,usr.email,"\f5, \fN".join(map(lambda p: p.name, usr.permissions))),cn)
acserver.msg("\fHEnd User List.",cn)
else:
acserver.msg("\f3You don't have access to that command!",cn)
if ext == "grantperm":
if hasPermission(cn,'grantPermission'):
args = ext_text.split()
if len(args) != 2:
acserver.msg("\f9Invalid arguments to grantperm", cn)
return
username,permname = args
try:
user = db.getUser(session,username)
except NoResultFound:
acserver.msg("\f3User not found!",cn)
return
try:
perm = db.getPerm(session,permname)
except NoResultFound:
acserver.msg("\f3Permission does not exist!",cn)
return
if perm in user.permissions:
acserver.msg("\f3User already has that permission!",cn)
return
else:
user.permissions.append(perm)
session.commit()
acserver.msg("\fJPermission granted successfully!",cn)
else:
acserver.msg("\f3You don't have access to that command!",cn)