1 /* 2 * Copyright (C) 2005 Jilles Tjoelker, et al. 3 * Rights to this code are as documented in doc/LICENSE. 4 * 5 * Fine grained services operator privileges 6 * 7 */ 8 9 #ifndef PRIVS_H 10 #define PRIVS_H 11 12 #define PRIV_NONE NULL 13 14 /* nickserv/userserv */ 15 #define PRIV_USER_AUSPEX "user:auspex" 16 #define PRIV_USER_ADMIN "user:admin" 17 #define PRIV_USER_SENDPASS "user:sendpass" 18 #define PRIV_USER_VHOST "user:vhost" 19 #define PRIV_USER_FREGISTER "user:fregister" 20 /* chanserv */ 21 #define PRIV_CHAN_AUSPEX "chan:auspex" 22 #define PRIV_CHAN_ADMIN "chan:admin" 23 #define PRIV_CHAN_CMODES "chan:cmodes" 24 #define PRIV_JOIN_STAFFONLY "chan:joinstaffonly" 25 /* nickserv/userserv+chanserv */ 26 #define PRIV_MARK "user:mark" 27 #define PRIV_HOLD "user:hold" 28 #define PRIV_REG_NOLIMIT "user:regnolimit" 29 /* generic */ 30 #define PRIV_SERVER_AUSPEX "general:auspex" 31 #define PRIV_VIEWPRIVS "general:viewprivs" 32 #define PRIV_FLOOD "general:flood" 33 #define PRIV_HELPER "general:helper" 34 #define PRIV_METADATA "general:metadata" 35 #define PRIV_ADMIN "general:admin" 36 /* operserv */ 37 #define PRIV_OMODE "operserv:omode" 38 #define PRIV_AKILL "operserv:akill" 39 #define PRIV_MASS_AKILL "operserv:massakill" 40 #define PRIV_AKILL_ANYMASK "operserv:akill-anymask" 41 #define PRIV_JUPE "operserv:jupe" 42 #define PRIV_NOOP "operserv:noop" 43 #define PRIV_GLOBAL "operserv:global" 44 #define PRIV_GRANT "operserv:grant" 45 #define PRIV_OVERRIDE "operserv:override" 46 /* saslserv */ 47 #define PRIV_IMPERSONATE_CLASS_FMT "impersonate:class:%s" 48 #define PRIV_IMPERSONATE_ENTITY_FMT "impersonate:entity:%s" 49 #define PRIV_IMPERSONATE_ANY "impersonate:any" 50 51 /* other access levels */ 52 #define AC_NONE NULL /* anyone */ 53 #define AC_DISABLED "special:disabled" /* noone */ 54 #define AC_AUTHENTICATED "special:authenticated" 55 /* please do not use the following anymore */ 56 #define AC_IRCOP "special:ircop" 57 #define AC_SRA "general:admin" 58 59 struct operclass_ { 60 char *name; 61 char *privs; /* priv1 priv2 priv3... */ 62 int flags; 63 mowgli_node_t node; 64 }; 65 66 #define OPERCLASS_NEEDOPER 0x1 /* only give privs to IRCops */ 67 #define OPERCLASS_BUILTIN 0x2 /* builtin */ 68 69 /* soper list struct */ 70 struct soper_ { 71 myuser_t *myuser; 72 char *name; 73 operclass_t *operclass; 74 char *classname; 75 int flags; 76 char *password; 77 }; 78 79 #define SOPER_CONF 0x1 /* oper is listed in atheme.conf */ 80 81 /* privs.c */ 82 E mowgli_list_t operclasslist; 83 E mowgli_list_t soperlist; 84 85 E void init_privs(void); 86 87 E operclass_t *operclass_add(const char *name, const char *privs, int flags); 88 E void operclass_delete(operclass_t *operclass); 89 E operclass_t *operclass_find(const char *name); 90 91 E soper_t *soper_add(const char *name, const char *classname, int flags, const char *password); 92 E void soper_delete(soper_t *soper); 93 E soper_t *soper_find(myuser_t *myuser); 94 E soper_t *soper_find_named(const char *name); 95 96 E bool is_soper(myuser_t *myuser); 97 E bool is_conf_soper(myuser_t *myuser); 98 99 /* has_any_privs(): used to determine whether we should give detailed 100 * messages about disallowed things 101 * warning: do not use this for any kind of real privilege! */ 102 E bool has_any_privs(sourceinfo_t *); 103 E bool has_any_privs_user(user_t *); 104 /* has_priv(): for sources of commands */ 105 E bool has_priv(sourceinfo_t *, const char *); 106 /* has_priv_user(): for online users */ 107 E bool has_priv_user(user_t *, const char *); 108 /* has_priv_myuser(): channel succession etc */ 109 E bool has_priv_myuser(myuser_t *, const char *); 110 /* has_priv_operclass(): /os specs etc */ 111 E bool has_priv_operclass(operclass_t *, const char *); 112 /* has_all_operclass(): checks if source has all privs in operclass */ 113 E bool has_all_operclass(sourceinfo_t *, operclass_t *); 114 115 /* get_sourceinfo_soper(): get the specific operclass role which is granting 116 * privilege authority 117 */ 118 E const soper_t *get_sourceinfo_soper(sourceinfo_t *si); 119 /* get_sourceinfo_operclass(): get the specific operclass role which is granting 120 * privilege authority 121 */ 122 E const operclass_t *get_sourceinfo_operclass(sourceinfo_t *si); 123 124 #endif /* PRIVS_H */ 125 126 /* vim:cinoptions=>s,e0,n0,f0,{0,}0,^0,=s,ps,t0,c3,+s,(2s,us,)20,*30,gs,hs 127 * vim:ts=8 128 * vim:sw=8 129 * vim:noexpandtab 130 */ 131