| 189935b1 |
1 | Access control becomes more of a problem as you have more and more |
| 2 | users that need to access certain features. As it stands, ircu has |
| 3 | only 3 access levels: ordinary user, local operator, and global |
| 4 | operator. This is hardly enough control, especially over some of the |
| 5 | more advanced and powerful features, such as G-lines. |
| 6 | |
| 7 | Since u2.10.11, ircu includes the concept of privileges. Privileges |
| 8 | are basically an arbitrarily long bit string. Access to particular |
| 9 | features is governed by the value of a particular bit of that bit |
| 10 | string--in other words, privileges are a form of Access Control List. |
| 11 | This document covers the basic structures and macros used by the |
| 12 | privileges system. |
| 13 | |
| 14 | <struct> |
| 15 | struct Privs; |
| 16 | |
| 17 | The Privs structure stores a privileges bit string and represents a |
| 18 | user's entire privilege set. This is implemented as a structure, |
| 19 | rather than as an array of integers, in order to leverage C's |
| 20 | structure copy. |
| 21 | </struct> |
| 22 | |
| 23 | <function> |
| 24 | void PrivSet(struct Privs pset, int priv); |
| 25 | |
| 26 | This macro sets the privilege specified by _priv_ in the privileges |
| 27 | structure. This macro evaluates the _priv_ argument twice. |
| 28 | </function> |
| 29 | |
| 30 | <function> |
| 31 | void PrivClr(struct Privs pset, int priv); |
| 32 | |
| 33 | This macro clears the privilege specified by _priv_ in the privileges |
| 34 | structure. This macro evaluates the _priv_ argument twice. |
| 35 | </function> |
| 36 | |
| 37 | <function> |
| 38 | int PrivHas(struct Privs pset, int priv); |
| 39 | |
| 40 | This macro tests whether the privilege specified by _priv_ is set in |
| 41 | the privileges structure, returning non-zero if it is. This macro |
| 42 | evaluates the _priv_ argument twice. |
| 43 | </function> |
| 44 | |
| 45 | <function> |
| 46 | void GrantPriv(struct Client* cli, int priv); |
| 47 | |
| 48 | This macro grants a particular client, specified by _cli_, the |
| 49 | privilege specified by _priv_. This macro evaluates the _priv_ |
| 50 | argument twice. |
| 51 | </function> |
| 52 | |
| 53 | <function> |
| 54 | void RevokePriv(struct Client* cli, int priv); |
| 55 | |
| 56 | This macro revokes the privilege specified by _priv_ from the client. |
| 57 | This macro evaluates the _priv_ argument twice. |
| 58 | </function> |
| 59 | |
| 60 | <function> |
| 61 | int HasPriv(struct Client* cli, int priv); |
| 62 | |
| 63 | This macro tests whether the client specified by _cli_ has the |
| 64 | privilege specified by _priv_, returning non-zero if so. This macro |
| 65 | evaluates the _priv_ argument twice. |
| 66 | </function> |
| 67 | |
| 68 | <function> |
| 69 | void client_set_privs(struct Client* client); |
| 70 | |
| 71 | The ircu configuration file does not yet support privileges. This |
| 72 | function thus sets the appropriate privileges for an operator, based |
| 73 | upon various feature settings. It should be called whenever there is |
| 74 | a change in a user's IRC operator status. |
| 75 | </function> |
| 76 | |
| 77 | <function> |
| 78 | int client_report_privs(struct Client *to, struct Client *client); |
| 79 | |
| 80 | This function sends the client specified by _to_ a list of the |
| 81 | privileges that another client has. It returns a value of 0 for the |
| 82 | convenience of other functions that must return an integer value. |
| 83 | </function> |
| 84 | |
| 85 | <authors> |
| 86 | Kev <klmitch@mit.edu> |
| 87 | </authors> |
| 88 | |
| 89 | <changelog> |
| 90 | [2001-6-15 Kev] Initial documentation of the privileges system. |
| 91 | </changelog> |
projects / irc / quakenet / snircd.git / blame