]>
Commit | Line | Data |
---|---|---|
189935b1 | 1 | Access control becomes more of a problem as you have more and more |
2 | users that need to access certain features. As it stands, ircu has | |
3 | only 3 access levels: ordinary user, local operator, and global | |
4 | operator. This is hardly enough control, especially over some of the | |
5 | more advanced and powerful features, such as G-lines. | |
6 | ||
7 | Since u2.10.11, ircu includes the concept of privileges. Privileges | |
8 | are basically an arbitrarily long bit string. Access to particular | |
9 | features is governed by the value of a particular bit of that bit | |
10 | string--in other words, privileges are a form of Access Control List. | |
11 | This document covers the basic structures and macros used by the | |
12 | privileges system. | |
13 | ||
14 | <struct> | |
15 | struct Privs; | |
16 | ||
17 | The Privs structure stores a privileges bit string and represents a | |
18 | user's entire privilege set. This is implemented as a structure, | |
19 | rather than as an array of integers, in order to leverage C's | |
20 | structure copy. | |
21 | </struct> | |
22 | ||
23 | <function> | |
24 | void PrivSet(struct Privs pset, int priv); | |
25 | ||
26 | This macro sets the privilege specified by _priv_ in the privileges | |
27 | structure. This macro evaluates the _priv_ argument twice. | |
28 | </function> | |
29 | ||
30 | <function> | |
31 | void PrivClr(struct Privs pset, int priv); | |
32 | ||
33 | This macro clears the privilege specified by _priv_ in the privileges | |
34 | structure. This macro evaluates the _priv_ argument twice. | |
35 | </function> | |
36 | ||
37 | <function> | |
38 | int PrivHas(struct Privs pset, int priv); | |
39 | ||
40 | This macro tests whether the privilege specified by _priv_ is set in | |
41 | the privileges structure, returning non-zero if it is. This macro | |
42 | evaluates the _priv_ argument twice. | |
43 | </function> | |
44 | ||
45 | <function> | |
46 | void GrantPriv(struct Client* cli, int priv); | |
47 | ||
48 | This macro grants a particular client, specified by _cli_, the | |
49 | privilege specified by _priv_. This macro evaluates the _priv_ | |
50 | argument twice. | |
51 | </function> | |
52 | ||
53 | <function> | |
54 | void RevokePriv(struct Client* cli, int priv); | |
55 | ||
56 | This macro revokes the privilege specified by _priv_ from the client. | |
57 | This macro evaluates the _priv_ argument twice. | |
58 | </function> | |
59 | ||
60 | <function> | |
61 | int HasPriv(struct Client* cli, int priv); | |
62 | ||
63 | This macro tests whether the client specified by _cli_ has the | |
64 | privilege specified by _priv_, returning non-zero if so. This macro | |
65 | evaluates the _priv_ argument twice. | |
66 | </function> | |
67 | ||
68 | <function> | |
69 | void client_set_privs(struct Client* client); | |
70 | ||
71 | The ircu configuration file does not yet support privileges. This | |
72 | function thus sets the appropriate privileges for an operator, based | |
73 | upon various feature settings. It should be called whenever there is | |
74 | a change in a user's IRC operator status. | |
75 | </function> | |
76 | ||
77 | <function> | |
78 | int client_report_privs(struct Client *to, struct Client *client); | |
79 | ||
80 | This function sends the client specified by _to_ a list of the | |
81 | privileges that another client has. It returns a value of 0 for the | |
82 | convenience of other functions that must return an integer value. | |
83 | </function> | |
84 | ||
85 | <authors> | |
86 | Kev <klmitch@mit.edu> | |
87 | </authors> | |
88 | ||
89 | <changelog> | |
90 | [2001-6-15 Kev] Initial documentation of the privileges system. | |
91 | </changelog> |