#include "s_serv.h"
#include "s_conf.h"
#include "s_newconf.h"
-
-static const char grant_desc[] =
- "Provides the grant facility for giving other users specific privilege sets";
+#include "msgbuf.h"
static void mo_grant(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[]);
static void me_grant(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[]);
-static void do_grant(struct Client *source_p, struct Client *target_p, const char *new_privset);
+static int do_grant(struct Client *source_p, struct Client *target_p, const char *new_privset);
struct Message grant_msgtab = {
- "GRANT", 0, 0, 0, 0,
- { mg_ignore, mg_not_oper, mg_ignore, mg_ignore, {me_grant, 3}, {mo_grant, 3}}
+ "GRANT", 0, 0, 0, 0,
+ { mg_ignore, mg_not_oper, mg_ignore, mg_ignore, {me_grant, 3}, {mo_grant, 3}}
};
mapi_clist_av1 grant_clist[] = { &grant_msgtab, NULL };
+static const char grant_desc[] = "Allows operators to set or remove operator privileges on other users";
+
DECLARE_MODULE_AV2(grant, NULL, NULL, grant_clist, NULL, NULL, NULL, NULL, grant_desc);
static void
return;
}
- if(!find_shared_conf(source_p->username, source_p->host,
- source_p->servptr->name, SHARED_GRANT))
- {
- sendto_one(source_p, ":%s NOTICE %s :You don't have an appropriate shared"
- "block to grant privilege on this server.", me.name, source_p->name);
- return;
- }
-
do_grant(source_p, target_p, parv[2]);
}
-static void
-do_grant(struct Client *source_p, struct Client *target_p, const char *new_privset)
+static int do_grant(struct Client *source_p, struct Client *target_p, const char *new_privset)
{
int dooper = 0, dodeoper = 0;
struct PrivilegeSet *privset = 0;
- const char *modeparv[4];
- if (!strcmp(new_privset, "deoper"))
+ if (!strcasecmp(new_privset, "deoper"))
{
if (!IsOper(target_p))
{
sendto_one_notice(source_p, ":You can't deoper someone who isn't an oper.");
- return;
+ return 0;
}
- new_privset = "default";
dodeoper = 1;
sendto_one_notice(target_p, ":%s is deopering you.", source_p->name);
if (!(privset = privilegeset_get(new_privset)))
{
sendto_one_notice(source_p, ":There is no privilege set named '%s'.", new_privset);
- return;
+ return 0;
+ }
+
+ if (privset == target_p->user->privset)
+ {
+ sendto_one_notice(source_p, ":%s already has privilege set %s.", target_p->name, target_p->user->privset->name);
+ return 0;
}
- if (privset == target_p->localClient->privset)
+ if (ConfigFileEntry.oper_secure_only && !IsSecureClient(target_p))
{
- sendto_one_notice(source_p, ":%s already has privilege set %s.", target_p->name, target_p->localClient->privset->name);
- return;
+ sendto_one_notice(source_p, ":Cannot GRANT %s, opers must be using secure connections.", target_p->name);
+ return 0;
}
}
sendto_one_notice(target_p, ":%s is changing your privilege set to %s", source_p->name, privset->name);
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "%s is changing the privilege set of %s to %s", get_oper_name(source_p), target_p->name, privset->name);
}
+
+ if (!IsOper(target_p))
+ {
+ dooper = 1;
+ }
}
if (dodeoper)
if (dooper)
{
- struct oper_conf oper;
+ struct oper_conf oper = {0};
oper.name = "<grant>";
- oper.umodes = 0;
- oper.snomask = 0;
oper.privset = privset;
oper_up(target_p, &oper);
}
+ else if (privset != NULL)
+ {
+ privilegeset_ref(privset);
+ }
- target_p->localClient->privset = privset;
+ if (target_p->user->privset != NULL)
+ privilegeset_unref(target_p->user->privset);
+
+ target_p->user->privset = privset;
+
+ if (privset != NULL)
+ sendto_server(NULL, NULL, CAP_TS6, NOCAPS, ":%s OPER %s %s",
+ use_id(target_p), target_p->user->opername, privset->name);
+
+ const char *modeparv[4];
modeparv[0] = modeparv[1] = target_p->name;
modeparv[2] = "+";
modeparv[3] = NULL;
user_mode(target_p, target_p, 3, modeparv);
+
+ return 0;
}
projects / solanum.git / blobdiff