Created
December 10, 2014 19:31
-
-
Save teward/b2071ce5e4b1eee1b76d to your computer and use it in GitHub Desktop.
Revisions
-
teward created this gist
Dec 10, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,164 @@ Description: Add restrictions to prevent users from adding/removing servers and networks, both via *status and the webadmin. Author: Thomas Ward <[email protected]> Index: b/src/ClientCommand.cpp =================================================================== --- a/src/ClientCommand.cpp +++ b/src/ClientCommand.cpp @@ -466,6 +466,12 @@ PutStatus("Total: " + CString(vChans.size()) + " - Joined: " + CString(uNumJoined) + " - Detached: " + CString(uNumDetached) + " - Disabled: " + CString(uNumDisabled)); } else if (sCommand.Equals("ADDNETWORK")) { + + if (!m_pUser->IsAdmin()) { + PutStatus("ZNC users are not permitted to add networks on their own."); + return; + } + if (!m_pUser->IsAdmin() && !m_pUser->HasSpaceForNewNetwork()) { PutStatus("Network number limit reached. Ask an admin to increase the limit for you, or delete few old ones using /znc DelNetwork <name>"); return; @@ -492,6 +498,11 @@ } else if (sCommand.Equals("DELNETWORK")) { CString sNetwork = sLine.Token(1); + if (!m_pUser->IsAdmin()) { + PutStatus("ZNC users are not permitted to remove networks on their own."); + return; + } + if (sNetwork.empty()) { PutStatus("Usage: DelNetwork <name>"); return; @@ -662,6 +673,11 @@ return; } + if (!m_pUser->IsAdmin()) { + PutStatus("ZNC users are not permitted to add servers on their own."); + return; + } + if (sServer.empty()) { PutStatus("Usage: AddServer <host> [[+]port] [pass]"); return; @@ -683,6 +699,11 @@ unsigned short uPort = sLine.Token(2).ToUShort(); CString sPass = sLine.Token(3); + if (!m_pUser->IsAdmin()) { + PutStatus("ZNC users are not permitted to remove servers on their own."); + return; + } + if (sServer.empty()) { PutStatus("Usage: DelServer <host> [port] [pass]"); return; Index: b/src/Client.cpp =================================================================== --- a/src/Client.cpp +++ b/src/Client.cpp @@ -692,7 +692,7 @@ PutStatusNotice("If you want to choose another network, use /znc JumpNetwork <network>, or connect to ZNC with username " + m_pUser->GetUserName() + "/<network> (instead of just " + m_pUser->GetUserName() + ")"); } } else { - PutStatusNotice("You have no networks configured. Use /znc AddNetwork <network> to add one."); + PutStatusNotice("You have no networks configured. Please contact a ZNC administrator for assistance."); } SetNetwork(m_pNetwork, false); Index: b/modules/webadmin.cpp =================================================================== --- a/modules/webadmin.cpp +++ b/modules/webadmin.cpp @@ -820,6 +820,11 @@ } } } else { + if (!spSession->IsAdmin()) { + WebSock.PrintErrorPage("You must be an administrator to add a new network. Please contact an administrator for assistance."); + return true; + } + if (!spSession->IsAdmin() && !pUser->HasSpaceForNewNetwork()) { WebSock.PrintErrorPage("Network number limit reached. Ask an admin to increase the limit for you, or delete few old ones from Your Settings"); return true; @@ -910,11 +915,13 @@ VCString vsArgs; - pNetwork->DelServers(); - WebSock.GetRawParam("servers").Split("\n", vsArgs); - for (unsigned int a = 0; a < vsArgs.size(); a++) { - pNetwork->AddServer(vsArgs[a].Trim_n()); - } + if (spSession->IsAdmin()) { + pNetwork->DelServers(); + WebSock.GetRawParam("servers").Split("\n", vsArgs); + for (unsigned int a = 0; a < vsArgs.size(); a++) { + pNetwork->AddServer(vsArgs[a].Trim_n()); + } + } WebSock.GetParamValues("channel", vsArgs); for (unsigned int a = 0; a < vsArgs.size(); a++) { @@ -989,6 +996,7 @@ } bool DelNetwork(CWebSock& WebSock, CUser* pUser, CTemplate& Tmpl) { + CSmartPtr<CWebSession> spSession = WebSock.GetSession(); CString sNetwork = WebSock.GetParam("name"); if (sNetwork.empty() && !WebSock.IsPost()) { sNetwork = WebSock.GetParam("name", false); @@ -999,6 +1007,11 @@ return true; } + if (!spSession->IsAdmin()) { + WebSock.PrintErrorPage("You must be an administrator to remove a network. Please contact an administrator for assistance."); + return true; + } + if (sNetwork.empty()) { WebSock.PrintErrorPage("That network doesn't exist for this user"); return true; Index: b/modules/controlpanel.cpp =================================================================== --- a/modules/controlpanel.cpp +++ b/modules/controlpanel.cpp @@ -716,6 +716,11 @@ CString sNetwork = sLine.Token(2); CUser *pUser = m_pUser; + if (!m_pUser->IsAdmin()) { + PutModule("You must be an administrator to add a new network. Please contact an administrator for assistance."); + return; + } + if (sNetwork.empty()) { sNetwork = sUser; } else { @@ -754,6 +759,11 @@ CString sNetwork = sLine.Token(2); CUser *pUser = m_pUser; + if (!m_pUser->IsAdmin()) { + PutModule("You must be an administrator to delete a network. Please contact an administrator for assistance."); + return; + } + if (sNetwork.empty()) { sNetwork = sUser; } else { @@ -831,6 +841,11 @@ CString sNetwork = sLine.Token(2); CString sServer = sLine.Token(3, true); + if (!m_pUser->IsAdmin()) { + PutModule("You must be an administrator to add a new server. Please contact an administrator for assistance."); + return; + } + if (sServer.empty()) { PutModule("Usage: addserver <username> <network> <server>"); return;