Log in | Back to darenet.org

ircu api - privileges

m
 
(3 intermediate revisions not shown)
Line 91: Line 91:
</changelog></pre>
</changelog></pre>
-
== List of PRIV FLAGS ==
 
-
 
-
* PRIV_CHAN_LIMIT - no channel limit on oper
 
-
* PRIV_MODE_LCHAN - oper can mode local chans
 
-
* PRIV_WALK_LCHAN - oper can walk through local modes
 
-
* PRIV_DEOP_LCHAN - no deop oper on local chans
 
-
* PRIV_SHOW_INVIS -  show local invisible users
 
-
* PRIV_SHOW_ALL_INVIS - show all invisible users
 
-
* PRIV_UNLIMIT_QUERY - unlimit who queries
 
-
* PRIV_KILL - oper can KILL
 
-
* PRIV_LOCAL_KILL - oper can local KILL
 
-
* PRIV_REHASH - oper can REHASH
 
-
* PRIV_RESTART - oper can RESTART
 
-
* PRIV_DIE - oper can DIE
 
-
* PRIV_GLINE - oper can GLINE
 
-
* PRIV_LOCAL_GLINE - oper can local GLINE
 
-
* PRIV_ZLINE - oper can ZLINE
 
-
* PRIV_LOCAL_ZLINE - oper can local ZLINE
 
-
* PRIV_SHUN - oper can SHUN
 
-
* PRIV_LOCAL_SHUN - oper can local SHUN
 
-
* PRIV_JUPE - oper can JUPE
 
-
* PRIV_LOCAL_JUPE - oper can local JUPE
 
-
* PRIV_OPMODE - oper can OP/CLEARMODE
 
-
* PRIV_LOCAL_OPMODE - oper can local OP/CLEARMODE
 
-
* PRIV_SET - oper can SET
 
-
* PRIV_WHOX - oper can use /who x
 
-
* PRIV_BADCHAN - oper can BADCHAN
 
-
* PRIV_LOCAL_BADCHAN - oper can local BADCHAN
 
-
* PRIV_SEE_CHAN - oper can see in secret chans
 
-
* PRIV_PROPAGATE - propagate oper status
 
-
* PRIV_DISPLAY - "Is an oper" displayed
 
-
* PRIV_SEE_OPERS - display hidden opers
 
-
* PRIV_WIDE_GLINE - oper can set wider G-lines
 
-
* PRIV_WIDE_ZLINE - oper can set wider Z-lines
 
-
* PRIV_WIDE_SHUN - oper can set wider Shuns
 
-
* PRIV_LIST_CHAN - oper can list secret channels
 
-
* PRIV_FORCE_OPMODE - can hack modes on quarantined channels
 
-
* PRIV_FORCE_LOCAL_OPMODE - can hack modes on quarantined local channels
 
-
* PRIV_CHECK - oper can use CHECK
 
-
* PRIV_SEE_SECRET_CHAN - oper can see +s channels in whois
 
-
* PRIV_LAST_PRIV - number of privileges
 
[[Category:IRCu API|Privileges]]
[[Category:IRCu API|Privileges]]

Current revision as of 15:24, 17 February 2009

Access control becomes more of a problem as you have more and more
users that need to access certain features.  As it stands, ircu has
only 3 access levels: ordinary user, local operator, and global
operator.  This is hardly enough control, especially over some of the
more advanced and powerful features, such as G-lines.

Since u2.10.11, ircu includes the concept of privileges.  Privileges
are basically an arbitrarily long bit string.  Access to particular
features is governed by the value of a particular bit of that bit
string--in other words, privileges are a form of Access Control List.
This document covers the basic structures and macros used by the
privileges system.

<struct>
struct Privs;

The Privs structure stores a privileges bit string and represents a
user's entire privilege set.  This is implemented as a structure,
rather than as an array of integers, in order to leverage C's
structure copy.
</struct>

<function>
void PrivSet(struct Privs pset, int priv);

This macro sets the privilege specified by _priv_ in the privileges
structure.  This macro evaluates the _priv_ argument twice.
</function>

<function>
void PrivClr(struct Privs pset, int priv);

This macro clears the privilege specified by _priv_ in the privileges
structure.  This macro evaluates the _priv_ argument twice.
</function>

<function>
int PrivHas(struct Privs pset, int priv);

This macro tests whether the privilege specified by _priv_ is set in
the privileges structure, returning non-zero if it is.  This macro
evaluates the _priv_ argument twice.
</function>

<function>
void GrantPriv(struct Client* cli, int priv);

This macro grants a particular client, specified by _cli_, the
privilege specified by _priv_.  This macro evaluates the _priv_
argument twice.
</function>

<function>
void RevokePriv(struct Client* cli, int priv);

This macro revokes the privilege specified by _priv_ from the client.
This macro evaluates the _priv_ argument twice.
</function>

<function>
int HasPriv(struct Client* cli, int priv);

This macro tests whether the client specified by _cli_ has the
privilege specified by _priv_, returning non-zero if so.  This macro
evaluates the _priv_ argument twice.
</function>

<function>
void client_set_privs(struct Client* client);

The ircu configuration file does not yet support privileges.  This
function thus sets the appropriate privileges for an operator, based
upon various feature settings.  It should be called whenever there is
a change in a user's IRC operator status.
</function>

<function>
int client_report_privs(struct Client *to, struct Client *client);

This function sends the client specified by _to_ a list of the
privileges that another client has.  It returns a value of 0 for the
convenience of other functions that must return an integer value.
</function>

<authors>
Kev <klmitch@mit.edu>
</authors>

<changelog>
[2001-6-15 Kev] Initial documentation of the privileges system.
</changelog>