Add oper:privs

This commit is contained in:
Ed Kellett 2019-07-07 20:56:41 +01:00
parent 1cd6639a35
commit 6d5be11fb1
No known key found for this signature in database
GPG key ID: CB9986DEF342FABC
5 changed files with 19 additions and 4 deletions

View file

@ -236,7 +236,7 @@ auth {
* means they must be defined before operator {}. * means they must be defined before operator {}.
*/ */
privset "local_op" { privset "local_op" {
privs = oper:general, auspex:oper, oper:local_kill, oper:operwall; privs = oper:general, auspex:oper, oper:privs, oper:local_kill, oper:operwall;
}; };
privset "server_bot" { privset "server_bot" {

View file

@ -433,6 +433,7 @@ privset "local_op" {
* oper:general: enable most general oper privileges that came * oper:general: enable most general oper privileges that came
* with +o in older releases * with +o in older releases
* auspex:oper: allows the oper to see through oper hiding * auspex:oper: allows the oper to see through oper hiding
* oper:privs: allows /stats o/O and seeing privset in /whois
* oper:local_kill: allows local users to be /KILL'd * oper:local_kill: allows local users to be /KILL'd
* oper:global_kill: allows local and remote users to be /KILL'd * oper:global_kill: allows local and remote users to be /KILL'd
* oper:routing: allows remote SQUIT and CONNECT * oper:routing: allows remote SQUIT and CONNECT
@ -458,7 +459,7 @@ privset "local_op" {
* oper:mass_notice: allows sending wallops and mass notices * oper:mass_notice: allows sending wallops and mass notices
* oper:grant: allows using the GRANT command * oper:grant: allows using the GRANT command
*/ */
privs = oper:general, auspex:oper, oper:local_kill, oper:operwall; privs = oper:general, auspex:oper, oper:privs, oper:local_kill, oper:operwall;
}; };
privset "server_bot" { privset "server_bot" {

View file

@ -177,6 +177,13 @@ mo_privs(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source
} }
} }
if (target_p != source_p && !HasPrivilege(source_p, "oper:privs"))
{
sendto_one(source_p, form_str(ERR_NOPRIVS),
me.name, source_p->name, "privs");
return;
}
if (!IsServer(server_p)) if (!IsServer(server_p))
server_p = server_p->servptr; server_p = server_p->servptr;

View file

@ -789,7 +789,7 @@ stats_oper(struct Client *source_p)
sendto_one_numeric(source_p, RPL_STATSOLINE, sendto_one_numeric(source_p, RPL_STATSOLINE,
form_str(RPL_STATSOLINE), form_str(RPL_STATSOLINE),
oper_p->username, oper_p->host, oper_p->name, oper_p->username, oper_p->host, oper_p->name,
IsOperGeneral(source_p) ? oper_p->privset->name : "0", "-1"); HasPrivilege(source_p, "oper:privs") ? oper_p->privset->name : "0", "-1");
} }
} }
@ -810,6 +810,13 @@ stats_capability(struct Client *client_p)
static void static void
stats_privset(struct Client *source_p) stats_privset(struct Client *source_p)
{ {
if (!HasPrivilege(source_p, "oper:privs"))
{
sendto_one(source_p, form_str(ERR_NOPRIVS),
me.name, source_p->name, "privs");
return;
}
privilegeset_report(source_p); privilegeset_report(source_p);
} }

View file

@ -318,7 +318,7 @@ single_whois(struct Client *source_p, struct Client *target_p, int operspy)
GlobalSetOptions.operstring)); GlobalSetOptions.operstring));
} }
if(!EmptyString(target_p->user->opername) && IsOper(target_p) && IsOper(source_p)) if(!EmptyString(target_p->user->opername) && IsOper(target_p) && (target_p == source_p || HasPrivilege(source_p, "oper:privs")))
{ {
char buf[512]; char buf[512];
const char *privset = "(missing)"; const char *privset = "(missing)";