diff --git a/dbtools.js b/dbtools.js index b034f21..8c4739e 100644 --- a/dbtools.js +++ b/dbtools.js @@ -9,5 +9,5 @@ dbtools.createSchema = (db) => { service TEXT, \ subcommand TEXT, \ args TEXT \ - )'); // the inner bracket for sql, the outer for closing the function*/ + )'); // the inner bracket for sql, the outer for closing the function }; \ No newline at end of file diff --git a/index.js b/index.js index 299e7e9..ec69f5e 100644 --- a/index.js +++ b/index.js @@ -1,6 +1,7 @@ const commands = require('./commands.js'); const dbtools = require('./dbtools.js'); const fs = require('fs'); +const permissions = require('./permissions.js'); const sdk = require('matrix-js-sdk'); const sqlite3 = require('sqlite3').verbose(); // .verbose until basics work const yaml = require('js-yaml'); @@ -34,15 +35,20 @@ matrixClient.on('Room.timeline', function(event, room, resetTimeline) { commands.expandCommand(body, commands.projects) .then((expansion) => { - let subcommand = commands.projects[expansion.project][expansion.service][expansion.subcommand]; - const args = expansion.args.match(subcommand.regex); + permissions.eval(event.sender.userId, expansion, db) + .then((accessgranted) => { + let subcommand = commands.projects[expansion.project][expansion.service][expansion.subcommand]; + const args = expansion.args.match(subcommand.regex); - if(args === null && !subcommand.regex.test(expansion.args)) { - matrixClient.sendNotice(room.roomId, 'usage: ' + subcommand.usage); - return; - } + if(args === null && !subcommand.regex.test(expansion.args)) { + matrixClient.sendNotice(room.roomId, 'usage: ' + subcommand.usage); + return; + } - subcommand.exec(args, room, event); + subcommand.exec(args, room, event); + }, (fail) => { + matrixClient.sendNotice(room.roomId, event.sender.userId + ' ' + fail); + }); }, (fail) => { // command not found let tmp = commands.suggestFix(body, commands.projects); if(tmp !== null){ //when the regex matches nothing diff --git a/permissions.js b/permissions.js new file mode 100644 index 0000000..6e22572 --- /dev/null +++ b/permissions.js @@ -0,0 +1,50 @@ +const permissions = module.exports = {}; + +permissions.eval = (mxid, expansion, db) => { + return new Promise((resolve, reject) => { + let accessGranted = false; + + db.each('SELECT omni, project, service, subcommand, args \ + FROM permissions \ + WHERE mxid=?', + [mxid], + (err, row) => { // callback for each returned row + // check for omnipotence + if(row.omni === 1) { + accessGranted = true; + return; + }; + + // check for project permissions + const regexProject = new RegExp(row.project); + if(!regexProject.test(expansion.project)) { + return; + }; + // check for service permissions + const regexService = new RegExp(row.service); + if(!regexService.test(expansion.service)) { + return; + }; + // check for subcommand permissions + const regexSubcommand = new RegExp(row.subcommand); + if(!regexSubcommand.test(expansion.subcommand)) { + return; + }; + // check for args permissions + const regexArgs = new RegExp(row.args); + if(regexArgs.test(expansion.args)) { + accessGranted = true; + return; + }; + }, + () => { // gets called after all rows are processed + if(accessGranted) { + resolve('access granted'); + return; + } else { + reject('permission denied'); + return; + }; + }); + }); +}; \ No newline at end of file