← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/inspircd/oneiric-security

« back to all changes in this revision

Viewing changes to src/modules/m_chanprotect.cpp

  • Committer: Bazaar Package Importer
  • Author(s): Bhavani Shankar
  • Date: 2008-11-15 20:39:50 UTC
  • mfrom: (1.1.4 upstream) (3.1.2 sid)
  • Revision ID: james.westby@ubuntu.com-20081115203950-uv1pf98x2vkon7se
Tags: 1.1.21+dfsg-1ubuntu1
https://launchpad.net/bugs/298418
* Merge from debian unstable, remaining changes: (LP: #298418)
  - debian/patches/04_include-limits-h.dpatch:
    + Explicitly include limits.h for gcc 4.3.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/modules/m_chanprotect.cpp
135
135
        bool CanRemoveOthers(userrec* u1, userrec* u2, chanrec* c)
136
136
        {
137
137
                std::string item = extend+std::string(c->name);
138
 
                return (u1->GetExt(item, dummyptr) && u2->GetExt(item, dummyptr));
 
138
                return (remove_other_privs && u1->GetExt(item, dummyptr) && u2->GetExt(item, dummyptr));
139
139
        }
140
140
 
141
141
        ModeAction HandleChange(userrec* source, userrec* theuser, bool adding, chanrec* channel, std::string &parameter)
408
408
                // a relatively small number of them relevent to our module using a switch statement.
409
409
                // don't allow action if:
410
410
                // (A) Theyre founder (no matter what)
411
 
                // (B) Theyre protected, and you're not
 
411
                // (B) Theyre protected, unless you're founder or are protected and DeprivOthers is enabled
412
412
                // always allow the action if:
413
413
                // (A) The source is ulined
414
 
                
415
 
                
 
414
                                
416
415
                // firstly, if a ulined nick, or a server, is setting the mode, then allow them to set the mode
417
416
                // without any access checks, we're not worthy :p
418
417
                if ((ServerInstance->ULine(source->nick)) || (ServerInstance->ULine(source->server)) || (!*source->server))
421
420
                std::string founder = "cm_founder_"+std::string(channel->name);
422
421
                std::string protect = "cm_protect_"+std::string(channel->name);
423
422
 
 
423
                if (DeprivSelf && source == dest)
 
424
                        return ACR_DEFAULT;
 
425
 
 
426
                bool candepriv_founder = (DeprivOthers && source->GetExt(founder,dummyptr));
 
427
                bool candepriv_protected = (source->GetExt(founder,dummyptr) || (DeprivOthers && source->GetExt(protect,dummyptr))); // Can the source remove +a?
 
428
 
424
429
                switch (access_type)
425
430
                {
426
431
                        // a user has been deopped. Do we let them? hmmm...
427
432
                        case AC_DEOP:
428
 
                                if (dest->GetExt(founder,dummyptr))
 
433
                                if (dest->GetExt(founder,dummyptr) && !candepriv_founder)
429
434
                                {
430
435
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't deop "+std::string(dest->nick)+" as they're a channel founder");
431
436
                                        return ACR_DENY;
432
437
                                }
433
 
                                if ((dest->GetExt(protect,dummyptr)) && (!source->GetExt(protect,dummyptr)))
 
438
                                if ((dest->GetExt(protect,dummyptr)) && !candepriv_protected)
434
439
                                {
435
440
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't deop "+std::string(dest->nick)+" as they're protected (+a)");
436
441
                                        return ACR_DENY;
439
444
 
440
445
                        // a user is being kicked. do we chop off the end of the army boot?
441
446
                        case AC_KICK:
442
 
                                if (dest->GetExt(founder,dummyptr))
 
447
                                if (dest->GetExt(founder,dummyptr) && !candepriv_founder)
443
448
                                {
444
449
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't kick "+std::string(dest->nick)+" as they're a channel founder");
445
450
                                        return ACR_DENY;
446
451
                                }
447
 
                                if ((dest->GetExt(protect,dummyptr)) && (!source->GetExt(protect,dummyptr)))
 
452
                                if ((dest->GetExt(protect,dummyptr)) && !candepriv_protected)
448
453
                                {
449
454
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't kick "+std::string(dest->nick)+" as they're protected (+a)");
450
455
                                        return ACR_DENY;
453
458
 
454
459
                        // a user is being dehalfopped. Yes, we do disallow -h of a +ha user
455
460
                        case AC_DEHALFOP:
456
 
                                if (dest->GetExt(founder,dummyptr))
 
461
                                if (dest->GetExt(founder,dummyptr) && !candepriv_founder)
457
462
                                {
458
463
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't de-halfop "+std::string(dest->nick)+" as they're a channel founder");
459
464
                                        return ACR_DENY;
460
465
                                }
461
 
                                if ((dest->GetExt(protect,dummyptr)) && (!source->GetExt(protect,dummyptr)))
 
466
                                if ((dest->GetExt(protect,dummyptr)) && !candepriv_protected)
462
467
                                {
463
468
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't de-halfop "+std::string(dest->nick)+" as they're protected (+a)");
464
469
                                        return ACR_DENY;
467
472
 
468
473
                        // same with devoice.
469
474
                        case AC_DEVOICE:
470
 
                                if (dest->GetExt(founder,dummyptr))
 
475
                                if (dest->GetExt(founder,dummyptr) && !candepriv_founder)
471
476
                                {
472
477
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't devoice "+std::string(dest->nick)+" as they're a channel founder");
473
478
                                        return ACR_DENY;
474
479
                                }
475
 
                                if ((dest->GetExt(protect,dummyptr)) && (!source->GetExt(protect,dummyptr)))
 
480
                                if ((dest->GetExt(protect,dummyptr)) && !candepriv_protected)
476
481
                                {
477
482
                                        source->WriteServ("484 "+std::string(source->nick)+" "+std::string(channel->name)+" :Can't devoice "+std::string(dest->nick)+" as they're protected (+a)");
478
483
                                        return ACR_DENY;