ADD: Integrated Permissions Module - Starting prototype and proof of concept

2 years ago · 8d1f7ffcfc
parent 8902a4d49a
commit 8d1f7ffcfc
5 changed files with 58 additions and 7 deletions
--- a/models/ipm.py
+++ b/models/ipm.py
@ -0,0 +1,16 @@
+from settings.config import SQLACHEMY
+from sqlalchemy import Table
+from sqlalchemy.orm import declarative_base
+
+Base = declarative_base()
+
+class Ipm(Base):
+    """
+    IPM model class.
+    """
+    __table__ = Table(
+        "ipm",
+        Base.metadata,
+        autoload=True,
+        autoload_with=SQLACHEMY
+    )
--- a/settings/config.py
+++ b/settings/config.py
@ -40,7 +40,7 @@ RQ_LEADERBOARD = os.environ.get('RQ_LEADERBOARD_FILE', '/opt/neeble/rqlb.list')
 # Define the path for the --roulette leaderboard
 ROULETTE_LEADERBOARD = os.environ.get('ROULETTE_LEADERBOARD', '/opt/neeble/roulette.list')

-
+### THE 'PERMISSIONS' SET OF INSTRUCTIONS WILL BECOME DEPRECATED IN FAVOR OF THE IPM (Integrated Permissions Module)
 ## INSTRUCTIONS ON SETTING UP PERMISSIONS:
 # Permissions are now granular, more than one distinct role
 # can execute the commands, whatever roles are inside the
--- a/utils/commands.py
+++ b/utils/commands.py
@ -18,6 +18,7 @@ from utils.machine_monitor import Monitor
 from utils.news_paper import News
 from utils.tools import datetime_to_string, kbytes_to_gbytes
 from utils.weather import displayweather, getweatherdata
+from utils.ipm import ipm_check

 client = commands.Bot(command_prefix='--', intents=Intents.all())

@ -646,14 +647,16 @@ async def neeble_debug(bot:object) -> str:
    Outputs debug data.
    """

-    # TODO: This is repeated role checking code from the deletion function, better make this into one function itself
-    roles = [r.name for r in bot.author.roles]
-    PermStatus = False
+#    # TODO: This is repeated role checking code from the deletion function, better make this into one function itself
+#    roles = [r.name for r in bot.author.roles]
+#    PermStatus = False
+#
+#    if len(PERMISSIONS['dq']) < 1 or not len(set(PERMISSIONS['dq']).intersection(roles)) < 1:
+#        PermStatus = True

-    if len(PERMISSIONS['dq']) < 1 or not len(set(PERMISSIONS['dq']).intersection(roles)) < 1:
-        PermStatus = True
+    PermStatus = ipm_check(bot.author.name, "mgmt.dbg")

-    if not PermStatus:
+    if PermStatus is False:
        return await bot.send("_And who the fuck do **YOU** think you are!?_.\n"\
            "(You don't have the necessary role for this command)")
    clock = comlock
--- a/utils/database.py
+++ b/utils/database.py
@ -61,6 +61,14 @@ def migrate() -> None:
            published_at date not null,
            index viewed_idx(title, published_at)
        ) character set utf8mb4 collate utf8mb4_general_ci;
+        
+        CREATE TABLE `ipm` (
+          `id` int(11) NOT NULL AUTO_INCREMENT,
+          `user` varchar(500) DEFAULT NULL,
+          `ipmlist` varchar(4096) NOT NULL,
+          PRIMARY KEY (`id`),
+          UNIQUE KEY `user` (`user`) USING HASH
+        ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
    '''
    try:
        with Cursor(MYSQL_CONFIG) as cursor:
--- a/utils/ipm.py
+++ b/utils/ipm.py
@ -0,0 +1,24 @@
+## IPM (Integrated Permissions Module)
+# The Integrated Permissions Module will allow for individual sets of rules for individual users
+
+import MySQLdb
+from models.ipm import Ipm
+from settings.config import MYSQL_CONFIG, SQLACHEMY
+from sqlalchemy.orm import Session
+import json
+
+def ipm_check(user: str, ipmstring: str) -> bool:
+
+    ipmjson = {}
+    ipmstring = ipmstring.split('.')
+    with Session(SQLACHEMY) as session:
+        ipmlist = session.query(Ipm).filter(Ipm.user==user)
+        ipmlist = session.execute(ipmlist)
+        ipmlist = [obj.ipmlist for obj in ipmlist.scalars()]
+        ipmjson = json.loads(str(ipmlist[0])) if ipmlist else None
+    if ipmjson is None:
+        return False
+    if ipmstring[1] in ipmjson[ipmstring[0]] or "*" in ipmjson[ipmstring[0]]:
+        return True
+    else:
+        return False