Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Users #8

Open
triplem opened this issue Jan 23, 2013 · 2 comments
Open

Users #8

triplem opened this issue Jan 23, 2013 · 2 comments

Comments

@triplem
Copy link

triplem commented Jan 23, 2013

Hi,

right now all users are allowed to call all commands. I guess we should create a separation of concerns here. E.g. Only admins are allowed to reload plugins, while members are only able to add words ti the textfilter. Other users can then e.g.call the lastseen functionality.

So i guess we have three user groups: admin, members and the rest. The users and there groups should be stored in a central place (json file and/or database). This will have an impact on all plugins and we should therefor put this in a central place (irc.js or global.js). What do you think?
@ktiedt
Copy link
Owner

ktiedt commented Jan 23, 2013

This is true, and the original intent for me anyways, was not to create a new Eggdrop type bot, but it would be fairly trivial to add a "master" user in the config, and allow that user to promote users -- this would require a slight update to the User object and would also make the couchdb (or some persistence module) a requirement

@triplem
Copy link
Author

triplem commented Jan 24, 2013

Not thinking about such an advanced concept as implemented in eggdrop (give voice to a user, etc.), but only certain groups of users.

  • A user should be able to use only allowed commands
  • The plugin is responsible to check, if the user is allowed to use the command(s) of the plugin, this is per command and/or per plugin (eg a possible meeting plugin could just allow the admin users to start a meeting, but all valid users are allowed to vote, the textfilter plugin command !addword should just be usable by the member users) - Does this make sense?
  • A plugin can provide different commands with different rights (meaning e.g. the user plugin would provide
  • only the available commands should be shown to him in the help (this is related to Add help plugin (first draft) #7, and it is not a requirement from the beginning)
  • A plugin should be able to create its own group, if needed (since the plugin is in itself responsible for checking the user rights, this should not be a problem)
  • The user should be able to change her password
  • The master user (admin?) or better the group admin should be able to create users with a generated password online (via IRC I meant)
  • The storeage of the users and passwords should be done in a transparent way, meaning that it should be possible to change the datastoreage easily (my preference would be sqlite, another user would like to use mysql, ...) - possible to use activerecord, node-dbi, jugglingdb as an abstraction layer
  • Users should be recognized by their nick and/or host
  • Users do have to login with their password to use the functionalites of certain plugins

This functionality should be put into the core of the bot IMHO. Question is, if we would need something like a "dependency mechanism" for plugins, because not all plugins would use this functionalitly a user could turn it off completely and remove the dependency to an exisiting database).

Just my initial thoughts on this one. What do you think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ktiedt @triplem