security_2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

security_2 [2013/09/12 22:49]
 security_2 [2020/09/12 01:30] (current)
Line 1: Line 1:
 +====== Developers Guide for BeBot's Security Management System ======
  
 +===== Using the Security System in your modules =====
 +==== Basic use the Security System in your modules ==== 
 +To make security easy for module developers, the check_access function provides all the security checks you will need. When assigning security to commands, you should **always** use one of the eight access levels, never security groups. This allows the bot user full flexibility with their configuration as org ranks and custom security groups must be assigned access levels. 
 +
 +For example, if your module's commands should only be used by bot leaders you would use the following code:
 +<code php>
 +if ($this -> bot -> security -> check_access($playername, "LEADER"))
 +    return "You are a Leader or higher on <botname>!";
 +else
 +    return "You are not a Leader or higher on <botname>";
 +</code>
 +
 +check_access returns TRUE if the player meets or exceeds the level you are checking. A player with an access of LEADER, ADMIN, SUPERADMIN, or OWNER all meet or exceed the leader requirement. 
 +
 +
 +BeBot check's it's banlist on all incoming tell, pgroup, and gc commands. If you are taking input from other chat channels, you may want to have a ban check. 
 +
 +<code php>
 +if ($this -> bot -> security -> is_banned($name))
 +{
 +    $this -> bot -> send_ban($name, "Sorry, you have been banned from <botname> and cannot use that command.");
 +}
 +else
 +{
 +   // your code here.
 +}
 +</code>
 +
 +When you wish to send notification about a ban, you should **always** use BeBot's send_ban function. The send_ban function has built in spam control that will prevent a banned user from filling up your bot's tell queue with outgoing ban notifications. 
 +
 +
 +==== Advanced use the Security System in your modules ====
 +
 +The Security Module provides the following functions for modifying the roster and security groups. 
 +
 +  * Add a group:
 +<code php>
 +add_group($groupname, $description);
 +</code>
 +  * Delete a group: 
 +<code php>
 +del_group($target);
 +</code>
 +  * Add a user to a group:
 +<code php>
 +add_group_member($target, $group)
 +</code>
 +  * Remove a user from a group:
 +<code php>
 +del_group_member($target, $group)
 +</code>
 +  * Add a member or guest:
 +<code php>
 +add_user($admin, $target, $level="guest")
 +</code>
 +  * Remove a member or guest:
 +<code php>
 +del_user($admin, $target)
 +</code>
 +  * Set a ban:
 +<code php>
 +set_ban($admin, $target)
 +</code>
 +  * Remove a ban:
 +<code php>
 +rem_ban($admin, $target)
 +</code>
 +  * Get group id (returns -1 if group doesn't exisit)
 +<code php>
 +get_gid($groupname)
 +</code>
 +
 +
 +==== Expert use the Security System in your modules ==== 
 +The cache_mgr($action, $cache, $info, $more) function is used to add and remove information from the security cache. The advanced functions above all use the cache_mgr function to update information. If you are modifying the security database or roster directly in your module (something that in general should not be done) you must use the cache_mgr function to update the security cache as appropriate or your database modifications will not take effect until the bot is restarted. 
 +
 +Description of function parameters:
 +$action: add or rem
 +$cache: Which cache to modify (groups, guests, members, banned, groupmem, orgranks)
 +$info: The information to add (or remove)
 +$more: Extra information needed for some actions. (Optional Parameter)
 +
 +  * Add and remove a guest:
 +<code php>
 +$this -> cache_mgr("add", "guests", "Glarawyn");
 +$this -> cache_mgr("rem", "guests", "Glarawyn");
 +</code>
 +  * Add and remove a member:
 +<code php>
 +$this -> cache_mgr("add", "members", "Glarawyn");
 +$this -> cache_mgr("rem", "members", "Glarawyn");
 +</code>
 +  * Add and remove a ban:
 +<code php>
 +$this -> cache_mgr("add", "banned", "Glarawyn");
 +$this -> cache_mgr("rem", "banned", "Glarawyn");
 +</code>
 +  * Add a group: 
 +<code php>
 +$tmp = array("gid" => "10", "name" => "groupname", "description" = "Example Group", "access_level" => 2);
 +$this -> cache_mgr("add", "groups", $tmp);
 +</code>
 +  * Remove a group: 
 +<code php>
 +$this -> cache_mgr("rem", "groups", $groupname);
 +</code>
 +  * Add and remove a group member:
 +<code php>
 +$this -> cache_mgr("add", "groupmem", $groupname, $membername);
 +$this -> cache_mgr("rem", "groupmem", $groupname, $membername);
 +</code>
 +  * Change an org rank's access level:
 +<code php>
 +$this -> cache_mgr("add", "orgrank", "President", "255");
 +</code>