Merge pull request #142 from tewinget/set-perms

jagerman · web-flow · commit 4026da212473 · 2022-10-19T21:07:17.000-03:00
add --set-perms to pysogs, let --add-room also use them
diff --git a/sogs/__main__.py b/sogs/__main__.py
@@ -19,6 +19,12 @@
      # Add a global moderator visible as a moderator of all rooms:
     python3 -msogs --add-moderators 050123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef --rooms=+ --visible
 
+    # Set default read/write True and upload False on all rooms
+    python3 -msogs --set-perms --add-perms rw --remove-perms u --rooms='*'
+
+    # Remove overrides for user 0501234... on all rooms
+    python3 -msogs --set-perms --clear-perms rwua --rooms='*' --users 050123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+
      # List room info:
     python3 -msogs -L
 
@@ -51,6 +57,34 @@
     metavar='SESSIONID',
     help="Delete the the given Session ID(s) as moderator and admins of the room given by --rooms",
 )
+actions.add_argument(
+    '--set-perms',
+    action='store_true',
+    help="Sets default or user-specific permissions for the room given by --rooms; specify the "
+    "permissions using --add-perms or --remove-perms",
+)
+ap.add_argument(
+    '--users',
+    help="One or more specific users to set permissions for with --set-perms; if omitted then the "
+    "room default permissions will be set for the given room(s) instead.",
+    nargs='+',
+    metavar='SESSIONID',
+)
+ap.add_argument(
+    "--add-perms",
+    help="With --add-room or --set-perms, set these permissions to true; takes a string of 1-4 of "
+    "the letters \"rwua\" for [r]ead, [w]rite, [u]pload, and [a]ccess.",
+)
+ap.add_argument(
+    "--remove-perms",
+    help="With --add-room or --set-perms, set these permissions to false; takes the same string as "
+    "--add-perms, but denies the listed permissions rather than granting them.",
+)
+ap.add_argument(
+    "--clear-perms",
+    help="With --add-room or --set-perms, clear room or user overrides on these permissions, "
+    "returning them to the default setting.  Takes the same argument as --add-perms.",
+)
 ap.add_argument(
     '--admin',
     action='store_true',
@@ -60,10 +94,10 @@
     '--rooms',
     nargs='+',
     metavar='TOKEN',
-    help="Room(s) to use when adding/removing moderators/admins. If a single room name of '+' is "
-    "given then the user will be added/removed as a global admin/moderator. If a single room name "
-    "of '*' is given then the user is added/removed as an admin/moderator from each of the "
-    "server's current rooms.",
+    help="Room(s) to use when adding/removing moderators/admins or when setting permissions. "
+    "If a single room name of '+' is given then the user will be added/removed as a global "
+    "admin/moderator. '+' is not valid for setting permissions. If a single room name "
+    "of '*' is given then the changes take effect on each of the server's current rooms.",
 )
 vis_group = ap.add_mutually_exclusive_group()
 vis_group.add_argument(
@@ -177,6 +211,13 @@ def print_room(room: Room):
     admins = len(a) + len(ha)
     mods = len(m) + len(hm)
 
+    perms = "{}read, {}write, {}upload, {}accessible".format(
+        "+" if room.default_read else "-",
+        "+" if room.default_write else "-",
+        "+" if room.default_upload else "-",
+        "+" if room.default_accessible else "-",
+    )
+
     print(
         f"""
 {room.token}
@@ -188,6 +229,7 @@ def print_room(room: Room):
 Attachments: {files} ({files_size:.1f} MB)
 Reactions: {r_total}; top 5: {', '.join(f"{r} ({c})" for r, c in reactions[0:5])}
 Active users: {active[0]} (1d), {active[1]} (7d), {active[2]} (14d), {active[3]} (30d)
+Default permissions: {perms}
 Moderators: {admins} admins ({len(ha)} hidden), {mods} moderators ({len(hm)} hidden)""",
         end='',
     )
@@ -205,6 +247,52 @@ def print_room(room: Room):
         print()
 
 
+def room_token_valid(room):
+    if not re.fullmatch(r'[\w-]{1,64}', room):
+        print(
+            "Error: room tokens may only contain a-z, A-Z, 0-9, _, and - characters",
+            file=sys.stderr,
+        )
+        sys.exit(1)
+
+
+def perm_flag_to_word(char):
+    if char == 'r':
+        return "read"
+    if char == 'w':
+        return "write"
+    if char == 'u':
+        return "upload"
+    if char == 'a':
+        return "accessible"
+
+    print(f"Error: invalid permission flag '{char}'")
+    sys.exit(1)
+
+
+perms = {}
+
+
+def parse_and_set_perm_flags(flags, perm_setting):
+    for char in flags:
+        perm_type = perm_flag_to_word(char)
+        if perm_type in perms:
+            print(
+                f"Error: permission flag '{char}' in more than one permission set "
+                "(add/remove/clear)"
+            )
+            sys.exit(1)
+        perms[perm_type] = perm_setting
+
+
+if args.add_room or args.set_perms:
+    if args.add_perms:
+        parse_and_set_perm_flags(args.add_perms, True)
+    if args.remove_perms:
+        parse_and_set_perm_flags(args.remove_perms, False)
+    if args.clear_perms:
+        parse_and_set_perm_flags(args.clear_perms, None)
+
 if args.initialize:
     print("Database schema created.")
 
@@ -215,17 +303,21 @@ def print_room(room: Room):
     print("No database upgrades required.")
 
 elif args.add_room:
-    if not re.fullmatch(r'[\w-]{1,64}', args.add_room):
-        print(
-            "Error: room tokens may only contain a-z, A-Z, 0-9, _, and - characters",
-            file=sys.stderr,
-        )
-        sys.exit(1)
+    room_token_valid(args.add_room)
 
     try:
         room = Room.create(
             token=args.add_room, name=args.name or args.add_room, description=args.description
         )
+        if "read" in perms:
+            room.default_read = perms["read"]
+        if "write" in perms:
+            room.default_write = perms["write"]
+        if "accessible" in perms:
+            room.default_accessible = perms["accessible"]
+        if "upload" in perms:
+            room.default_upload = perms["upload"]
+
     except AlreadyExists:
         print(f"Error: room '{args.add_room}' already exists!", file=sys.stderr)
         sys.exit(1)
@@ -367,6 +459,49 @@ def print_room(room: Room):
                         f"Removed {u2.session_id} as moderator/admin of {room.name} ({room.token})"
                     )
 
+elif args.set_perms:
+    if not args.rooms:
+        print("Error: --rooms is required when using --set-perms", file=sys.stderr)
+        sys.exit(1)
+
+    if args.rooms == ['+']:
+        print("Error: --rooms cannot be '+' (i.e. global) with --set-perms", file=sys.stderr)
+        sys.exit(1)
+
+    users = []
+    if args.users:
+        users = [User(session_id=sid, try_blinding=True) for sid in args.users]
+
+    rooms = []
+    if args.rooms == ['*']:
+        rooms = get_rooms()
+    else:
+        try:
+            rooms = [Room(token=r) for r in args.rooms]
+        except NoSuchRoom as nsr:
+            print(f"No such room: '{nsr.token}'", file=sys.stderr)
+
+    if not len(rooms):
+        print("Error: no valid rooms specified for call to --set-perms")
+        sys.exit(1)
+
+    # users not specified means set room defaults
+    if not len(users):
+        for room in rooms:
+            if "read" in perms:
+                room.default_read = perms["read"]
+            if "write" in perms:
+                room.default_write = perms["write"]
+            if "accessible" in perms:
+                room.default_accessible = perms["accessible"]
+            if "upload" in perms:
+                room.default_upload = perms["upload"]
+    else:
+        sysadmin = SystemUser()
+        for room in rooms:
+            for user in users:
+                room.set_permissions(user, mod=sysadmin, **perms)
+
 elif args.list_rooms:
     rooms = get_rooms()
     if rooms:
