Put command access checks on the command level
Checking using `settings.Allowed` is odd. Not all commands are related to setting configuration settings. Admin commands are coming in the future, for which this is certainly not the case. We now do access checks early on (during command processing), so command handlers can be clean of access checks. If we're inside of a command handler, the user is privileged to run it.
This commit is contained in:
Slavi Pantaleev
@@ -98,21 +98,3 @@ func (b *Bot) getSettings(roomID id.RoomID) (settings, error) {
|
||||
func (b *Bot) setSettings(roomID id.RoomID, cfg settings) error {
|
||||
return utils.UnwrapError(b.lp.GetClient().SetRoomAccountData(roomID, settingskey, cfg))
|
||||
}
|
||||
|
||||
// Allowed checks if change is allowed
|
||||
func (b *Bot) Allowed(userID id.UserID, cfg settings) bool {
|
||||
if !utils.Match(userID.String(), b.allowedUsers) {
|
||||
return false
|
||||
}
|
||||
|
||||
if b.noowner {
|
||||
return true
|
||||
}
|
||||
|
||||
owner := cfg.Owner()
|
||||
if owner == "" {
|
||||
return true
|
||||
}
|
||||
|
||||
return owner == userID.String()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user