Now that we use Match() in allowAdmin() as well, it's awkward to
have it return `true` when called with an empty admin list.
No admins defined was taken to mean "everyone is an admin".
We can either have a `len(users) == 0` check in `allowAdmin` which
rejects the request, or we can change `Match()` so that it doesn't
return positive responses when called with an empty list. Doing the
latter sounds better. It's more natural that matching against an empty list
will yield "no match".
This can be improved in the future, to show some additional information
about each mailbox like:
- "how many users are in that room"
- "which users are in that room"
- "who is the owner of the mailbox"
This can all be done later though.
Checking using `settings.Allowed` is odd. Not all commands are related
to setting configuration settings. Admin commands are coming in the
future, for which this is certainly not the case.
We now do access checks early on (during command processing), so command
handlers can be clean of access checks. If we're inside of a command
handler, the user is privileged to run it.
Retrieving the settings object for each and every option was wasteful
I don't like how we're doing custom formatting for optionMailbox in many
different places. This should be redone.
Before:
> * **`!pm help`** - Show this help message
> * **`!pm stop`** - Disable bridge for the room and clear all configuration
> * **`!pm mailbox`** - Get or set mailbox of the room
> * **`!pm owner`** - Get or set owner of the room
> * **`!pm nosender`** - Get or set `nosender` of the room (`true` - hide email sender; `false` - show email sender)
> * **`!pm nosubject`** - Get or set `nosubject` of the room (`true` - hide email subject; `false` - show email subject)
> * **`!pm nohtml`** - Get or set `nohtml` of the room (`true` - ignore HTML in email; `false` - parse HTML in emails)
> * **`!pm nothreads`** - Get or set `nothreads` of the room (`true` - ignore email threads; `false` - convert email threads into matrix threads)
> * **`!pm nofiles`** - Get or set `nofiles` of the room (`true` - ignore email attachments; `false` - upload email attachments
After:
> * **`!pm help`** - Show this help message
> * **`!pm stop`** - Disable bridge for the room and clear all configuration
> * **`!pm mailbox`** (currently `something@example.com`) - Get or set mailbox of the room
> * **`!pm owner`** (currently `@someone:example.com`) - Get or set owner of the room
> * **`!pm nosender`** (currently `false`) - Get or set `nosender` of the room (`true` - hide email sender; `false` - show email sender)
> * **`!pm nosubject`** (currently `true`) - Get or set `nosubject` of the room (`true` - hide email subject; `false` - show email subject)
> * **`!pm nohtml`** (currently `false`) - Get or set `nohtml` of the room (`true` - ignore HTML in email; `false` - parse HTML in emails)
> * **`!pm nothreads`** (currently `false`) - Get or set `nothreads` of the room (`true` - ignore email threads; `false` - convert email threads into matrix threads)
> * **`!pm nofiles`** (currently `false`) - Get or set `nofiles` of the room (`true` - ignore email attachments; `false` - upload email attachments)
Works around:
> utils/user_test.go:5:1: cognitive complexity 18 of func `TestRuleToRegex` is high (> 15) (gocognit)
Alternatively, we may look for a way to skip this test only.
It doesn't seem complex at all, so it looks like some false-positive.
This used to return an error back when it was dealing with wildcards
(which may or may not have compiled to a valid regex).
But it now deals with pre-compiled regexes and has no chance of failing,
so we need no `error` returns.
This does not do anything useful just yet.
It will be hooked to access control checks later on.
Wildcards are converted to regular expressions, because it was simpler
to do that than to write (or include) some ugly wildcard matcher library.
It also provides more flexibility, should we wish to use it later.
Regular expressions should also work well performance-wise.
We compile wildcards to regexes early on (during configuration
processing) and fail if we detect a bad pattern. This is meant to
catch various problems (typos or other mistakes) that could happen.
For this to work, configuration building had to be redone, since it can
now return an error. This may be useful in the future for validating
other configuration settings.
Related to https://gitlab.com/etke.cc/postmoogle/-/issues/1
If tests (`make test`) fail, the file won't be removed and the git
working tree will appear dirty. Someone might accidentally commit this
`cover.out` file.
