[NeonServV5.git] / src / cmd_neonserv_setaccess.c

/* cmd_neonserv_setaccess.c - NeonServ v5.1
 * Copyright (C) 2011  Philipp Kreil (pk910)
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License 
 * along with this program. If not, see <http://www.gnu.org/licenses/>. 
 */

#include "cmd_neonserv.h"

/*
* argv[0] - nick / *auth
* argv[1] - global access
*/
static AUTHLOOKUP_CALLBACK(neonserv_cmd_setaccess_auth_lookup);
static USERAUTH_CALLBACK(neonserv_cmd_setaccess_nick_lookup);
static void neonserv_cmd_setaccess_async1(struct ClientSocket *client, struct ClientSocket *textclient, struct UserNode *user, struct Event *event, char *nick, char *auth, int access);

struct neonserv_cmd_setaccess_cache {
    struct ClientSocket *client, *textclient;
    struct UserNode *user;
    struct Event *event;
    int access;
    char *nick;
};

CMD_BIND(neonserv_cmd_setaccess) {
    int caccess;
    MYSQL_RES *res;
    MYSQL_ROW row;
    caccess = atoi(argv[1]);
    if(caccess < 0 || caccess > 1000) {
        reply(getTextBot(), user, "NS_INVALID_ACCESS", caccess);
        return;
    }
    printf_mysql_query("SELECT `user_access` FROM `users` WHERE `user_user` = '%s'", escape_string(user->auth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) == NULL || atoi(row[0]) < caccess) {
        reply(getTextBot(), user, "NS_ACCESS_OUTRANKED");
        return;
    }
    if(argv[0][0] == '*') {
        //we've got an auth
        argv[0]++;
        printf_mysql_query("SELECT `user_user` FROM `users` WHERE `user_user` = '%s'", escape_string(argv[0]));
        res = mysql_use();
        if ((row = mysql_fetch_row(res)) != NULL) {
            neonserv_cmd_setaccess_async1(client, getTextBot(), user, event, argv[0], row[0], caccess);
        } else {
            //we need to create a new user...
            //but first lookup the auth to check if it really exists
            struct neonserv_cmd_setaccess_cache *cache = malloc(sizeof(*cache));
            if (!cache) {
                perror("malloc() failed");
                return;
            }
            cache->client = client;
            cache->textclient = getTextBot();
            cache->user = user;
            cache->event = event;
            cache->access = caccess;
            cache->nick = strdup(argv[0]);
            lookup_authname(argv[0], neonserv_cmd_setaccess_auth_lookup, cache);
        }
    } else {
        struct UserNode *cuser = getUserByNick(argv[0]);
        if(!cuser) {
            cuser = createTempUser(argv[0]);
            cuser->flags |= USERFLAG_ISTMPUSER;
        }
        if(cuser->flags & USERFLAG_ISAUTHED) {
            neonserv_cmd_setaccess_async1(client, getTextBot(), user, event, argv[0], cuser->auth, caccess);
        } else {
            struct neonserv_cmd_setaccess_cache *cache = malloc(sizeof(*cache));
            if (!cache) {
                perror("malloc() failed");
                return;
            }
            cache->client = client;
            cache->textclient = getTextBot();
            cache->user = user;
            cache->event = event;
            cache->access = caccess;
            cache->nick = strdup(argv[0]);
            get_userauth(cuser, neonserv_cmd_setaccess_nick_lookup, cache);
        }
    }
}

static AUTHLOOKUP_CALLBACK(neonserv_cmd_setaccess_auth_lookup) {
    struct neonserv_cmd_setaccess_cache *cache = data;
    if(!exists) {
        //AUTH_DOES_NOT_EXIST
        reply(cache->textclient, cache->user, "NS_AUTH_UNKNOWN", cache->nick);
    } else
        neonserv_cmd_setaccess_async1(cache->client, cache->textclient, cache->user, cache->event, cache->nick, auth, cache->access);
    free(cache->nick);
    free(cache);
}

static USERAUTH_CALLBACK(neonserv_cmd_setaccess_nick_lookup) {
    struct neonserv_cmd_setaccess_cache *cache = data;
    if(!user) {
        //USER_DOES_NOT_EXIST
        reply(cache->textclient, cache->user, "NS_USER_UNKNOWN", cache->nick);
    }
    else if(!(user->flags & USERFLAG_ISAUTHED)) {
        //USER_NOT_AUTHED
        reply(cache->textclient, cache->user, "NS_USER_NEED_AUTH", cache->nick);
    }
    else
        neonserv_cmd_setaccess_async1(cache->client, cache->textclient, cache->user, cache->event, user->nick, user->auth, cache->access);
    free(cache->nick);
    free(cache);
}

static void neonserv_cmd_setaccess_async1(struct ClientSocket *client, struct ClientSocket *textclient, struct UserNode *user, struct Event *event, char *nick, char *auth, int caccess) {
    //we've got a valid auth now...
    MYSQL_RES *res;
    MYSQL_ROW row;
    printf_mysql_query("SELECT `user_id`, `user_access` FROM `users` WHERE `user_user` = '%s'", escape_string(auth));
    res = mysql_use();
    if ((row = mysql_fetch_row(res)) != NULL) {
        if(atoi(row[1]) != caccess)
            printf_mysql_query("UPDATE `users` SET `user_access` = '%d' WHERE `user_id` = '%s'", caccess, row[0]);
    } else {
        printf_mysql_query("INSERT INTO `users` (`user_user`, `user_access`) VALUES ('%s', '%d')", escape_string(auth), caccess);
    }
    reply(textclient, user, "NS_SETACCESS_DONE", auth, caccess);
    logEvent(event);
}