--- /dev/null
+
+#include "cmd_neonserv.h"
+
+/*
+* argv[0] - nick / *auth
+* argv[1] - global access
+*/
+static AUTHLOOKUP_CALLBACK(neonserv_cmd_setaccess_auth_lookup);
+static USERAUTH_CALLBACK(neonserv_cmd_setaccess_nick_lookup);
+static void neonserv_cmd_setaccess_async1(struct ClientSocket *client, struct ClientSocket *textclient, struct UserNode *user, struct Event *event, char *nick, char *auth, int access);
+
+struct neonserv_cmd_setaccess_cache {
+ struct ClientSocket *client, *textclient;
+ struct UserNode *user;
+ struct Event *event;
+ int access;
+ char *nick;
+};
+
+CMD_BIND(neonserv_cmd_setaccess) {
+ int caccess;
+ MYSQL_RES *res;
+ MYSQL_ROW row;
+ caccess = atoi(argv[1]);
+ if(caccess < 0 || caccess > 1000) {
+ reply(getTextBot(), user, "NS_INVALID_ACCESS", caccess);
+ return;
+ }
+ printf_mysql_query("SELECT `user_access` FROM `users` WHERE `user_user` = '%s'", escape_string(user->auth));
+ res = mysql_use();
+ if ((row = mysql_fetch_row(res)) == NULL || atoi(row[0]) < caccess) {
+ reply(getTextBot(), user, "NS_ACCESS_OUTRANKED");
+ return;
+ }
+ if(argv[0][0] == '*') {
+ //we've got an auth
+ argv[0]++;
+ printf_mysql_query("SELECT `user_user` FROM `users` WHERE `user_user` = '%s'", escape_string(argv[0]));
+ res = mysql_use();
+ if ((row = mysql_fetch_row(res)) != NULL) {
+ neonserv_cmd_setaccess_async1(client, getTextBot(), user, event, argv[0], row[0], caccess);
+ } else {
+ //we need to create a new user...
+ //but first lookup the auth to check if it really exists
+ struct neonserv_cmd_setaccess_cache *cache = malloc(sizeof(*cache));
+ if (!cache) {
+ perror("malloc() failed");
+ return;
+ }
+ cache->client = client;
+ cache->textclient = getTextBot();
+ cache->user = user;
+ cache->event = event;
+ cache->access = caccess;
+ cache->nick = strdup(argv[0]);
+ lookup_authname(argv[0], neonserv_cmd_setaccess_auth_lookup, cache);
+ }
+ } else {
+ struct UserNode *cuser = getUserByNick(argv[0]);
+ if(!cuser) {
+ cuser = createTempUser(argv[0]);
+ cuser->flags |= USERFLAG_ISTMPUSER;
+ }
+ if(cuser->flags & USERFLAG_ISAUTHED) {
+ neonserv_cmd_setaccess_async1(client, getTextBot(), user, event, argv[0], cuser->auth, caccess);
+ } else {
+ struct neonserv_cmd_setaccess_cache *cache = malloc(sizeof(*cache));
+ if (!cache) {
+ perror("malloc() failed");
+ return;
+ }
+ cache->client = client;
+ cache->textclient = getTextBot();
+ cache->user = user;
+ cache->event = event;
+ cache->access = caccess;
+ cache->nick = strdup(argv[0]);
+ get_userauth(cuser, neonserv_cmd_setaccess_nick_lookup, cache);
+ }
+ }
+}
+
+static AUTHLOOKUP_CALLBACK(neonserv_cmd_setaccess_auth_lookup) {
+ struct neonserv_cmd_setaccess_cache *cache = data;
+ if(!exists) {
+ //AUTH_DOES_NOT_EXIST
+ reply(cache->textclient, cache->user, "NS_AUTH_UNKNOWN", cache->nick);
+ } else
+ neonserv_cmd_setaccess_async1(cache->client, cache->textclient, cache->user, cache->event, cache->nick, auth, cache->access);
+ free(cache->nick);
+ free(cache);
+}
+
+static USERAUTH_CALLBACK(neonserv_cmd_setaccess_nick_lookup) {
+ struct neonserv_cmd_setaccess_cache *cache = data;
+ if(!user) {
+ //USER_DOES_NOT_EXIST
+ reply(cache->textclient, cache->user, "NS_USER_UNKNOWN", cache->nick);
+ }
+ else if(!(user->flags & USERFLAG_ISAUTHED)) {
+ //USER_NOT_AUTHED
+ reply(cache->textclient, cache->user, "NS_USER_NEED_AUTH", cache->nick);
+ }
+ else
+ neonserv_cmd_setaccess_async1(cache->client, cache->textclient, cache->user, cache->event, user->nick, user->auth, cache->access);
+ free(cache->nick);
+ free(cache);
+}
+
+static void neonserv_cmd_setaccess_async1(struct ClientSocket *client, struct ClientSocket *textclient, struct UserNode *user, struct Event *event, char *nick, char *auth, int caccess) {
+ //we've got a valid auth now...
+ MYSQL_RES *res;
+ MYSQL_ROW row;
+ printf_mysql_query("SELECT `user_id`, `user_access` FROM `users` WHERE `user_user` = '%s'", escape_string(auth));
+ res = mysql_use();
+ if ((row = mysql_fetch_row(res)) != NULL) {
+ if(atoi(row[1]) != caccess)
+ printf_mysql_query("UPDATE `users` SET `user_access` = '%d' WHERE `user_id` = '%s'", caccess, row[0]);
+ } else {
+ printf_mysql_query("INSERT INTO `users` (`user_user`, `user_access`) VALUES ('%s', '%d')", escape_string(auth), caccess);
+ }
+ reply(textclient, user, "NS_SETACCESS_DONE", auth, caccess);
+ logEvent(event);
+}