Review Listeners validating user Roles #57

Open
opened 2024-04-02 21:01:02 -04:00 by modulatingforce · 2 comments

image

I believe I wanted the roles validation primarily for commands . I think I also wanted it to validate anything coming from routines or listeners to ensure the user has appropriately roles to send between channels.

However, I didn't intend for this to validate at listener level

I need to flesh this out a bit though on what would be recommended

![image](/attachments/4be8b719-84dd-4e9d-b1a2-90ecfefd4db3) I believe I wanted the roles validation primarily for commands . I _think_ I also wanted it to validate anything coming from routines or listeners to ensure the user has appropriately roles to send between channels. However, I didn't intend for this to validate at listener level I need to flesh this out a bit though on what would be recommended
modulatingforce self-assigned this 2024-04-02 21:01:02 -04:00
Author
Owner

When I think about it , I think the following may be best in terms of Listener , but would apply to all BotAction :

  • If a Chat message is sent to the Source Channel , Chat.say() should Allow the Send to go without Additional User Access Validation
    • BotCommand is already user access permissible at that channel level before the BotCommand is ran, so this check would be redundant when checking against Source Channel
  • Otherwise (e.g., in scenarios where is it not sent to the Source Channel), validate that user first before sending the message

The change would probably be made somewhere after this point

[x] !! => 03.24 - Would be nice if around here , validate the user has at least some special roles in target channel

Here in Chat.botmsg() specifically it can be Source channel can be checked (ofc, whatever needs to unwrap the Source channel needs to be done first)

https://git.flake.sh/modulatingforce/forcebot_rs/src/branch/main/src/core/chat.rs#L254-L257

	            if !(user_roles.contains(&identity::UserRole::Mod(Channel(channel_login.clone()))) 
            || user_roles.contains(&identity::UserRole::SupMod(Channel(channel_login.clone()))) 
            || user_roles.contains(&identity::UserRole::Broadcaster)
            || user_roles.contains(&identity::UserRole::VIP(Channel(channel_login.clone())))
When I think about it , I think the following may be best in terms of `Listener` , but would apply to all `BotAction` : - If a `Chat` message is sent to the Source Channel , `Chat.say()` should Allow the Send to go without Additional User Access Validation - `BotCommand` is already user access permissible at that channel level before the `BotCommand` is ran, so this check would be redundant when checking against Source Channel - Otherwise (e.g., in scenarios where is it not sent to the Source Channel), validate that user first before sending the message --- The change would probably be made somewhere after this point https://git.flake.sh/modulatingforce/forcebot_rs/src/commit/d7634663fe32dceebde14c1569449127fec3203e/src/core/chat.rs#L210 Here in `Chat.botmsg()` specifically it can be Source channel can be checked (ofc, whatever needs to unwrap the Source channel needs to be done first) https://git.flake.sh/modulatingforce/forcebot_rs/src/branch/main/src/core/chat.rs#L254-L257 ```rust if !(user_roles.contains(&identity::UserRole::Mod(Channel(channel_login.clone()))) || user_roles.contains(&identity::UserRole::SupMod(Channel(channel_login.clone()))) || user_roles.contains(&identity::UserRole::Broadcaster) || user_roles.contains(&identity::UserRole::VIP(Channel(channel_login.clone()))) ```
modulatingforce added this to the Forcebot Prototype 1.0 Push project 2024-04-03 09:15:35 -04:00
modulatingforce added
Phase 2.0
Design > Research & Analysis
and removed
Phase 1.0
Requirements > Drafting
labels 2024-04-03 09:16:01 -04:00
modulatingforce added
Complexity
Basic
and removed
Complexity
Intermediate
labels 2024-04-03 09:39:37 -04:00
Author
Owner
  • #todo - need to correct this comment

// If the BotMsg a Say/SayInReplyTo (from Developer or Chatter) , and the Sender does not have Specific Roles in the Source Channel Sent

	                        // If the BotMsg a Say/SayInReplyTo (from Developer or Chatter) , and the Sender does not have Specific Roles in the Source Channel Sent

to

	                        // If the BotMsg a Say/SayInReplyTo (from Developer or Chatter) , and the Sender does not have Specific Roles in the Target Channel 
- [ ] #todo - need to correct this comment https://git.flake.sh/modulatingforce/forcebot_rs/src/commit/d7634663fe32dceebde14c1569449127fec3203e/src/core/chat.rs#L270 ```rust // If the BotMsg a Say/SayInReplyTo (from Developer or Chatter) , and the Sender does not have Specific Roles in the Source Channel Sent ``` to ```rust // If the BotMsg a Say/SayInReplyTo (from Developer or Chatter) , and the Sender does not have Specific Roles in the Target Channel ```
Sign in to join this conversation.
No milestone
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: modulatingforce/forcebot_rs#57
No description provided.