RubyGems - butler - Versions diffs - 1.8.0 - Mend

butler 1.8.0

Files changed (164) hide show

data/CHANGELOG +4 -0
data/GPL.txt +340 -0
data/LICENSE.txt +52 -0
data/README +37 -0
data/Rakefile +334 -0
data/bin/botcontrol +230 -0
data/data/butler/config_template.yaml +4 -0
data/data/butler/dialogs/backup.rb +19 -0
data/data/butler/dialogs/botcontrol.rb +4 -0
data/data/butler/dialogs/config.rb +1 -0
data/data/butler/dialogs/create.rb +53 -0
data/data/butler/dialogs/delete.rb +3 -0
data/data/butler/dialogs/en/backup.yaml +6 -0
data/data/butler/dialogs/en/botcontrol.yaml +5 -0
data/data/butler/dialogs/en/create.yaml +11 -0
data/data/butler/dialogs/en/delete.yaml +2 -0
data/data/butler/dialogs/en/help.yaml +17 -0
data/data/butler/dialogs/en/info.yaml +13 -0
data/data/butler/dialogs/en/list.yaml +4 -0
data/data/butler/dialogs/en/notyetimplemented.yaml +2 -0
data/data/butler/dialogs/en/rename.yaml +3 -0
data/data/butler/dialogs/en/start.yaml +3 -0
data/data/butler/dialogs/en/sync_plugins.yaml +3 -0
data/data/butler/dialogs/en/uninstall.yaml +5 -0
data/data/butler/dialogs/en/unknown_command.yaml +2 -0
data/data/butler/dialogs/help.rb +11 -0
data/data/butler/dialogs/info.rb +27 -0
data/data/butler/dialogs/interactive.rb +1 -0
data/data/butler/dialogs/list.rb +10 -0
data/data/butler/dialogs/notyetimplemented.rb +1 -0
data/data/butler/dialogs/rename.rb +4 -0
data/data/butler/dialogs/selectbot.rb +2 -0
data/data/butler/dialogs/start.rb +5 -0
data/data/butler/dialogs/sync_plugins.rb +30 -0
data/data/butler/dialogs/uninstall.rb +17 -0
data/data/butler/dialogs/unknown_command.rb +1 -0
data/data/butler/plugins/core/logout.rb +41 -0
data/data/butler/plugins/core/plugins.rb +134 -0
data/data/butler/plugins/core/privilege.rb +103 -0
data/data/butler/plugins/core/user.rb +166 -0
data/data/butler/plugins/dev/eval.rb +64 -0
data/data/butler/plugins/dev/nometa.rb +14 -0
data/data/butler/plugins/dev/onhandlers.rb +93 -0
data/data/butler/plugins/dev/raw.rb +36 -0
data/data/butler/plugins/dev/rawlog.rb +77 -0
data/data/butler/plugins/games/eightball.rb +54 -0
data/data/butler/plugins/games/mastermind.rb +174 -0
data/data/butler/plugins/irc/action.rb +36 -0
data/data/butler/plugins/irc/join.rb +38 -0
data/data/butler/plugins/irc/notice.rb +36 -0
data/data/butler/plugins/irc/part.rb +38 -0
data/data/butler/plugins/irc/privmsg.rb +36 -0
data/data/butler/plugins/irc/quit.rb +36 -0
data/data/butler/plugins/operator/deop.rb +41 -0
data/data/butler/plugins/operator/devoice.rb +41 -0
data/data/butler/plugins/operator/limit.rb +47 -0
data/data/butler/plugins/operator/op.rb +41 -0
data/data/butler/plugins/operator/voice.rb +41 -0
data/data/butler/plugins/public/help.rb +69 -0
data/data/butler/plugins/public/login.rb +72 -0
data/data/butler/plugins/public/usage.rb +49 -0
data/data/butler/plugins/service/clones.rb +56 -0
data/data/butler/plugins/service/define.rb +47 -0
data/data/butler/plugins/service/log.rb +183 -0
data/data/butler/plugins/service/svn.rb +91 -0
data/data/butler/plugins/util/cycle.rb +98 -0
data/data/butler/plugins/util/load.rb +41 -0
data/data/butler/plugins/util/pong.rb +29 -0
data/data/butler/strings/random/acknowledge.en.yaml +5 -0
data/data/butler/strings/random/gratitude.en.yaml +3 -0
data/data/butler/strings/random/hello.en.yaml +4 -0
data/data/butler/strings/random/ignorance.en.yaml +7 -0
data/data/butler/strings/random/ignorance_about.en.yaml +3 -0
data/data/butler/strings/random/insult.en.yaml +3 -0
data/data/butler/strings/random/rejection.en.yaml +12 -0
data/data/man/botcontrol.1 +17 -0
data/lib/access.rb +187 -0
data/lib/access/admin.rb +16 -0
data/lib/access/privilege.rb +122 -0
data/lib/access/role.rb +102 -0
data/lib/access/savable.rb +18 -0
data/lib/access/user.rb +180 -0
data/lib/access/yamlbase.rb +126 -0
data/lib/butler.rb +188 -0
data/lib/butler/bot.rb +247 -0
data/lib/butler/control.rb +93 -0
data/lib/butler/dialog.rb +64 -0
data/lib/butler/initialvalues.rb +40 -0
data/lib/butler/irc/channel.rb +135 -0
data/lib/butler/irc/channels.rb +96 -0
data/lib/butler/irc/client.rb +351 -0
data/lib/butler/irc/hostmask.rb +53 -0
data/lib/butler/irc/message.rb +184 -0
data/lib/butler/irc/parser.rb +125 -0
data/lib/butler/irc/parser/commands.rb +83 -0
data/lib/butler/irc/parser/generic.rb +343 -0
data/lib/butler/irc/socket.rb +378 -0
data/lib/butler/irc/string.rb +186 -0
data/lib/butler/irc/topic.rb +15 -0
data/lib/butler/irc/user.rb +265 -0
data/lib/butler/irc/users.rb +112 -0
data/lib/butler/plugin.rb +249 -0
data/lib/butler/plugin/configproxy.rb +35 -0
data/lib/butler/plugin/mapper.rb +85 -0
data/lib/butler/plugin/matcher.rb +55 -0
data/lib/butler/plugin/onhandlers.rb +70 -0
data/lib/butler/plugin/trigger.rb +58 -0
data/lib/butler/plugins.rb +147 -0
data/lib/butler/version.rb +17 -0
data/lib/cloptions.rb +217 -0
data/lib/cloptions/adapters.rb +24 -0
data/lib/cloptions/switch.rb +132 -0
data/lib/configuration.rb +223 -0
data/lib/dialogline.rb +296 -0
data/lib/dialogline/localizations.rb +24 -0
data/lib/durations.rb +57 -0
data/lib/event.rb +295 -0
data/lib/event/at.rb +64 -0
data/lib/event/every.rb +56 -0
data/lib/event/timed.rb +112 -0
data/lib/installer.rb +75 -0
data/lib/iterator.rb +34 -0
data/lib/log.rb +68 -0
data/lib/log/comfort.rb +85 -0
data/lib/log/converter.rb +23 -0
data/lib/log/entry.rb +152 -0
data/lib/log/fakeio.rb +55 -0
data/lib/log/file.rb +54 -0
data/lib/log/filereader.rb +81 -0
data/lib/log/forward.rb +49 -0
data/lib/log/methods.rb +39 -0
data/lib/log/nolog.rb +18 -0
data/lib/log/splitter.rb +26 -0
data/lib/ostructfixed.rb +26 -0
data/lib/ruby/array/columnize.rb +38 -0
data/lib/ruby/dir/mktree.rb +28 -0
data/lib/ruby/enumerable/join.rb +13 -0
data/lib/ruby/exception/detailed.rb +24 -0
data/lib/ruby/file/append.rb +11 -0
data/lib/ruby/file/write.rb +11 -0
data/lib/ruby/hash/zip.rb +15 -0
data/lib/ruby/kernel/bench.rb +15 -0
data/lib/ruby/kernel/daemonize.rb +42 -0
data/lib/ruby/kernel/non_verbose.rb +17 -0
data/lib/ruby/kernel/safe_fork.rb +18 -0
data/lib/ruby/range/stepped.rb +11 -0
data/lib/ruby/string/arguments.rb +72 -0
data/lib/ruby/string/chunks.rb +15 -0
data/lib/ruby/string/post_arguments.rb +44 -0
data/lib/ruby/string/unescaped.rb +17 -0
data/lib/scheduler.rb +164 -0
data/lib/scriptfile.rb +101 -0
data/lib/templater.rb +86 -0
data/test/cloptions.rb +134 -0
data/test/cv.rb +28 -0
data/test/irc/client.rb +85 -0
data/test/irc/client_login.txt +53 -0
data/test/irc/client_subscribe.txt +8 -0
data/test/irc/message.rb +30 -0
data/test/irc/messages.txt +64 -0
data/test/irc/parser.rb +13 -0
data/test/irc/profile_parser.rb +12 -0
data/test/irc/users.rb +28 -0
metadata +256 -0

data/data/butler/plugins/util/cycle.rb ADDED

@@ -0,0 +1,98 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+extend OnHandlers
+configuration(
+	"channels" => {}
+)
+trigger "cycle"
+def on_part(listener, user, channel)
+	if (
+		user != butler.myself &&                      # don't trigger if butler itself parts
+		channel.length == 1 &&                        # trigger only if butler is the last remaining
+		plugin.config["channels"][channel.to_str] &&  # trigger only if butler is configured to cycle this channel
+		!@butler.myself.op?(channel.to_str)           # trigger only if butler isn't op already
+	) then
+		@butler.irc.part("Cycling", channel)
+		@butler.irc.join(channel)
+	end
+end
+def on_trigger
+	case arguments(1)
+		when nil
+			usage
+		when _(:list)
+			answer(:cycling, :channels => plugin.config["channels"].keys)
+		when _(:on)
+			channels, invalid = @message.arguments[2..-1].partition { |channel|
+				channel.valid_channelname?
+			}
+			chanhash = plugin.config["channels"]
+			channels.each { |channel| chanhash[channel] = true }
+			plugin.config["channels"] = plugin.config["channels"].merge(chanhash)
+			answer(:invalid, :channels => invalid) unless invalid.empty?
+			answer(:activated, :channels => channels) unless channels.empty?
+		when _(:off)
+			channels, unlisted = @message.arguments[2..-1].partition { |channel|
+				plugin.config["channels"][channel]
+			}
+			chanhash = plugin.config["channels"]
+			channels.each { |channel| chanhash.delete(channel) }
+			plugin.config["channels"] = plugin.config["channels"].merge(chanhash)
+			answer(:unlisted, :channels => unlisted) unless unlisted.empty?
+			answer(:deactivated, :channels => channels) unless channels.empty?
+	end
+end
+__END__
+---
+:revision:
+  :configuration: 1
+:summary:
+  en: |
+    Cycling lets butler part a channel and rejoin to gain op.
+:about:
+  :mail: "apeiros@gmx.net"
+  :version: "1.0.0"
+  :author: "Stefan Rusterholz"
+:strings:
+  :on:
+    en: "on"
+  :off:
+    en: "off"
+  :list:
+    en: "list"
+  :cycling:
+    en: |
+      Currently cycling in <% if channels.empty? then %>no channel<% else %><%= channels.join(', ') %><% end %>.
+  :activated:
+    en: |
+      Activated cycling for <%= channels.join(', ') %>.
+  :deactivated:
+    en: |
+      Deactivated cycling for <%= channels.join(', ') %>.
+  :invalid:
+    en: |
+      Couldn't activate cycling for <%= channels.join(', ') %>. Didn't recognize them as valid channel-names.
+  :unlisted:
+    en: |
+      The channels <%= channels.join(', ') %> weren't listed for cycling.
+:usage:
+  en: |
+    ![b]cycle![o] ('list' | ('on' | 'off') ![c(green)]channel![o] ...)
+:help:
+  en:
+    "": |
+      Use 'on' to activate cycling in a channel, 'off' to deactivate and 'list'
+      to list channels currently being cycled.

data/data/butler/plugins/util/load.rb ADDED

@@ -0,0 +1,41 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+trigger "load"
+def on_trigger
+	ps_out = `ps -o vsz,rss,%cpu,%mem -p #{Process.pid}`
+	vsz, rss, cpu, pmem = ps_out.scan(/\d+(?:\.\d+)?/).map { |e| e.to_f }
+	virtual, real = (vsz-rss).div(1024), rss.div(1024)
+	answer(:memusage, :real => real, :virtual => virtual, :cpu => cpu, :pmem => pmem)
+rescue Exception => e
+	answer(:failure, :exception => e)
+end
+__END__
+---
+:revision:
+  :plugin: 1
+:summary:
+  en: Displays the memory and CPU load butler produces
+:about:
+  :mail: "apeiros@gmx.net"
+  :version: "1.0.0"
+  :author: "Stefan Rusterholz"
+:usage:
+  en: "![b]load![o]"
+:strings:
+  :memusage:
+    en: |
+      Usage: <%= real %>MB, <%= virtual %>MB (real/virtual), <%= cpu %>% CPU, <%= pmem %>% Memory.
+  :failure:
+    en: |
+      Failed with exception <%= exception %>.
+:help:
+  en:
+    "": Just type

data/data/butler/plugins/util/pong.rb ADDED

@@ -0,0 +1,29 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+trigger "ping"
+def on_trigger
+	message.answer("pong")
+end
+__END__
+---
+:revision:
+  :plugin: 1
+:summary:
+  en: The ever popular ping-pong
+:about:
+  :mail: "apeiros@gmx.net"
+  :version: "1.0.0"
+  :author: "Stefan Rusterholz"
+:usage:
+  en: "![b]ping![o]"
+:help:
+  en:
+    "": If you're looking for a purpose - look elsewhere...

data/data/butler/strings/random/acknowledge.en.yaml ADDED

@@ -0,0 +1,5 @@
+---
+- "Ok"
+- "Will do so %s"
+- "Aye sir"
+- "Done as asked"

data/data/butler/strings/random/gratitude.en.yaml ADDED

@@ -0,0 +1,3 @@
+---
+- "Thank you very much"
+- "Thank you %s"

data/data/butler/strings/random/hello.en.yaml ADDED

@@ -0,0 +1,4 @@
+---
+- "hi %s"
+- "heyo %s"

data/data/butler/strings/random/ignorance.en.yaml ADDED

@@ -0,0 +1,7 @@
+---
+- "\x001ACTION shruggs\x001"
+- "dunno"
+- "no idea"
+- "no clue"
+- "... eh?"
+- "Don't ask me."

data/data/butler/strings/random/ignorance_about.en.yaml ADDED

@@ -0,0 +1,3 @@
+---
+- "I don't know about %s"
+- "What is %s?"

data/data/butler/strings/random/insult.en.yaml ADDED

@@ -0,0 +1,3 @@
+---
+- "%s: wanker!"
+- "%s, you're so stupid you can't find your ass with both hands"

data/data/butler/strings/random/rejection.en.yaml ADDED

@@ -0,0 +1,12 @@
+---
+- "Nope"
+- "Sorry, I won't do that"
+- "That won't work"
+- "And how could that be done?"
+- "No Sir"
+- "No way I'd do that"
+- "Aw come on, why should I do that?"
+- "Never, read me, NEVER!"
+- "Dude, what the heck makes you think that's my job?"
+- "Go, bother someone else with that boring task."
+- "Naaa, I don't want to."

data/data/man/botcontrol.1 ADDED

@@ -0,0 +1,17 @@
+.TH botcontrol 1 "October 2007" "" "User Manuals"
+.SH NAME
+botcontrol - control app for butler, the IRC-bot with class
+.SH SYNOPSIS
+.B botcontrol
+(create|start|stop|delete) botname
+.SH DESCRIPTION
+.B botcontrol
+controls instances of butler, an IRC-bot. It allows you to create, configure, start, stop and delete them.
+.SH OPTIONS
+.SH FILES
+.SH DIAGNOSTICS
+.SH BUGS
+Interactive mode is not yet implemented.
+.SH AUTHOR
+Stefan Rusterholz <apeiros@gmx.net>
+.SH SEE ALSO

data/lib/access.rb ADDED

@@ -0,0 +1,187 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+require 'digest/md5'
+require 'access/yamlbase'
+require 'access/user'
+require 'access/role'
+require 'access/privilege'
+class Access
+	# =Description
+	# Provides methods to create a user or authenticate
+	# an existing.
+	# Also is the bridge between Access::User and Access::Role.
+	# Access::User's should be tied to Access::Framework.
+	#
+	# =Synopsis
+	#   access = Access.new(
+	#     Access::YAMLBase.new(Access::User::Base,      "./access/user"),
+	#     Access::YAMLBase.new(Access::Role::Base,      "./access/role"),
+	#     Access::YAMLBase.new(Access::Privilege::Base, "./access/privilege")
+	#   )
+	#   %w(news news/create news/edit news/delete).each { |privilege|
+	#     access.privilege.create(privilege, "...description...")
+	#   }
+	#   { 'newseditor' => %w(news), 'proofreader' => %w(news/edit) }.each { |role, privileges|
+	#     access.role.create(role, "...description...", privileges)
+	#   }
+	#   testuser = access.user.create("test", "pass")
+	#   testuser.activate # inactive users may neither login nor are authorized for anything
+	#   testuser.roles.add('proofreader')
+	#   testuser.privileges.add('news/delete')
+	#   testuser.privileged?('news/edit')   # => true
+	#   testuser.privileged?('news/create') # => false
+	#   testuser.authorized?('news/edit')   # => false # not logged in
+	#   testuser.authorized?('news/create') # => false
+	#   user = access.login?('test', 'pass')
+	#   user.privileged?('news/edit')   # => true
+	#   user.privileged?('news/create') # => false
+	#   user.authorized?('news/edit')   # => true  # only users created via Access#login are authorized
+	#   user.authorized?('news/create') # => false
+	#
+	attr_reader   :user
+	attr_reader   :role
+	attr_reader   :privilege
+	attr_accessor :default_user
+	def initialize(user, role, privilege)
+		@user      = user
+		@role      = role
+		@privilege = privilege
+		[@user, @role, @privilege].each { |base|
+			base.access = self
+		}
+	end
+	def [](user_id)
+		@user[user_id]
+	end
+	# returns an Access::User if credentials have been correct.
+	def login(user_id, credentials)
+		return nil unless user = @user[user_id]
+		return nil unless correct_credentials?(user.credentials, credentials, user_id)
+		user.login
+		user
+	end
+	# Validate non-encrypted credentials against stored encrypted credentials
+	def correct_credentials?(stored, credentials, user_id)
+		return hash_credentials(credentials, user_id) == stored
+	end
+	# One-way encrypt the credentials. Currently MD5 is used
+	def hash_credentials(credentials, user_id)
+		Digest::MD5.hexdigest(credentials+user_id.downcase).upcase
+	end
+end
+if __FILE__ == $0 then
+	require 'fileutils'
+	require 'test/unit'
+	class TestAccess < Test::Unit::TestCase
+		TestDir = "test_access"
+		def setup
+			#raise "#{TestDir} already exists, aborting test" if File.exist?(TestDir)
+			_teardown if File.exist?(TestDir)
+			Dir.mkdir(TestDir)
+			Dir.mkdir("#{TestDir}/user")
+			Dir.mkdir("#{TestDir}/role")
+			Dir.mkdir("#{TestDir}/privilege")
+		end
+		def _teardown
+			FileUtils.rm_r(TestDir)
+		end
+		def test_all
+			access = Access.new(
+				Access::YAMLBase.new(Access::User::Base,      "#{TestDir}/user"),
+				Access::YAMLBase.new(Access::Role::Base,      "#{TestDir}/role"),
+				Access::YAMLBase.new(Access::Privilege::Base, "#{TestDir}/privilege")
+				#:channel => Access::YAMLBase.new("#{TestDir}/channel", Access::Location)
+			)
+			assert(!access.user.exists?("test"))
+			access.user.create("test", "pass")
+			assert(access.user.exists?("test"))
+			%w(news news/read news/create news/edit news/delete banners banners/statistics
+			statistics statistics/web statistics/ftp paid_content).each { |priv|
+				assert(!access.privilege.exists?(priv))
+				access.privilege.create(priv, "test-privilege #{priv}")
+				assert(access.privilege.exists?(priv))
+			}
+			access.role.create("editor", "testrole description", %w(news/create news/edit statistics))
+			access.role.create("chiefeditor", "testrole description 2", %w(news), %w(editor))
+			user = access.login("test", "pass")
+			assert(user)
+			assert(user.logged?)
+			assert(!user.active?)
+			assert(user.inactive?)
+			user.active = true
+			assert(user.active?)
+			assert(!user.inactive?)
+			user = access.user["test", true]
+			assert(user)
+			assert(user.active?)
+			assert(!user.inactive?)
+			assert(!user.logged?)
+			assert(!user.privileged?("foo"))
+			assert(!user.privileged?("foo/bar"))
+			assert(!user.privileged?("foo/baz"))
+			assert(!user.privileged?("bar"))
+			assert(!user.privileged?("bar/foo"))
+			assert(!user.privileged?("baz"))
+			assert(!user.authorized?("foo"))
+			assert(!user.authorized?("foo/bar"))
+			assert(!user.authorized?("foo/baz"))
+			assert(!user.authorized?("bar"))
+			assert(!user.authorized?("bar/foo"))
+			assert(!user.authorized?("baz"))
+			user.privileges.add(%w(banners statistics/web paid_content))
+			assert(user.privileged?("banners"))
+			assert(user.privileged?("banners/statistics"))
+			assert(user.privileged?("statistics/web"))
+			assert(!user.privileged?("statistics"))
+			assert(user.privileged?("bar/foo"))
+			assert(user.privileged?("baz"))
+			assert(!user.authorized?("foo"))
+			assert(!user.authorized?("foo/bar"))
+			assert(!user.authorized?("foo/baz"))
+			assert(!user.authorized?("bar"))
+			assert(!user.authorized?("bar/foo"))
+			assert(!user.authorized?("baz"))
+			user = access.login("test", "pass")
+			assert(user.privileged?("foo"))
+			assert(user.privileged?("foo/bar"))
+			assert(user.privileged?("foo/baz"))
+			assert(!user.privileged?("bar"))
+			assert(user.privileged?("bar/foo"))
+			assert(user.privileged?("baz"))
+			assert(user.authorized?("foo"))
+			assert(user.authorized?("foo/bar"))
+			assert(user.authorized?("foo/baz"))
+			assert(!user.authorized?("bar"))
+			assert(user.authorized?("bar/foo"))
+			assert(user.authorized?("baz"))
+		end
+	end
+end

data/lib/access/admin.rb ADDED

@@ -0,0 +1,16 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+class Access
+	module Admin
+		# admins have all privileges
+		def privileged?(*args)
+			true
+		end
+	end
+end

data/lib/access/privilege.rb ADDED

@@ -0,0 +1,122 @@
+#--
+# Copyright 2007 by Stefan Rusterholz.
+# All rights reserved.
+# See LICENSE.txt for permissions.
+#++
+require 'access'
+require 'access/savable'
+class Access
+	class Privilege
+		include Savable
+		module Base
+			# Create a new Privilege
+			def create(privilege, description=nil)
+				raise "Privilege #{privilege} already exists" if exists?(privilege)
+				privilege        = Privilege.new(privilege, description)
+				privilege.access = access
+				privilege.base   = self
+				add(privilege)
+				privilege
+			end
+			# Restore an Access::Privilege from it's storable data
+			def load(*args) # :nodoc:
+				return nil unless data = super
+				privilege        = new(*data.values_at(:id, :description))
+				privilege.access = access
+				privilege.base   = self
+				privilege
+			end
+		end
+		attr_reader :id
+		attr_reader :description
+		def initialize(privilege, description=nil)
+			@id          = privilege
+			@description = description || "No description"
+		end
+		def storable
+			{
+				:id          => @id,
+				:description => @description,
+			}
+		end
+		def eql?(other)
+			self.class == other.class && @id.eql?(other.id)
+		end
+		def hash
+			@id.hash
+		end
+	end
+	class Privileges
+		include Enumerable
+		def initialize(owner, privileges=nil)
+			@owner      = owner
+			@privileges = Hash.new { |h,k| h[k] = [] }.merge(privileges || {})
+		end
+		def storable
+			@privileges
+		end
+		def allow?(privilege, condition=nil)
+			walk(privilege) { |priv|
+				@privileges.has_key?(priv)
+			}
+		end
+		def add(privilege)
+			case privilege
+				when Array: privilege.each { |priv| @privileges[priv] = nil }
+				when Hash:  privilege.each { |priv, cond| @privileges[priv] << cond }
+				else        @privileges[privilege] = nil
+			end
+			@owner.save
+		end
+		def delete(privilege)
+			case privilege
+				when Array
+					privilege.each { |priv| @privileges.delete(priv) }
+				when Hash
+					privilege.each { |priv, cond|
+						@privileges[priv].delete(cond)
+						@privileges.delete(priv) if @privileges[priv].empty?
+					}
+				else
+					@privileges.delete(priv)
+			end
+			@owner.save
+		end
+		def list
+			@privileges
+		end
+		def each(&block)
+			@privileges.each(&block)
+		end
+		def walk(priv)
+			until priv.empty?
+				return true if yield(priv)
+				priv = priv.gsub(%r{(?:/|^)[^/]*$}, '')
+			end
+			return true if yield("")
+			false
+		end
+	end
+end