lita-cmd 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: caf9a05b2c736236f6360721cdcd988e831116b2
-  data.tar.gz: 143dfdb31f5d047bfeb8067a83b1596ff5d306cb
+  metadata.gz: 7a968328007af50c23e968ebc0725c7ded9a459f
+  data.tar.gz: bbe96e910dba404a8cf56dc8408c3dd91f95720b
 SHA512:
-  metadata.gz: a231064871a2954b82d4ad7238fa3b81618557260158e1e37054e2b963560c65b92307a3bef63203e89a87429ce8abe827f61e34ac7ffca83c3bab6fdfaabf5e
-  data.tar.gz: 73c2f14739c6b312b88dc22688754e1d7ae64ac72edfdeaf3f2b74e87fd901935650ebb3a2658953b5a912e107453e392bf277a5ffb967b17856234b3daebac4
+  metadata.gz: fc83dc3bc068f71f27fd03ceefc6e539bb8b640e9b320c8c1b27120d277c8394d4abdd6eed65cbe0616654a669844f5711c6043339fb457fd2b29114d249f814
+  data.tar.gz: d2b1635a2e104d115a553db8bf994160cec4bbc6879f6a8d95b48683c4649f602c554440e452eaf17b3067c9dcf1a2585fac0d80b427aa1eaab27310ff46a6b8

data/README.md

@@ -19,8 +19,6 @@ Lita.configure do |config|
 end
 ```
 
-Also, make sure that you are a member of the `devops` Lita Auth group. This requirement will change soon. See Roadmap below.
-
 ## Usage
 
 - `cmd-help`
@@ -31,6 +29,7 @@ Also, make sure that you are a member of the `devops` Lita Auth group. This requ
 >- dfinninger: `lita cmd-help`
 - lita:
 ```
+devops/secret
 hello
 name
 ```
@@ -50,13 +49,51 @@ Your name is: ... well, idk, man...
 Your name is: Devon
 ```
 
+### Group Control
+
+You can now control what groups have access to your Lita scripts!
+
+In your `scripts` dir make some more that match the name of your groups. Only users that are a part of those groups can see/execute those scripts.
+
+#### Example
+
+- scripts dir:
+  - Basic directory setup
+
+```
+scripts/
+  |- devops/
+  |   `- secret
+  |- hello
+  `- name
+```
+
+- `lita cmd-help`
+  - Help text will show you scripts that you have access to with a prefix
+
+```
+devops/secret
+hello
+name
+```
+
+- `lita cmd devops/secret`
+  - Execute the command. Prefix required!
+
+```
+[stdout] I'm a secret!
+```
+
+A non-priviledged user will only see scripts without the prefix.
+
 ## Notes
 
 - Make sure that your files are executable
   - (`chmod +x FILE`)
-- Make sure that you've included the correct shebang
+- Make sure that you've included the correct sha-bang
   - `#!/bin/bash`, `#!/usr/bin/env ruby`, etc...
 
 ## Roadmap
 
-- [ ] Include support for directory-based access control
+- [x] Include support for directory-based access control
+- [ ] Help text for individual commands

data/lib/lita/handlers/cmd.rb

@@ -6,34 +6,42 @@ module Lita
 
       config :scripts_dir
 
+      ### CMD-HELP ##############################################
+
       route(/^\s*cmd-help\s*$/, :cmd_help, command: true, help: {
         "cmd-help" => "get a list of scripts available for execution"
       })
 
-      def cmd_help(resp)
-        out = Array.new
-
-        Dir.chdir(config.scripts_dir)
-        Dir.glob('*').each { |d| out << d }
+      route(/^\s*test\s*/) do |resp|
+        auth = Lita::Robot.new.auth
+        resp.reply "true" if auth.groups_with_users[:devops].include? resp.user
+      end
 
-        list = out.sort.join("\n")
+      def cmd_help(resp)
+        list = get_script_list(resp, config)
 
-        resp.reply code_blockify(list)
+        out = list.sort.join("\n")
+        resp.reply_privately code_blockify(out)
       end
 
+      ### CMD ###################################################
+
       route(/^\s*cmd\s+(\S*)\s*(.*)$/, :cmd, command: true, help: {
         "cmd SCRIPT" => "run the SCRIPT specified; use `lita cmd help` for a list"
       })
 
       def cmd(resp)
-        dir = config.scripts_dir
         script = resp.matches[0][0]
         opts = resp.matches[0][1].split(" ")
-        Dir.chdir('/tmp')
+
+        unless user_is_authorized(script, resp, config)
+          resp.reply_privately "Unauthorized to run '#{script}'!"
+          return
+        end
 
         out = String.new
         err = String.new
-        Open3.popen3("#{dir}/#{script}", *opts) do |i, o, e, wait_thread|
+        Open3.popen3("#{config.scripts_dir}/#{script}", *opts) do |i, o, e, wait_thread|
           o.each { |line| out << "[stdout] #{line}" }
           e.each { |line| err << "[stderr] #{line}" }
         end
@@ -55,10 +63,38 @@ module Lita
         end
       end
 
+      ### HELPERS ############################################
+
+      private
       def code_blockify(text)
-        "```\n" + text + "\n```"
+        "```\n#{text}\n```"
       end
 
+      def get_script_list(resp, config)
+        bot = Lita::Robot.new
+        auth = bot.auth
+
+        list = Dir.entries(config.scripts_dir).select { |f| File.file? "#{config.scripts_dir}/#{f}" }
+
+        groups = auth.groups_with_users.select { |group, user_list| user_list.include? resp.user }
+        groups.keys.each do |group|
+          begin
+            sublist = Dir.entries("#{config.scripts_dir}/#{group}").select do |f|
+              File.file? "#{config.scripts_dir}/#{group}/#{f}"
+            end
+          rescue SystemCallError => e
+            log.warn "#{group} is not a directory.\n#{e}"
+          end
+          list.concat sublist.map { |x| "#{group}/#{x}" } if sublist
+        end
+
+        list
+      end
+
+      def user_is_authorized(script, resp, config)
+        list = get_script_list(resp, config)
+        list.include? script
+      end
     end
 
     Lita.register_handler(Cmd)

data/lita-cmd.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "lita-cmd"
-  spec.version       = "0.1.0"
+  spec.version       = "0.2.0"
   spec.authors       = ["Devon Finninger"]
   spec.email         = ["devon.finninger@peopleadmin.com"]
   spec.description   = "Run commands from Lita"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lita-cmd
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Devon Finninger
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-28 00:00:00.000000000 Z
+date: 2015-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: lita