Access control lists are based on command but can't discriminate based on arguments supplied to a command. This patch adds denyargs and allowargs lists that are evaluated by globbing, in the same way usernames and rooms are evaluated.
To provide an example of how argument ACLs work, here is a configuration that limits the echo command to ACL_BOT_USER in the #test_channel supplying the arguments hello or hi*:
Carlos 18:35
!echo hello
myerrbot APP 18:35
hello
Carlos 18:36
!echo hi everyone
myerrbot APP 18:36
hi everyone
Carlos 18:36
!echo goodbye
myerrbot APP 18:36
You're not allowed to access this command using the provided arguments
The configuration has been implemented to be non disruptive for existing bot configurations. Security rules will be applied as before until a bot administrator explicitly adds the needed configuration for argument parsing.
Access control lists are based on command but can't discriminate based on arguments supplied to a command. This patch adds
denyargs
andallowargs
lists that are evaluated by globbing, in the same way usernames and rooms are evaluated.To provide an example of how argument ACLs work, here is a configuration that limits the
echo
command toACL_BOT_USER
in the#test_channel
supplying the argumentshello
orhi*
:This results in the following behaviour:
The configuration has been implemented to be non disruptive for existing bot configurations. Security rules will be applied as before until a bot administrator explicitly adds the needed configuration for argument parsing.