Skip Menu |

This queue is for tickets about the Bot-BasicBot-Pluggable CPAN distribution.

Report information
The Basics
Id: 75857
Status: open
Priority: 0/
Queue: Bot-BasicBot-Pluggable

People
Owner: Nobody in particular
Requestors: omniminded1 [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Bot::BasicBot::Pluggable::Module::Loader default requires auth'd user despite docs
Date: Sun, 18 Mar 2012 10:14:14 -0500
To: bug-Bot-BasicBot-Pluggable [...] rt.cpan.org
From: Michael Alexander <omniminded1 [...] gmail.com>
__SUBJECT__ Bot::BasicBot::Pluggable::Module::Loader default requires auth'd user despite docs __BODY__ Module: Bot::BasicBot::Pluggable::Store::DBI VERSION = '0.96' Perl: perl 5, version 12, subversion 2 (v5.12.2 (*)) built for i386-openbsd with 4 registered patches Operating system: OpenBSD 4.9 GENERIC.MP#794 i386 I discovered that Bot::BasicBot::Pluggable::Module::Loader is requiring users be auth'd by default. No good unless Bot::BasicBot::Pluggable::Module::Auth is loaded with it. The documentation at Bot::BasicBot::Pluggable suggests that Bot::BasicBot::Pluggable::Module::Loader can be loaded stand alone and suggests users immediately !load Auth. It is contradictory. The culprit is on line 39 of Loader.pm: return if !$self->authed( $mess->{who} ); The fix is simply commenting out line 39: #return if !$self->authed( $mess->{who} );
Subject: Re: Correction of [rt.cpan.org #75857] Bot::BasicBot::Pluggable::Module::Loader default requires auth'd user despite docs
Date: Sat, 5 May 2012 00:44:40 -0500
To: bug-Bot-BasicBot-Pluggable [...] rt.cpan.org
From: Michael Alexander <omniminded1 [...] gmail.com>
__SUBJECT__ Re: Correction of [rt.cpan.org #75857] Bot::BasicBot::Pluggable::Module::Loader default requires auth'd user despite docs __BODY__ Module: Bot::BasicBot::Pluggable::Module::Loader VERSION = '0.96' Perl: perl 5, version 12, subversion 2 (v5.12.2 (*)) built for i386-openbsd with 4 registered patches Operating system: OpenBSD 4.9 GENERIC.MP#794 i386 This is a correction of Bug ticket #75857. Summary below is the same. This update corrects the bug fix which breaks B::BB::P::M::Loader.pm's Auth protections entirely. This correction now functions as described in the documentation. I discovered that Bot::BasicBot::Pluggable::Module::Loader is requiring users be auth'd by default. No good unless Bot::BasicBot::Pluggable::Module::Auth is loaded with it. The documentation at Bot::BasicBot::Pluggable suggests that Bot::BasicBot::Pluggable::Module::Loader can be loaded stand alone and suggests users immediately !load Auth. It is contradictory. Sorry for my delay in submitting this correction update to the ticket. Starting at line # 31 sub told { my ( $self, $mess ) = @_; my $body = $mess->{body}; # we don't care about commands that don't start with '!' return 0 unless defined $body; return 0 unless $body =~ /^!/; -return if !$self->authed( $mess->{who} ); +#return if !$self->authed( $mess->{who} ); # commented out to prevent lockout by default my ( $command, $param ) = split( /\s+/, $body, 2 ); $command = lc($command); +unless ( $command eq "!list" || $command eq "!load" && $param eq "Auth" ) { + return unless $self->authed( $mess->{who} ) +}
I'll give this one a little more thought; I don't think defaulting to allowing any unauthed user on IRC to load modules is a wise idea. Current thoughts: * ::Loader could automatically load ::Auth for you * ::Loader could bail out if ::Auth hasn't already been loaded before it with a sensible message explaining that you need ::Auth so we can tell who to trust to load modules Cheers bigpresh