I want to make a !permit command that will let the user post a link for 20 seconds and not get blocked. If they don't ask a mod to permit them, they will get timed out.
Also I was looking for add a !alwayspermit so they will always have permission to post a link.
I suck at this stuff, real bad.
here's what i have..
on *:TEXT:!permit *:#: {
if (($nick isop #chan))
{ msg # I have permitted the user $+ $2 to post a link for 20 seconds }
}
first, your bot needs to be opped on channel
if someone that is not on permit or alwayspermit list post a link they will get kicked
seconds, press alt+r click "file" then "new" in there paste this code
on $#*:text:*:#:{
if ($regex($1-,/(http\72\/\/|www\.).+\.(com|co|uk)/iS)) && ($nick !isop $chan) {
if (!$istok(%permit,$nick,32)) {
kick $nick $chan You dont have permission to post links in here
}
}
noop $regex($1-,/^!(del|alwayspermit|permit)\s(\S+)/iS) {
if ($regml(1) == alwayspermit) && ($nick isop $chan) {
if ($istok(%permit,$regml(2),32)) {
msg $chan $regml(2) is already on always permit list
}
else {
set %permit $addtok(%permit,$regml(2),32)
msg $chan $regml(2) You are now always permited to post links
}
}
if ($regml(1) == permit) && ($nick isop $chan) {
set %permit $addtok(%permit,$regml(2),32)
.timerunset 1 20 set %permit $remtok(%permit,$regml(2),1,32)
msg $chan $regml(2) You have 20 seconds to post a link in here
}
if ($regml(1) == del) && ($nick isop $chan) {
if ($istok(%permit,$regml(2),32)) {
set %permit $remtok(%permit,$regml(2),1,32)
msg $chan $regml(2) erased suceffully from always permit list
}
else {
msg $chan $regml(2) is not on always permit list
}
}
}
}
commands:
!permit nick
will add a permitted nick for 20 seconds
!alwayspermit nick
will add a permitted nick permanent
!del nick
will delete a nick from permitted list
Related
I have my Radius working with AD + Google OTP working fine. What I am trying to accomplish now is to specify user-to-client-to-ADgroup in a policy and/or unlang within the post-auth.
How it works today:
client performs request
Radius sends first half of the password to AD
Radius sends the second half of the password to Google OTP
If both come back good, then auth is successful
Post-auth does some checking if user is memberof ADgroup -> assign
class -> accept
OR if not part of ADgroup -> reject
The part I need assistance with is I have over 30 sites with equipment in each one. We distinguish our users based on per site access. E.g. NetworkAdmin01 is allowed to access site01 but not site02.
So the only way I can think of doing this:
Each site has it's own virtual server (VS)
Each client has the "virtual server" attribute set
Within each VS there is post-auth unlang like:
if (LDAP-Group == "NetworkAdmins_site01") {
[do something] (update control, update reply, etc..)
else
reject
This setup would require me to have 30+ VS running on the Radius and is not manageable.
If I was able to run this within a few VS (separated based on equipment vendor)Want within the post-auth to grant/assign based on;
if (%{client:shortname} =~ /regex/) #grab the portion of the variable between "." (site01)
if (LDAP-Group =~ /regex/) # grab the portion of the variable after last "_" (site01)
if (%{0} == %{1}) {
if (LDAP-Group == NetworkAdmins_site01) {
update reply {
Juniper-Local-User-Name := "admins_group"
}
}
else {
update control {
Auth-type := "Reject"
}
}
}
}
}
So after a lot of looking around, it appears that runtime dynamic variables are the biggest limitation to building any type of policies/rules.
so I went a different direction. I have basically matched the NAS-IP-Address to the IP subnet/site I expect the request to come from.
So this is placed into the Post-Auth section of each VS. Not the most manageable way when you have 30+ sites but, best I could find at this point (without running 30+ VS).
# SITE01 site
if (&NAS-IP-Address < 10.1.0.0/16) {
if (LDAP-Group == "Radius_NetworkAdmins_SITE01") {
update reply {
Juniper-Local-User-Name := "ad-super-users"
}
}
elsif (LDAP-Group == "Radius_NetworkAdminsRO_SITE01") {
update reply {
Juniper-Local-User-Name := "ad-readonly-users"
}
}
}
# SITE02 site
if (&NAS-IP-Address < 10.2.0.0/16) {
if (LDAP-Group == "Radius_NetworkAdmins_SITE02") {
update reply {
Juniper-Local-User-Name := "ad-super-users"
}
}
elsif (LDAP-Group == "SG_Uni_Radius_NetworkAdminsRO_SITE02") {
update reply {
Juniper-Local-User-Name := "ad-readonly-users"
}
}
}
else {
update reply {
Reply-Message := "Not authorized to access this system"
}
update control {
Auth-Type := "Reject"
}
}
#
Post-Auth-Type REJECT {
-sql
attr_filter.access_reject
eap
remove_reply_message_if_eap
}
}
Post-Auth-Type Challenge {
}
#
pre-proxy {
}
#
post-proxy {
eap
}
I am very new to Groovy and this is an old application where the author is no longer with our organization. None of the previous questions that look similar offered any help. The application needs to send a simple message to the user to warn they are missing an entry before they con continue on.
I have made no fewer than 20 changes from flash.message to confirm. Flash causes the application to jump all the way to the user login function. This confirm is giving a crash message: Error 500: Executing action [submitrequest] of controller [SdrmController] caused exception: Runtime error executing action
def submitrequest = {
def testChecker
testChecker = [params.fullExpName].flatten().findAll { it != null }
log.info('testChecker.size = ' + testChecker.size)
if (testChecker.size > 0) {
if (!confirm('Submitting can not be undone, are you sure?')) return
} else {
if (!confirm('You have to pick an expedition. Please return to your Request and pick at least one expedition.')) return
} else {
return
}
}
// rest of long time working code here
}
Expected Result is a simple message to screen tell the user to pick an "Expedition" from a list and then the code returns to the same point so the user can make the change then hit the submit again.
Then full message:
No signature of method: SdrmController.confirm() is applicable for argument types: (java.lang.String) values: [You have to pick an expedition. Please return to your Request and pick at least one expedition.] Possible solutions: notify(), render(java.lang.String)
-- flash.message worked for our situation.
`legChecker = [params.programLeg].flatten().findAll{it!=null}
if(requestInstance.futurePast == "future" && expChecker.size<1) {
flash.message = " you must select a future expedition "
render(view: 'stepstart', model: [....])
return
}`
in process maker I assign some tasks usedStart Custom Task action to some users,
I want to know that is there any way to roll back to previous tasks in such a workflow,
for example if one of users (user1) reject task by mistake and workflow create another task
for next user (user2), is it possible to roll back workflow to previous step and assign task
to user1 again?
I'll be appreciated if anyone could help me.
should delete record from end list of sub_application and app_delegation until record required
with this code i can restore case from anywhere to anywhere
foreach($GLOBALS['gridHistory'] as $cuurentTask)
{
$cuurentTask["PRO_UID"] =$dbHandle->Convertnumber2english(trim($cuurentTask["PRO_UID"]));
$cuurentTask["TAS_UID"] =$dbHandle->Convertnumber2english(trim($cuurentTask["TAS_UID"]));
$cuurentTask["DEL_INDEX"]=$dbHandle->Convertnumber2english(trim($cuurentTask["DEL_INDEX"]));
if($cuurentTask["PRO_UID"]!==$to_PRO_UID || $cuurentTask["TAS_UID"]!==$to_TAS_UID || $cuurentTask["DEL_INDEX"]!==$to_DEL_INDEX)
{
$task_type=task_type($cuurentTask["TAS_UID"],$cuurentTask["PRO_UID"]);
$inPath=checkForExistInPath($to_APP_UID,$cuurentTask["APP_UID"],$to_DEL_INDEX,$cuurentTask["DEL_INDEX"]);
if($task_type=="NORMAL" && $inPath )
{
if(rollbackAppDelegate($cuurentTask["APP_UID"],$cuurentTask["DEL_INDEX"])!=1)
die('خطا در بازگرداندن کار نرمال '.$cuurentTask["APP_UID"]);
}
else if($task_type=="SUBPROCESS" && $inPath)
{
$sub_application=$baseClass->query("select APP_UID from sub_application where app_parent='".$cuurentTask["APP_UID"]."' and DEL_INDEX_PARENT='".$cuurentTask["DEL_INDEX"]."'");
if(deleteSubProcess($sub_application[0]["APP_UID"])!=1)
die('خطا در حذف زیر فرآیند'.$sub_application[0]["APP_UID"]);
if(rollbackAppDelegate($cuurentTask["APP_UID"],$cuurentTask["DEL_INDEX"])!=1)
die('خطا در بازگرداندن کار موازی'.$cuurentTask["APP_UID"]);
}
else
echo 'امکان انتقال وجود ندارد.';
}
else
{
if($APP_CUR_USER=$baseClass->query("select USR_UID from app_delegation where app_delegation.APP_UID='{$cuurentTask['APP_UID']}' order by DEL_INDEX desc LIMIT 1"))
if($baseClass->query("update app_delegation set DEL_THREAD_STATUS='OPEN' , DEL_FINISH_DATE=null where app_delegation.APP_UID='{$cuurentTask['APP_UID']}' and app_delegation.DEL_INDEX='{$cuurentTask["DEL_INDEX"]}';"))
if($baseClass->query("update application set APP_STATUS='TO_DO' , APP_FINISH_DATE=null,APP_CUR_USER='{$APP_CUR_USER[0]["USR_UID"]}' where application.APP_UID='{$cuurentTask['APP_UID']}';"))
{
echo 'true';
break;
}
else
echo 'false';
}
}
I want to be able to detect if the currently authenticated user is subscribed to a specific YouTube channel in the YouTube API v3.
A possible solution would be to retrieve a list of all the subscriptions of the currently authenticated user and check if the channel ID of the channel is contained in that list. That would would be a very inefficient solution and could take a very long time if the user has hundreds of subscriptions.
Is there any easy method to check this? I looked through the entire API documentation and I couldn't find anything.
Use the subscriptions#list method and pass mine = true and the channel ID you want to check in forChannelId. If the authenticated user is not subscribed to that channel, it will return an empty list.
checkSubscribe (params) {
var request =
gapi.client.youtube.subscriptions.list(removeEmptyParams(params));
request.execute((response) => {
console.log(response);
if (response.code !== 401 && response.code !== 400 && response.items[0] ) {
console.log('response');
console.log(response);
}
});
}
removeEmptyParams(params)[![enter image description here][1]][1]{
for (const pra in params) {
if (!params[pra] || params[pra] === 'undefined') {
delete params[pra];
}
}
return params;
}
checkSubscribe(
{part: 'snippet, contentDetails', mine: true},
{'forChannelId':'PUT-YOUR-CHANEL--ID','onBehalfOfContentOwner': ''}
);
I am trying to write a condition that will check for a specific parameter and the user credentials. If the user does not have one of two credentials and passes the correct parameter, they will get forwarded to a secure login screen.
This is what I did have that worked:
if ($request->getParameter('profile_type') == 'foo' && !$this->getUser()->isAdmin()) {
return $this->redirect('sfGuardAuth/secure');
}
But I have added a new user group so I need something like this:
if ($request->getParameter('profile_type') == 'foo' && (!$this->getUser()->isAdmin() || !$this->getUser()->isFaculty()) {
return $this->redirect('sfGuardAuth/secure');
}
So if you are not admin OR faculty, you get the redirect.
Is this a syntax or logic issue?
UPDATE
This is working, but it seems wrong logically
if (($request->getParameter('profile_type') == 'foo') && (!$this->getUser()->isAdmin() && !$this->getUser()->isFaculty())) {
return $this->redirect('sfGuardAuth/secure');
}
(!$this->getUser()->isAdmin() || !$this->getUser()->isFaculty())
should be
!($this->getUser()->isAdmin() || $this->getUser()->isFaculty())
Update, with more explanation: you want to redirect the user if both isAdmin and isFaculty return false, and not redirect if either is yes.
If both are false:
!(false || false) == !false == true => redirect
!(true || false) == !true == false => no redirect
Just to answer the question, this is what I got to work:
if (($request->getParameter('profile_type') == 'foo') && (!$this->getUser()->isAdmin() && !$this->getUser()->isFaculty())) {
return $this->redirect('sfGuardAuth/secure');
}
I am not sure how the OR/AND operator is working to get the desired result, but it works, so that is an ok compromise.