https://github.com/infinitybotlist/kittycat

Kittycat Permission system for IBL
https://github.com/infinitybotlist/kittycat

Last synced: about 1 year ago
JSON representation

Kittycat Permission system for IBL

• Host: GitHub
• URL: https://github.com/infinitybotlist/kittycat
• Owner: InfinityBotList
• Created: 2023-12-19T03:55:28.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2025-01-11T20:32:25.000Z (over 1 year ago)
• Last Synced: 2025-03-24T18:04:27.036Z (about 1 year ago)
• Language: C
• Homepage:
• Size: 271 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Structure

A permission is defined as the following structure

`namespace.permission`

If a user has the \* permission, they will have all permissions in that namespace

If namespace is global then only the permission is checked. E.g. global.view allows using the view permission in all namespaces

If a permission has no namespace, it will be assumed to be global

If a permission has ~ in the beginning of its namespace, it is a negator permission that removes that specific permission from the user

Negators work to negate a specific permission _excluding the global._ permission* (for now, until this gets a bit more refined to not need a global.* special case)

Anything past the . may be ignored or indexed at the discretion of the implementation and is _undefined behaviour_

# Permission Overrides

Permission overrides are a special case of permissions that are used to override permissions for a specific user.

They use the same structure and follow the same rules as a normal permission, but are stored separately from the normal permissions.

# Special Cases

- Special case: If a \* element exists for a smaller index, then the negator must be ignored. E.g. manager has ~rpc.PremiumAdd but head_manager has no such negator

# Clearing Permissions

In some cases, it may desired to start from a fresh slate of permissions. To do this, add a '@clear' permission to the namespace. All permissions after this on that namespace will be cleared

# Permission Management

A permission can be added/managed by a user to a position if the following applies:

- The user must _have_ the permission themselves. If the permission is a negator, then the user must have the 'base' permission (permission without the negator operator)

- If the permission is `*`, then the user has no negators in that namespace that the target perm set would not also have

Note on point 2: this means that if a user is trying to add/remove `rpc.*` but also has `~rpc.test`, then they cannot add `rpc.*` unless the target user also has `~rpc.test`

## Supported Languages

- rust

- go

- typescript

- python

- C (WIP, does not work yet)