qsethuk/tg_loader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add source

Browse Source
This commit is contained in:
qsethuk
2025-12-04 00:12:56 +03:00
parent b75875df5e
commit 0cb7045e7a
75 changed files with 9055 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bot/modules/access_control/__init__.py Normal file
View File

@@ -0,0 +1,4 @@
"""
Access control module
"""

98
bot/modules/access_control/auth.py Normal file
View File

@@ -0,0 +1,98 @@
"""
User authorization
"""
from typing import Optional
from bot.config import settings
from bot.modules.database.session import AsyncSessionLocal
from bot.modules.database.models import User
import logging
logger = logging.getLogger(__name__)
async def is_authorized(user_id: int) -> bool:
"""
Check user authorization
Args:
user_id: User ID
Returns:
True if user is authorized, False otherwise
"""
# Check blacklist
if user_id in settings.blocked_users_list:
return False
# Check in database
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if user and user.is_blocked:
return False
# If private mode is enabled, check only whitelist
if settings.PRIVATE_MODE:
# Check in configuration
if user_id in settings.authorized_users_list:
return True
# Check in database (users added via /adduser)
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if user and not user.is_blocked:
return True
# In private mode, access only for authorized users
return False
# If private mode is disabled
# Check whitelist (if configured)
if settings.authorized_users_list:
return user_id in settings.authorized_users_list
# If whitelist is not configured, check in database
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
# If user exists in database and is not blocked - allow access
if user and not user.is_blocked:
return True
# By default - deny access
return False
async def is_admin(user_id: int) -> bool:
"""
Check if user is administrator
Args:
user_id: User ID
Returns:
True if administrator, False otherwise
"""
# Check in configuration
if user_id in settings.admin_ids_list:
return True
# Check in database
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if user and user.is_admin:
return True
return False
async def is_owner(user_id: int) -> bool:
"""
Check if user is owner
Args:
user_id: User ID
Returns:
True if owner, False otherwise
"""
return user_id == settings.OWNER_ID

49
bot/modules/access_control/middleware.py Normal file
View File

@@ -0,0 +1,49 @@
"""
Access control middleware
"""
from pyrogram import Client
from pyrogram.handlers import MessageHandler, CallbackQueryHandler
from bot.modules.access_control.auth import is_authorized
import logging
logger = logging.getLogger(__name__)
async def access_middleware(client: Client, update, *args, **kwargs):
"""
Middleware for checking bot access
Args:
client: Pyrogram client
update: Telegram update
"""
user_id = None
if hasattr(update, 'from_user') and update.from_user:
user_id = update.from_user.id
elif hasattr(update, 'message') and update.message and update.message.from_user:
user_id = update.message.from_user.id
if not user_id:
return False
# Check authorization
if not await is_authorized(user_id):
logger.warning(f"Unauthorized user access attempt: {user_id}")
if hasattr(update, 'message') and update.message:
await update.message.reply("❌ You don't have access to this bot")
return False
return True
def setup_middleware(app: Client):
"""
Setup middleware for application
Args:
app: Pyrogram client
"""
# Middleware will be applied via decorators in handlers
logger.info("Access control middleware configured")

55
bot/modules/access_control/permissions.py Normal file
View File

@@ -0,0 +1,55 @@
"""
Access permissions system
"""
from enum import Enum
from typing import Callable, Awaitable
from pyrogram import Client
from pyrogram.types import Message, CallbackQuery
from bot.modules.access_control.auth import is_authorized, is_admin, is_owner
import logging
logger = logging.getLogger(__name__)
class Permission(Enum):
"""Access permission types"""
USER = "user" # Regular user
ADMIN = "admin" # Administrator
OWNER = "owner" # Owner
def require_permission(permission: Permission):
"""
Decorator for checking access permissions
Args:
permission: Required access level
"""
def decorator(func: Callable):
async def wrapper(client: Client, message: Message, *args, **kwargs):
user_id = message.from_user.id if message.from_user else None
if not user_id:
await message.reply("❌ Failed to identify user")
return
# Check authorization
if not await is_authorized(user_id):
await message.reply("❌ You don't have access to this bot")
return
# Check permissions
if permission == Permission.OWNER:
if not await is_owner(user_id):
await message.reply("❌ This command is only available to owner")
return
elif permission == Permission.ADMIN:
if not await is_admin(user_id):
await message.reply("❌ This command is only available to administrators")
return
return await func(client, message, *args, **kwargs)
return wrapper
return decorator

249
bot/modules/access_control/user_manager.py Normal file
View File

@@ -0,0 +1,249 @@
"""
User and administrator management
"""
from datetime import datetime
from typing import Tuple
from bot.modules.database.session import AsyncSessionLocal
from bot.modules.database.models import User
from bot.modules.access_control.auth import is_admin, is_owner
import logging
logger = logging.getLogger(__name__)
async def add_user(user_id: int, username: str = None, first_name: str = None, last_name: str = None) -> Tuple[bool, str]:
"""
Add user
Args:
user_id: User ID
username: Username (if not specified, will be fetched from Telegram API)
first_name: First name (if not specified, will be fetched from Telegram API)
last_name: Last name (if not specified, will be fetched from Telegram API)
Returns:
Tuple of (success: bool, message: str)
"""
try:
async with AsyncSessionLocal() as session:
# Check existence
existing_user = await session.get(User, user_id)
if existing_user:
# Update user information if missing
updated = False
if not existing_user.username and username:
existing_user.username = username
updated = True
if not existing_user.first_name and first_name:
existing_user.first_name = first_name
updated = True
if not existing_user.last_name and last_name:
existing_user.last_name = last_name
updated = True
# If information is missing, try to get from Telegram API
if not existing_user.username or not existing_user.first_name:
try:
from bot.utils.user_info_updater import update_user_info_from_telegram
if await update_user_info_from_telegram(user_id, db_session=session):
updated = True
except Exception as e:
logger.debug(f"Failed to get user {user_id} information from Telegram: {e}")
if updated:
await session.commit()
logger.info(f"User {user_id} information updated")
return (True, f"Пользователь {user_id} уже существует, информация обновлена")
return (False, f"Пользователь {user_id} уже существует")
# If username/first_name/last_name not specified, get from Telegram API
if not username or not first_name:
try:
from bot.utils.telegram_user import get_user_info
user_info = await get_user_info(user_id)
if user_info:
if not username:
username = user_info.get('username')
if not first_name:
first_name = user_info.get('first_name')
if not last_name:
last_name = user_info.get('last_name')
except Exception as e:
logger.debug(f"Failed to get user {user_id} information from Telegram: {e}")
# Create new user
user = User(
user_id=user_id,
username=username,
first_name=first_name,
last_name=last_name,
is_admin=False,
is_blocked=False
)
session.add(user)
await session.commit()
logger.info(f"User {user_id} added (username: {username})")
return (True, f"Пользователь {user_id} успешно добавлен")
except Exception as e:
logger.error(f"Error adding user: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")
async def remove_user(user_id: int) -> Tuple[bool, str]:
"""
Remove user
Args:
user_id: User ID
Returns:
Tuple of (success: bool, message: str)
"""
try:
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if not user:
return (False, f"Пользователь {user_id} не найден в базе данных")
await session.delete(user)
await session.commit()
logger.info(f"User {user_id} removed")
return (True, f"Пользователь {user_id} успешно удален")
except Exception as e:
logger.error(f"Error removing user: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")
async def block_user(user_id: int) -> Tuple[bool, str]:
"""
Block user
Args:
user_id: User ID
Returns:
Tuple of (success: bool, message: str)
"""
try:
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if not user:
return (False, f"Пользователь {user_id} не найден в базе данных")
if user.is_blocked:
return (False, f"Пользователь {user_id} уже заблокирован")
user.is_blocked = True
user.updated_at = datetime.utcnow()
await session.commit()
logger.info(f"User {user_id} blocked")
return (True, f"Пользователь {user_id} успешно заблокирован")
except Exception as e:
logger.error(f"Error blocking user: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")
async def unblock_user(user_id: int) -> Tuple[bool, str]:
"""
Unblock user
Args:
user_id: User ID
Returns:
Tuple of (success: bool, message: str)
"""
try:
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if not user:
return (False, f"Пользователь {user_id} не найден в базе данных")
if not user.is_blocked:
return (False, f"Пользователь {user_id} не заблокирован")
user.is_blocked = False
user.updated_at = datetime.utcnow()
await session.commit()
logger.info(f"User {user_id} unblocked")
return (True, f"Пользователь {user_id} успешно разблокирован")
except Exception as e:
logger.error(f"Error unblocking user: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")
async def add_admin(user_id: int, requester_id: int) -> Tuple[bool, str]:
"""
Assign administrator
Args:
user_id: User ID to assign as admin
requester_id: ID of user making the request
Returns:
Tuple of (success: bool, message: str)
"""
# Check permissions
if not await is_admin(requester_id):
return (False, "У вас нет прав администратора")
try:
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if not user:
# Create user if doesn't exist
user = User(user_id=user_id, is_admin=True)
session.add(user)
await session.commit()
logger.info(f"User {user_id} created and assigned as administrator")
return (True, f"Пользователь {user_id} создан и назначен администратором")
else:
if user.is_admin:
return (False, f"Пользователь {user_id} уже является администратором")
user.is_admin = True
user.updated_at = datetime.utcnow()
await session.commit()
logger.info(f"User {user_id} assigned as administrator")
return (True, f"Пользователь {user_id} успешно назначен администратором")
except Exception as e:
logger.error(f"Error assigning administrator: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")
async def remove_admin(user_id: int, requester_id: int) -> Tuple[bool, str]:
"""
Remove administrator privileges
Args:
user_id: User ID to remove admin privileges from
requester_id: ID of user making the request
Returns:
Tuple of (success: bool, message: str)
"""
# Check permissions
if not await is_admin(requester_id):
return (False, "У вас нет прав администратора")
# Protection against self-removal
if user_id == requester_id:
return (False, "Вы не можете снять права администратора у самого себя")
try:
async with AsyncSessionLocal() as session:
user = await session.get(User, user_id)
if not user:
return (False, f"Пользователь {user_id} не найден в базе данных")
if not user.is_admin:
return (False, f"Пользователь {user_id} не является администратором")
user.is_admin = False
user.updated_at = datetime.utcnow()
await session.commit()
logger.info(f"Administrator privileges removed from user {user_id}")
return (True, f"Права администратора успешно сняты у пользователя {user_id}")
except Exception as e:
logger.error(f"Error removing administrator privileges: {e}", exc_info=True)
return (False, f"Ошибка базы данных: {str(e)}")