A hubot script for access control list.
See src/acl.coffee for full documentation.
See http://qiita.com/tily/items/71fff32e928ae9caf070 for Japanese README.
In hubot project repo, run:
npm install hubot-acl --save
Then add hubot-acl to your external-scripts.json:
["hubot-acl"]Catch acl event to define your ACL in your hubot script.
module.exports = (robot)->
robot.on 'acl', (order, allow, deny)->
# your acl settingsACL can be defined in apache.conf-like style.
robot.on 'acl', (order, allow, deny)->
order deny, allow
deny text: /.*/
allow id: [1], text: /.*/
allow id: [2], text: /^jenkins/
allow id: [3], text: /^jenkins (list|last|describe)/- all users are not allowed to execute all commands by default
- user (id=1) is allowed to execute all commands
- user (id=2) is allowed to execute commands which begin with
jenkins - user (id=3) is allowed to execute
jenkinsread only commands (list, last, desribe)
robot.on 'acl', (order, allow, deny)->
order allow, deny
allow text: /.*/
deny name: ['bay4k', 'manny'], text: /^jenkins/
deny name: ['sticky'], text: /^jenkins (b|build)/- all users are allowed to execute all commands by default
- user (whose name is
bay4kormanny) are not allowed to execute commands which begin withjenkins - user (whose name is
sticky) is not allowed to executejenkinsbuild commands (b, build)
robot.on 'acl', (order, allow, deny)->
order deny, allow
deny text: /.*/
allow role: ['admin'], text: /.*/
allow role: ['jenkins'], text: /^jenkins/
allow role: ['jenkins-readonly'], text: /^jenkins (list|last|describe)/Hubot> Hubot jenkins build hoge
bes: Error: you are not allowed to execute that command