diff --git a/PoshBot/Classes/BotConfiguration.ps1 b/PoshBot/Classes/BotConfiguration.ps1 index 3ae88732..0fa179d8 100644 --- a/PoshBot/Classes/BotConfiguration.ps1 +++ b/PoshBot/Classes/BotConfiguration.ps1 @@ -47,6 +47,10 @@ class BotConfiguration { [int]$FormatEnumerationLimitOverride = -1 + [bool]$NoPluginManagement = $false + + [bool]$NoAccessManagement = $false + [ChannelRule[]]$ChannelRules = @([ChannelRule]::new()) [ApprovalConfiguration]$ApprovalConfiguration = [ApprovalConfiguration]::new() @@ -104,6 +108,8 @@ class BotConfiguration { $bc.AddCommandReactions = $hash.AddCommandReactions $bc.DisallowDMs = $hash.DisallowDMs $bc.FormatEnumerationLimitOverride = $hash.FormatEnumerationLimitOverride + $bc.NoPluginManagement = $hash.NoPluginManagement + $bc.NoAccessManagement = $hash.NoAccessManagement $bc.ChannelRules = $hash.ChannelRules.ForEach({[ChannelRule]::Serialize($_)}) $bc.ApprovalConfiguration = [ApprovalConfiguration]::Serialize($hash.ApprovalConfiguration) $bc.MiddlewareConfiguration = [MiddlewareConfiguration]::Serialize($hash.MiddlewareConfiguration) @@ -140,6 +146,8 @@ class BotConfiguration { $bc.AddCommandReactions = $DeserializedObject.AddCommandReactions $bc.DisallowDMs = $DeserializedObject.DisallowDMs $bc.FormatEnumerationLimitOverride = $DeserializedObject.FormatEnumerationLimitOverride + $bc.NoAccessManagement = $DeserializedObject.NoAccessManagement + $bc.NoPluginManagement = $DeserializedObject.NoPluginManagement $bc.ChannelRules = $DeserializedObject.ChannelRules.Foreach({[ChannelRule]::Serialize($_)}) $bc.ApprovalConfiguration = [ApprovalConfiguration]::Serialize($DeserializedObject.ApprovalConfiguration) $bc.MiddlewareConfiguration = [MiddlewareConfiguration]::Serialize($DeserializedObject.MiddlewareConfiguration) diff --git a/PoshBot/Public/New-PoshBotConfiguration.ps1 b/PoshBot/Public/New-PoshBotConfiguration.ps1 index c387cbfd..b1655520 100644 --- a/PoshBot/Public/New-PoshBotConfiguration.ps1 +++ b/PoshBot/Public/New-PoshBotConfiguration.ps1 @@ -179,6 +179,12 @@ function New-PoshBotConfiguration { .PARAMETER PostResponseMiddlewareHooks Array of middleware scriptblocks that will run after command responses have been sent to the backend implementation. This middleware runs after all processing is complete for a command and is a good spot for additional custom logging. + .PARAMETER NoPluginManagement + Disable plugin management from PoshBot itself + This ensures only the plugins configured at load time can run + .PARAMETER NoAccessManagement + Disable access management from PoshBot itself + This ensures only the RBAC configured at load time are in place .EXAMPLE PS C:\> New-PoshBotConfiguration -Name Cherry2000 -AlternateCommandPrefixes @('Cherry', 'Sam') @@ -272,6 +278,8 @@ function New-PoshBotConfiguration { [int]$ApprovalExpireMinutes = 30, [switch]$DisallowDMs, [int]$FormatEnumerationLimitOverride = -1, + [bool]$NoPluginManagement = $false, + [bool]$NoAccessManagement = $false, [hashtable[]]$ApprovalCommandConfigurations = @(), [hashtable[]]$ChannelRules = @(), [MiddlewareHook[]]$PreReceiveMiddlewareHooks = @(), @@ -307,6 +315,8 @@ function New-PoshBotConfiguration { $config.ApprovalConfiguration.ExpireMinutes = $ApprovalExpireMinutes $config.DisallowDMs = ($DisallowDMs -eq $true) $config.FormatEnumerationLimitOverride = $FormatEnumerationLimitOverride + $config.NoPluginManagement = $NoPluginManagement + $config.NoAccessManagement = $NoAccessManagement if ($ChannelRules.Count -ge 1) { $config.ChannelRules = $null foreach ($item in $ChannelRules) { diff --git a/docker/docker_entrypoint.ps1 b/docker/docker_entrypoint.ps1 index 52de9573..02c8d422 100644 --- a/docker/docker_entrypoint.ps1 +++ b/docker/docker_entrypoint.ps1 @@ -130,6 +130,14 @@ $configurationSettings = @{ EnvVariable = 'POSHBOT_FORMAT_ENUMERATION_LIMIT' DefaultValue = -1 } + NoPluginManagement = @{ + EnvVariable = 'POSHBOT_NO_PLUGIN_MANAGEMENT' + DefaultValue = -1 + } + NoAccessManagement = @{ + EnvVariable = 'POSHBOT_NO_ACCESS_MANAGEMENT' + DefaultValue = -1 + } ConfigDir = @{ EnvVariable = 'POSHBOT_CONF_DIR' DefaultValue = "$rootDrive/poshbot_data" @@ -176,6 +184,8 @@ if (-not (Test-Path -Path $configPSD1)) { CommandHistoryMaxLogsToKeep = $runtimeSettings.CommandHistoryMaxLogsToKeep BotAdmins = $runtimeSettings.BotAdmins CommandPrefix = $runtimeSettings.CommandPrefix + NoPluginManagement = $runtimeSettings.NoPluginManagement + NoAccessManagement = $runtimeSettings.NoAccessManagement AlternateCommandPrefixes = $runtimeSettings.AlternateCommandPrefixes AlternateCommandPrefixSeperators = $runtimeSettings.AlternateCommandPrefixSeperators MuteUnknownCommand = $runTimeSettings.MuteUnknownCommand @@ -256,7 +266,8 @@ if (-not (Test-Path -Path $configPSD1)) { #$pbc.ModuleManifestsToLoad = Get-FromEnv -Name 'POSHBOT_MANIFESTS_TO_LOAD' -Default $pbc.ModuleManifestsToLoad $pbc.AlternateCommandPrefixSeperators = Get-FromEnv -Name 'POSHBOT_ALT_CMD_PREFIX_SEP' -Default $pbc.AlternateCommandPrefixSeperators $pbc.SendCommandResponseToPrivate = Get-FromEnv -Name 'POSHBOT_SEND_CMD_RESP_TO_PRIV' -Default $pbc.SendCommandResponseToPrivate - + $pbc.NoPluginManagement = Get-FromEnv -Name 'POSHBOT_NO_PLUGIN_MANAGEMENT' -Default $pbc.NoPluginManagement + $pbc.NoAccessManagement = Get-FromEnv -Name 'POSHBOT_NO_ACCESS_MANAGEMENT' -Default $pbc.NoAccessManagement $slackToken = Get-FromEnv -Name 'SLACK_TOKEN' -Default '' if (-not [string]::IsNullOrEmpty($slackToken)) { $pbc.BackendConfiguration = @{