Rejig auth module for Slack

The hubot-auth module doesn't work very well in combination with
hubot-slack, mainly because of

  slackapi/hubot-slack#326

We don't make extensive use of hubot-auth roles, so replace them with a
thin wrapper over the user profile data provided by Slack so that we can
distinguish between admins/non-admins and staff/guests.

Author: nickstenning

external-scripts.json

@@ -1,5 +1,4 @@
 [
-  "hubot-auth",
   "hubot-redis-brain",
   "hubot-tell"
 ]

package.json

@@ -23,7 +23,6 @@
   "dependencies": {
     "geocoder": "^0.2.2",
     "hubot": "^2.19.0",
-    "hubot-auth": "^2.0.0",
     "hubot-help": "^0.1.1",
     "hubot-redis-brain": "0.0.2",
     "hubot-slack": "^4.2.2",

scripts/auth.js

@@ -0,0 +1,21 @@
+// Description:
+//   Provide easy access to Slack user info.
+//
+// Author:
+//   Nick Stenning
+
+'use strict';
+
+class Auth {
+    isAdmin(user) {
+        return user.is_admin
+    }
+
+    isStaff(user) {
+        return !(user.is_restricted || user.is_ultra_restricted)
+    }
+}
+
+module.exports = function (robot) {
+    robot.auth = new Auth();
+};

scripts/github.js

@@ -1,9 +1,6 @@
 // Description:
 //   Fetch titles and links to GitHub issues
 //
-// Configuration:
-//   HUBOT_GITHUB_ADMIN_ROLE - Who can edit GitHub data
-//
 // Commands:
 //   repo#nr - Get title and link to this issue
 //   hubot add repo <name> - Add repo to stored repository list
@@ -12,10 +9,6 @@
 //   hubot compare <repo> <compare> - Get GitHub compare link
 //
 
-var config = {
-    adminRole: process.env.HUBOT_GITHUB_ADMIN_ROLE || 'staff'
-};
-
 var VALID_REPO_NAME = /^[^\s\/]+\/[^\s\/]+$/;
 
 
@@ -141,9 +134,8 @@ var getRepos = function (brain) {
 module.exports = function (robot) {
     robot.respond(/add repo ([^\s]+)$/i, function (msg) {
         var repo = msg.match[1].toLowerCase();
-        if (!robot.auth.hasRole(msg.envelope.user, config.adminRole)) {
-            msg.send("You need the " + config.adminRole + " role to do that! " +
-                     "Ask an admin.");
+        if (!robot.auth.isStaff(msg.message.user)) {
+            msg.send("You need to be a staff member to do that, sorry!");
             return;
         }
         if (!validRepoName(repo)) {
@@ -163,9 +155,8 @@ module.exports = function (robot) {
 
     robot.respond(/remove repo ([^\s]+)$/i, function (msg) {
         var repo = msg.match[1];
-        if (!robot.auth.hasRole(msg.envelope.user, config.adminRole)) {
-            msg.send("You need the " + config.adminRole + " role to do that! " +
-                     "Ask an admin.");
+        if (!robot.auth.isStaff(msg.message.user)) {
+            msg.send("You need to be a staff member to do that, sorry!");
             return;
         }
         var repos = getRepos(robot.brain),