コード例 #1
0
ファイル: SecurityController.cs プロジェクト: EBassie/Potato
        /// <summary>
        /// Sets a permission on the current group, provided the groupName parameter matches this group.
        /// </summary>
        /// <param name="command"></param>
        /// <param name="parameters"></param>
        /// <returns></returns>
        public ICommandResult SecurityGroupSetPermission(ICommand command, Dictionary<String, ICommandParameter> parameters) {
            ICommandResult result = null;

            String groupName = parameters["groupName"].First<String>();
            String permissionName = parameters["permissionName"].First<String>();
            int authority = parameters["authority"].First<int>();

            if (this.DispatchPermissionsCheck(command, command.Name).Success == true) {
                // If it's the users group AND (the permission to set permissions OR the permission is to authenticate) AND they are changing the permission to nothing
                bool willResultInSystemLockout = this.DispatchGroupCheck(command, groupName).Success == true && (permissionName == CommandType.SecurityGroupSetPermission.ToString() || permissionName == CommandType.SecurityAccountAuthenticate.ToString()) && authority <= 0;

                if (willResultInSystemLockout == false) {
                    GroupModel group = this.Groups.FirstOrDefault(g => g.Name == groupName);

                    if (group != null) {
                        // Fetch or create the permission. Should always exist in our config, even if it is null.
                        // This also allows for new permissions to be added to CommandName in the future
                        // without breaking old configs.
                        PermissionModel permission = group.Permissions.FirstOrDefault(perm => perm.Name == permissionName);

                        if (permission == null) {
                            permission = new PermissionModel() {
                                Name = permissionName,
                                Authority = authority
                            };

                            group.Permissions.Add(permission);
                        }
                        else {
                            permission.Authority = authority;
                        }

                        result = new CommandResult() {
                            Success = true,
                            CommandResultType = CommandResultType.Success,
                            Message = String.Format(@"Permission ""{0}"" set to {1}.", permission.Name, permission.Authority),
                            Scope = new CommandData() {
                                Groups = new List<GroupModel>() {
                                    group
                                }
                            },
                            Now = new CommandData() {
                                Permissions = new List<PermissionModel>() {
                                    permission
                                }
                            }
                        };

                        if (this.Shared.Events != null) {
                            this.Shared.Events.Log(GenericEvent.ConvertToGenericEvent(result, GenericEventType.SecurityGroupPermissionAuthorityChanged));
                        }
                    }
                    else {
                        result = new CommandResult() {
                            Message = String.Format(@"Group with name ""{0}"" does not exists.", groupName),
                            Success = false,
                            CommandResultType = CommandResultType.DoesNotExists
                        };
                    }
                }
                else {
                    result = new CommandResult() {
                        Message = String.Format(@"You cannot lock your group out of the system."),
                        Success = false,
                        CommandResultType = CommandResultType.InvalidParameter
                    };
                }
            }
            else {
                result = CommandResult.InsufficientPermissions;
            }

            return result;
        }
コード例 #2
0
ファイル: GroupModel.cs プロジェクト: EBassie/Potato
        /// <summary>
        /// Initializes the group with default values.
        /// </summary>
        public GroupModel() : base() {
            this.Name = String.Empty;
            this.Accounts = new List<AccountModel>();
            this.Permissions = new List<PermissionModel>();

            // Setup the default permissions.
            foreach (CommandType name in Enum.GetValues(typeof(CommandType)).Cast<CommandType>().Where(name => name != CommandType.None)) {
                var permission = new PermissionModel() {
                    CommandType = name,
                    // All of the CommandType are boolean.
                    Traits = {
                        PermissionTraitsType.Boolean
                    }
                };

                var attributes = typeof(CommandType).GetMember(name.ToString()).First().GetCustomAttributes(typeof(DescriptionAttribute), false);

                if (attributes.Length > 0) {
                    permission.Description = attributes.Cast<DescriptionAttribute>().First().Description;
                }

                this.Permissions.Add(permission);
            }

            // List of permissions that are not simple boolean (they take into account the level of Authority)
            var authorityConstrainedActions = new List<String>() {
                "NetworkPlayerMove",
                "NetworkPlayerMoveForce",
                "NetworkPlayerMoveRotate",
                "NetworkPlayerMoveRotateForce",
                "NetworkPlayerBan",
                "NetworkPlayerUnban",
                "NetworkPlayerKick",
                "NetworkPlayerKill"
            };

            foreach (NetworkActionType name in Enum.GetValues(typeof(NetworkActionType)).Cast<NetworkActionType>().Where(name => name != NetworkActionType.None)) {
                var permission = new PermissionModel() {
                    Name = name.ToString()
                };

                if (authorityConstrainedActions.Contains(name.ToString()) == false) {
                    permission.Traits.Add(PermissionTraitsType.Boolean);
                }

                var attributes = typeof(NetworkActionType).GetMember(name.ToString()).First().GetCustomAttributes(typeof(DescriptionAttribute), false);

                if (attributes.Length > 0) {
                    permission.Description = attributes.Cast<DescriptionAttribute>().First().Description;
                }

                this.Permissions.Add(permission);
            }

            List<String> booleanTraits = new List<String>() { PermissionTraitsType.Boolean };

            // Set default boolean traits for default permissions
            Dictionary<String, List<String>> defaultTraits = new Dictionary<String, List<String>>() {
                { CommandType.SecurityGroupAddAccount.ToString(), booleanTraits },
                { CommandType.SecurityRemoveAccount.ToString(), booleanTraits },
                { CommandType.SecurityAccountAuthenticate.ToString(), booleanTraits },
                { CommandType.SecurityAccountSetPassword.ToString(), booleanTraits },
                { CommandType.SecurityAccountSetPasswordHash.ToString(), booleanTraits },
                { CommandType.SecurityAccountSetPreferredLanguageCode.ToString(), booleanTraits }

                // @todo more
            };

            foreach (var trait in defaultTraits) {
                this.Permissions.First(permission => permission.Name == trait.Key).Traits.AddRange(trait.Value);
            }
        }
コード例 #3
0
ファイル: SecurityController.cs プロジェクト: EBassie/Potato
        /// <summary>
        /// Sets the description of a permission
        /// </summary>
        /// <param name="command"></param>
        /// <param name="parameters"></param>
        /// <returns></returns>
        public ICommandResult SecurityGroupSetPermissionDescription(ICommand command, Dictionary<String, ICommandParameter> parameters) {
            ICommandResult result = null;

            String groupName = parameters["groupName"].First<String>();
            String permissionName = parameters["permissionName"].First<String>();
            String description = parameters["description"].First<String>();

            if (this.DispatchPermissionsCheck(command, command.Name).Success == true) {

                GroupModel group = this.Groups.FirstOrDefault(g => g.Name == groupName);

                if (group != null) {
                    // Fetch or create the permission. Should always exist in our config, even if it is null.
                    // This also allows for new permissions to be added to CommandName in the future
                    // without breaking old configs.
                    PermissionModel permission = group.Permissions.FirstOrDefault(perm => perm.Name == permissionName);

                    if (permission == null) {
                        permission = new PermissionModel() {
                            Name = permissionName,
                            Description = description
                        };

                        group.Permissions.Add(permission);
                    }
                    else {
                        permission.Description = description;
                    }

                    result = new CommandResult() {
                        Success = true,
                        CommandResultType = CommandResultType.Success,
                        Message = String.Format(@"Permission ""{0}"" set the description {1}.", permission.Name, description),
                        Scope = new CommandData() {
                            Groups = new List<GroupModel>() {
                                group
                            }
                        },
                        Now = new CommandData() {
                            Permissions = new List<PermissionModel>() {
                                permission
                            }
                        }
                    };

                    if (this.Shared.Events != null) {
                        this.Shared.Events.Log(GenericEvent.ConvertToGenericEvent(result, GenericEventType.SecurityGroupPermissionTraitAppended));
                    }
                }
                else {
                    result = new CommandResult() {
                        Message = String.Format(@"Group with name ""{0}"" does not exists.", groupName),
                        Success = false,
                        CommandResultType = CommandResultType.DoesNotExists
                    };
                }
            }
            else {
                result = CommandResult.InsufficientPermissions;
            }

            return result;
        }