/// <summary>
/// Sets a permission on the current group, provided the groupName parameter matches this group.
/// </summary>
/// <param name="command"></param>
/// <param name="parameters"></param>
/// <returns></returns>
public ICommandResult SecurityGroupSetPermission(ICommand command, Dictionary<String, ICommandParameter> parameters) {
ICommandResult result = null;
String groupName = parameters["groupName"].First<String>();
String permissionName = parameters["permissionName"].First<String>();
int authority = parameters["authority"].First<int>();
if (this.DispatchPermissionsCheck(command, command.Name).Success == true) {
// If it's the users group AND (the permission to set permissions OR the permission is to authenticate) AND they are changing the permission to nothing
bool willResultInSystemLockout = this.DispatchGroupCheck(command, groupName).Success == true && (permissionName == CommandType.SecurityGroupSetPermission.ToString() || permissionName == CommandType.SecurityAccountAuthenticate.ToString()) && authority <= 0;
if (willResultInSystemLockout == false) {
GroupModel group = this.Groups.FirstOrDefault(g => g.Name == groupName);
if (group != null) {
// Fetch or create the permission. Should always exist in our config, even if it is null.
// This also allows for new permissions to be added to CommandName in the future
// without breaking old configs.
PermissionModel permission = group.Permissions.FirstOrDefault(perm => perm.Name == permissionName);
if (permission == null) {
permission = new PermissionModel() {
Name = permissionName,
Authority = authority
};
group.Permissions.Add(permission);
}
else {
permission.Authority = authority;
}
result = new CommandResult() {
Success = true,
CommandResultType = CommandResultType.Success,
Message = String.Format(@"Permission ""{0}"" set to {1}.", permission.Name, permission.Authority),
Scope = new CommandData() {
Groups = new List<GroupModel>() {
group
}
},
Now = new CommandData() {
Permissions = new List<PermissionModel>() {
permission
}
}
};
if (this.Shared.Events != null) {
this.Shared.Events.Log(GenericEvent.ConvertToGenericEvent(result, GenericEventType.SecurityGroupPermissionAuthorityChanged));
}
}
else {
result = new CommandResult() {
Message = String.Format(@"Group with name ""{0}"" does not exists.", groupName),
Success = false,
CommandResultType = CommandResultType.DoesNotExists
};
}
}
else {
result = new CommandResult() {
Message = String.Format(@"You cannot lock your group out of the system."),
Success = false,
CommandResultType = CommandResultType.InvalidParameter
};
}
}
else {
result = CommandResult.InsufficientPermissions;
}
return result;
}
/// <summary>
/// Initializes the group with default values.
/// </summary>
public GroupModel() : base() {
this.Name = String.Empty;
this.Accounts = new List<AccountModel>();
this.Permissions = new List<PermissionModel>();
// Setup the default permissions.
foreach (CommandType name in Enum.GetValues(typeof(CommandType)).Cast<CommandType>().Where(name => name != CommandType.None)) {
var permission = new PermissionModel() {
CommandType = name,
// All of the CommandType are boolean.
Traits = {
PermissionTraitsType.Boolean
}
};
var attributes = typeof(CommandType).GetMember(name.ToString()).First().GetCustomAttributes(typeof(DescriptionAttribute), false);
if (attributes.Length > 0) {
permission.Description = attributes.Cast<DescriptionAttribute>().First().Description;
}
this.Permissions.Add(permission);
}
// List of permissions that are not simple boolean (they take into account the level of Authority)
var authorityConstrainedActions = new List<String>() {
"NetworkPlayerMove",
"NetworkPlayerMoveForce",
"NetworkPlayerMoveRotate",
"NetworkPlayerMoveRotateForce",
"NetworkPlayerBan",
"NetworkPlayerUnban",
"NetworkPlayerKick",
"NetworkPlayerKill"
};
foreach (NetworkActionType name in Enum.GetValues(typeof(NetworkActionType)).Cast<NetworkActionType>().Where(name => name != NetworkActionType.None)) {
var permission = new PermissionModel() {
Name = name.ToString()
};
if (authorityConstrainedActions.Contains(name.ToString()) == false) {
permission.Traits.Add(PermissionTraitsType.Boolean);
}
var attributes = typeof(NetworkActionType).GetMember(name.ToString()).First().GetCustomAttributes(typeof(DescriptionAttribute), false);
if (attributes.Length > 0) {
permission.Description = attributes.Cast<DescriptionAttribute>().First().Description;
}
this.Permissions.Add(permission);
}
List<String> booleanTraits = new List<String>() { PermissionTraitsType.Boolean };
// Set default boolean traits for default permissions
Dictionary<String, List<String>> defaultTraits = new Dictionary<String, List<String>>() {
{ CommandType.SecurityGroupAddAccount.ToString(), booleanTraits },
{ CommandType.SecurityRemoveAccount.ToString(), booleanTraits },
{ CommandType.SecurityAccountAuthenticate.ToString(), booleanTraits },
{ CommandType.SecurityAccountSetPassword.ToString(), booleanTraits },
{ CommandType.SecurityAccountSetPasswordHash.ToString(), booleanTraits },
{ CommandType.SecurityAccountSetPreferredLanguageCode.ToString(), booleanTraits }
// @todo more
};
foreach (var trait in defaultTraits) {
this.Permissions.First(permission => permission.Name == trait.Key).Traits.AddRange(trait.Value);
}
}
/// <summary>
/// Sets the description of a permission
/// </summary>
/// <param name="command"></param>
/// <param name="parameters"></param>
/// <returns></returns>
public ICommandResult SecurityGroupSetPermissionDescription(ICommand command, Dictionary<String, ICommandParameter> parameters) {
ICommandResult result = null;
String groupName = parameters["groupName"].First<String>();
String permissionName = parameters["permissionName"].First<String>();
String description = parameters["description"].First<String>();
if (this.DispatchPermissionsCheck(command, command.Name).Success == true) {
GroupModel group = this.Groups.FirstOrDefault(g => g.Name == groupName);
if (group != null) {
// Fetch or create the permission. Should always exist in our config, even if it is null.
// This also allows for new permissions to be added to CommandName in the future
// without breaking old configs.
PermissionModel permission = group.Permissions.FirstOrDefault(perm => perm.Name == permissionName);
if (permission == null) {
permission = new PermissionModel() {
Name = permissionName,
Description = description
};
group.Permissions.Add(permission);
}
else {
permission.Description = description;
}
result = new CommandResult() {
Success = true,
CommandResultType = CommandResultType.Success,
Message = String.Format(@"Permission ""{0}"" set the description {1}.", permission.Name, description),
Scope = new CommandData() {
Groups = new List<GroupModel>() {
group
}
},
Now = new CommandData() {
Permissions = new List<PermissionModel>() {
permission
}
}
};
if (this.Shared.Events != null) {
this.Shared.Events.Log(GenericEvent.ConvertToGenericEvent(result, GenericEventType.SecurityGroupPermissionTraitAppended));
}
}
else {
result = new CommandResult() {
Message = String.Format(@"Group with name ""{0}"" does not exists.", groupName),
Success = false,
CommandResultType = CommandResultType.DoesNotExists
};
}
}
else {
result = CommandResult.InsufficientPermissions;
}
return result;
}
