private void OnLinkAttempt(EntityUid uid, AccessReaderComponent component, LinkAttemptEvent args) { if (component.Enabled && !IsAllowed(args.User, component)) { args.Cancel(); } }
private void OnEmagged(EntityUid uid, AccessReaderComponent reader, GotEmaggedEvent args) { if (reader.Enabled == true) { reader.Enabled = false; args.Handled = true; } }
public bool IsAllowed(AccessReaderComponent reader, ICollection <string> accessTags) { if (reader.DenyTags.Overlaps(accessTags)) { // Sec owned by cargo. return(false); } return(!reader.Enabled || reader.AccessLists.Count == 0 || reader.AccessLists.Any(a => a.IsSubsetOf(accessTags))); }
private void OnInit(EntityUid uid, AccessReaderComponent reader, ComponentInit args) { var allTags = reader.AccessLists.SelectMany(c => c).Union(reader.DenyTags); foreach (var level in allTags) { if (!_prototypeManager.HasIndex <AccessLevelPrototype>(level)) { Logger.ErrorS("access", $"Invalid access level: {level}"); } } }
/// <summary> /// Compares the given tags with the readers access list to see if it is allowed. /// </summary> /// <param name="accessTags">A list of access tags</param> /// <param name="reader">An access reader to check against</param> public bool IsAllowed(ICollection <string> accessTags, AccessReaderComponent reader) { if (!reader.Enabled) { // Access reader is totally disabled, so access is always allowed. return(true); } if (reader.DenyTags.Overlaps(accessTags)) { // Sec owned by cargo. // Note that in resolving the issue with only one specific item "counting" for access, this became a bit more strict. // As having an ID card in any slot that "counts" with a denied access group will cause denial of access. // DenyTags doesn't seem to be used right now anyway, though, so it'll be dependent on whoever uses it to figure out if this matters. return(false); } return(reader.AccessLists.Count == 0 || reader.AccessLists.Any(a => a.IsSubsetOf(accessTags))); }
/// <summary> /// Searches the given entity for access tags /// then compares it with the readers access list to see if it is allowed. /// </summary> /// <param name="entity">The entity that wants access.</param> /// <param name="reader">A reader from a different entity</param> public bool IsAllowed(EntityUid entity, AccessReaderComponent reader) { var tags = FindAccessTags(entity); return(IsAllowed(tags, reader)); }
public async Task TestTags() { var server = StartServer(); await server.WaitAssertion(() => { var system = EntitySystem.Get <AccessReaderSystem>(); // test empty var reader = new AccessReaderComponent(); Assert.That(system.IsAllowed(reader, new[] { "Foo" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "Bar" }), Is.True); Assert.That(system.IsAllowed(reader, new string[] { }), Is.True); // test deny reader = new AccessReaderComponent(); reader.DenyTags.Add("A"); Assert.That(system.IsAllowed(reader, new[] { "Foo" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "A", "Foo" }), Is.False); Assert.That(system.IsAllowed(reader, new string[] { }), Is.True); // test one list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); // test one list - two items reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A", "B" }); Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); // test two list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); reader.AccessLists.Add(new HashSet <string> { "B", "C" }); Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "C", "B" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "C", "B", "A" }), Is.True); Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); // test deny list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); reader.DenyTags.Add("B"); Assert.That(system.IsAllowed(reader, new[] { "A" }), Is.True); Assert.That(system.IsAllowed(reader, new[] { "B" }), Is.False); Assert.That(system.IsAllowed(reader, new[] { "A", "B" }), Is.False); Assert.That(system.IsAllowed(reader, new string[] { }), Is.False); }); }
/// <summary> /// Searches an <see cref="AccessComponent"/> in the entity itself, in its active hand or in its ID slot. /// Then compares the found access with the configured access lists to see if it is allowed. /// </summary> /// <remarks> /// If no access is found, an empty set is used instead. /// </remarks> /// <param name="entity">The entity to be searched for access.</param> public bool IsAllowed(AccessReaderComponent reader, EntityUid entity) { var tags = FindAccessTags(entity); return(IsAllowed(reader, tags)); }
public async Task TestTags() { await using var pairTracker = await PoolManager.GetServerClient(new PoolSettings { NoClient = true }); var server = pairTracker.Pair.Server; await server.WaitAssertion(() => { var system = EntitySystem.Get <AccessReaderSystem>(); // test empty var reader = new AccessReaderComponent(); Assert.That(system.IsAllowed(new[] { "Foo" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "Bar" }, reader), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.True); // test deny reader = new AccessReaderComponent(); reader.DenyTags.Add("A"); Assert.That(system.IsAllowed(new[] { "Foo" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "A", "Foo" }, reader), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.True); // test one list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False); // test one list - two items reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A", "B" }); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False); // test two list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); reader.AccessLists.Add(new HashSet <string> { "B", "C" }); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "C", "B" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "C", "B", "A" }, reader), Is.True); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False); // test deny list reader = new AccessReaderComponent(); reader.AccessLists.Add(new HashSet <string> { "A" }); reader.DenyTags.Add("B"); Assert.That(system.IsAllowed(new[] { "A" }, reader), Is.True); Assert.That(system.IsAllowed(new[] { "B" }, reader), Is.False); Assert.That(system.IsAllowed(new[] { "A", "B" }, reader), Is.False); Assert.That(system.IsAllowed(new string[] { }, reader), Is.False); }); await pairTracker.CleanReturnAsync(); }