void CAccessControlListGroup::WriteToXMLNode ( CXMLNode* pNode )
{
assert ( pNode );
// Create the subnode for this
CXMLNode* pSubNode = pNode->CreateSubNode ( "group" );
assert ( pSubNode );
// Create attribute for the name and set it
CXMLAttribute* pAttribute = pSubNode->GetAttributes ().Create ( "name" );
pAttribute->SetValue ( m_strGroupName );
// Write the ACL's this group use
ACLsList::iterator iterACL = m_ACLs.begin ();
for ( ; iterACL != m_ACLs.end (); iterACL++ )
{
CAccessControlList* pACL = *iterACL;
// Create the subnode for this object and write the name attribute we generated
CXMLNode* pObjectNode = pSubNode->CreateSubNode ( "acl" );
pAttribute = pObjectNode->GetAttributes ().Create ( "name" );
pAttribute->SetValue ( pACL->GetName () );
}
// Write every object
ObjectList::iterator iter = m_Objects.begin ();
for ( ; iter != m_Objects.end (); iter++ )
{
CAccessControlListGroupObject* pObject = *iter;
// Find out the object type string
char szObjectType [255];
switch ( pObject->GetObjectType () )
{
case CAccessControlListGroupObject::OBJECT_TYPE_RESOURCE:
strcpy ( szObjectType, "resource" );
break;
case CAccessControlListGroupObject::OBJECT_TYPE_USER:
strcpy ( szObjectType, "user" );
break;
default:
strcpy ( szObjectType, "error" );
break;
}
// Append a dot append the name of the node
strcat ( szObjectType, "." );
strncat ( szObjectType, pObject->GetObjectName (), NUMELMS( szObjectType ) - 1 );
// Create the subnode for this object and write the name attribute we generated
CXMLNode* pObjectNode = pSubNode->CreateSubNode ( "object" );
pAttribute = pObjectNode->GetAttributes ().Create ( "name" );
pAttribute->SetValue ( szObjectType );
}
}
int CLuaACLDefs::aclGetName ( lua_State* luaVM )
{
// Verify the argument types
if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA )
{
// Grab and verify the ACL pointer
CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
if ( pACL )
{
// Return its name
lua_pushstring ( luaVM, pACL->GetName () );
return 1;
}
}
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclGetName ( lua_State* luaVM )
{
// string aclGetName ( acl theAcl )
CAccessControlList* pACL;
CScriptArgReader argStream ( luaVM );
argStream.ReadUserData ( pACL );
if ( !argStream.HasErrors () )
{
// Return its name
lua_pushstring ( luaVM, pACL->GetName () );
return 1;
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclGroupRemoveACL ( lua_State* luaVM )
{
// bool aclGroupRemoveACL ( aclgroup theGroup, acl theACL )
CAccessControlListGroup* pGroup; CAccessControlList* pACL;
CScriptArgReader argStream ( luaVM );
argStream.ReadUserData ( pGroup );
argStream.ReadUserData ( pACL );
if ( !argStream.HasErrors () )
{
// Add the ACL to the group
pGroup->RemoveACL ( pACL );
CLogger::LogPrintf ( "ACL: %s: ACL '%s' removed from group '%s'\n", GetResourceName ( luaVM ), pACL->GetName (), pGroup->GetGroupName () );
// Return success
lua_pushboolean ( luaVM, true );
return 1;
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclRemoveRight ( lua_State* luaVM )
{
// bool aclRemoveRight ( acl theAcl, string rightName )
CAccessControlList* pACL; SString strRight;
CScriptArgReader argStream ( luaVM );
argStream.ReadUserData ( pACL );
argStream.ReadString ( strRight );
if ( !argStream.HasErrors () )
{
// Grab the type from the name passed
const char* szRightAftedDot = strRight;
CAccessControlListRight::ERightType eType;
if ( StringBeginsWith ( strRight, "command." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
szRightAftedDot += 8;
}
else if ( StringBeginsWith ( strRight, "function." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( strRight, "resource." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( strRight, "general." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
szRightAftedDot += 8;
}
else
{
lua_pushboolean ( luaVM, false );
return 1;
}
// Try removing the right
CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
bool bAccess = pACLRight && pACLRight->GetRightAccess ();
if ( pACL->RemoveRight ( szRightAftedDot, eType ) )
{
CLogger::LogPrintf ( "ACL: %s: Right '%s' %s removed from ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
// Return success
lua_pushboolean ( luaVM, true );
return 1;
}
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclSetRight ( lua_State* luaVM )
{
// bool aclSetRight ( acl theAcl, string rightName, bool hasAccess )
CAccessControlList* pACL; SString strRight; bool bAccess;
CScriptArgReader argStream ( luaVM );
argStream.ReadUserData ( pACL );
argStream.ReadString ( strRight );
argStream.ReadBool ( bAccess );
if ( !argStream.HasErrors () )
{
// Grab the type from the name passed
const char* szRightAftedDot = strRight;
CAccessControlListRight::ERightType eType;
if ( StringBeginsWith ( strRight, "command." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
szRightAftedDot += 8;
}
else if ( StringBeginsWith ( strRight, "function." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( strRight, "resource." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( strRight, "general." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
szRightAftedDot += 8;
}
else
{
lua_pushboolean ( luaVM, false );
return 1;
}
// Grab the right from the name and type
CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
if ( pACLRight )
{
// Set the new access right
if ( pACLRight->GetRightAccess () != bAccess )
CLogger::LogPrintf ( "ACL: %s: Right '%s' changed to %s in ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
pACLRight->SetRightAccess ( bAccess );
lua_pushboolean ( luaVM, true );
return 1;
}
// Try to add it
pACLRight = pACL->AddRight ( szRightAftedDot, eType, bAccess );
if ( pACLRight )
{
// LOGLEVEL_LOW to stop spam from admin resource at new server startup
CLogger::LogPrintf ( LOGLEVEL_LOW, "ACL: %s: Right '%s' %s added in ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
lua_pushboolean ( luaVM, true );
return 1;
}
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclDestroy ( lua_State* luaVM )
{
// bool aclDestroy ( acl theACL )
CAccessControlList* pACL;
CScriptArgReader argStream ( luaVM );
argStream.ReadUserData ( pACL );
if ( !argStream.HasErrors () )
{
// Delete it
CLogger::LogPrintf ( "ACL: %s: ACL '%s' deleted\n", GetResourceName ( luaVM ), pACL->GetName () );
m_pACLManager->DeleteACL ( pACL );
// Return true
lua_pushboolean ( luaVM, true );
return 1;
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclCreate ( lua_State* luaVM )
{
// acl aclCreate ( string aclName )
SString strACLName;
CScriptArgReader argStream ( luaVM );
argStream.ReadString ( strACLName );
if ( !argStream.HasErrors () )
{
// See that the name doesn't exist already
CAccessControlList* pACL = m_pACLManager->GetACL ( strACLName );
if ( !pACL )
{
// Create a new ACL with that name
pACL = m_pACLManager->AddACL ( strACLName );
CLogger::LogPrintf ( "ACL: %s: ACL '%s' created\n", GetResourceName ( luaVM ), pACL->GetName () );
// Return the created ACL
lua_pushacl ( luaVM, pACL );
return 1;
}
}
else
m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclCreate ( lua_State* luaVM )
{
// Verify the argument types
if ( lua_type ( luaVM, 1 ) == LUA_TSTRING )
{
// Grab the arguments
const char* szACLName = lua_tostring ( luaVM, 1 );
// See that the name doesn't exist already
CAccessControlList* pACL = m_pACLManager->GetACL ( szACLName );
if ( !pACL )
{
// Create a new ACL with that name
pACL = m_pACLManager->AddACL ( szACLName );
CLogger::LogPrintf ( "ACL: %s: ACL '%s' created\n", GetResourceName ( luaVM ), pACL->GetName () );
// Return the created ACL
lua_pushacl ( luaVM, pACL );
return 1;
}
}
else
m_pScriptDebugging->LogBadType ( luaVM, "aclCreate" );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclGroupRemoveACL ( lua_State* luaVM )
{
// Verify the arguents
if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
lua_type ( luaVM, 2 ) == LUA_TLIGHTUSERDATA )
{
// Grab the arguments
CAccessControlListGroup* pGroup = lua_toaclgroup ( luaVM, 1 );
CAccessControlList* pACL = lua_toacl ( luaVM, 2 );
// Verify the group and ACL
if ( pGroup && pACL )
{
// Add the ACL to the group
pGroup->RemoveACL ( pACL );
CLogger::LogPrintf ( "ACL: %s: ACL '%s' removed from group '%s'\n", GetResourceName ( luaVM ), pACL->GetName (), pGroup->GetGroupName () );
// Return success
lua_pushboolean ( luaVM, true );
return 1;
}
}
else
m_pScriptDebugging->LogBadType ( luaVM, "aclGroupRemoveACL" );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclRemoveRight ( lua_State* luaVM )
{
// Verify the arguents
if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
lua_type ( luaVM, 2 ) == LUA_TSTRING )
{
// Grab the argument strings
CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
char* szRight = (char*) lua_tostring ( luaVM, 2 );
// Verify the ACL pointer
if ( pACL )
{
// Grab the type from the name passed
char* szRightAftedDot = szRight;
CAccessControlListRight::ERightType eType;
if ( StringBeginsWith ( szRight, "command." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
szRightAftedDot += 8;
}
else if ( StringBeginsWith ( szRight, "function." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( szRight, "resource." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( szRight, "general." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
szRightAftedDot += 8;
}
else
{
lua_pushboolean ( luaVM, false );
return 1;
}
// Try removing the right
CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
bool bAccess = pACLRight && pACLRight->GetRightAccess ();
if ( pACL->RemoveRight ( szRightAftedDot, eType ) )
{
CLogger::LogPrintf ( "ACL: %s: Right '%s' %s removed from ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
// Return success
lua_pushboolean ( luaVM, true );
return 1;
}
}
}
else
m_pScriptDebugging->LogBadType ( luaVM, "aclRemoveRight" );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclSetRight ( lua_State* luaVM )
{
// Verify the argument types
if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
lua_type ( luaVM, 2 ) == LUA_TSTRING &&
lua_type ( luaVM, 3 ) == LUA_TBOOLEAN )
{
// Grab the arguments
CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
char* szRight = (char*) lua_tostring ( luaVM, 2 );
bool bAccess = lua_toboolean ( luaVM, 3 ) ?true:false;
// Verify the ACL pointer
if ( pACL )
{
// Grab the type from the name passed
char* szRightAftedDot = szRight;
CAccessControlListRight::ERightType eType;
if ( StringBeginsWith ( szRight, "command." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
szRightAftedDot += 8;
}
else if ( StringBeginsWith ( szRight, "function." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( szRight, "resource." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
szRightAftedDot += 9;
}
else if ( StringBeginsWith ( szRight, "general." ) )
{
eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
szRightAftedDot += 8;
}
else
{
lua_pushboolean ( luaVM, false );
return 1;
}
// Grab the right from the name and type
CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
if ( pACLRight )
{
// Set the new access right
if ( pACLRight->GetRightAccess () != bAccess )
CLogger::LogPrintf ( "ACL: %s: Right '%s' changed to %s in ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
pACLRight->SetRightAccess ( bAccess );
lua_pushboolean ( luaVM, true );
return 1;
}
// Try to add it
pACLRight = pACL->AddRight ( szRightAftedDot, eType, bAccess );
if ( pACLRight )
{
// Return success
CLogger::LogPrintf ( "ACL: %s: Right '%s' %s added in ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
lua_pushboolean ( luaVM, true );
return 1;
}
}
}
else
m_pScriptDebugging->LogBadType ( luaVM, "aclSetRight" );
lua_pushboolean ( luaVM, false );
return 1;
}
int CLuaACLDefs::aclDestroy ( lua_State* luaVM )
{
// Verify the argument types
if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA )
{
// Grab the arguments
CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
if ( pACL )
{
// Delete it
CLogger::LogPrintf ( "ACL: %s: ACL '%s' deleted\n", GetResourceName ( luaVM ), pACL->GetName () );
m_pACLManager->DeleteACL ( pACL );
// Return true
lua_pushboolean ( luaVM, true );
return 1;
}
}
else
m_pScriptDebugging->LogBadType ( luaVM, "aclDestroy" );
lua_pushboolean ( luaVM, false );
return 1;
}
