CycleMode cycleFromString ( const std::string &str )
{
if ( compare_nocase(str,"loop")==0)
return eLoopInf;
else if ( compare_nocase(str,"random")==0)
return eRandomInf;
else if ( compare_nocase(str,"onerand")==0)
return eRandomOnce;
return eNoLoop;
}
EndCond condFromString ( const std::string &str )
{
if ( compare_nocase(str,"timed")==0)
return eTimedGame;
else if ( compare_nocase(str,"maxkill")==0)
return eMaxKillScore;
else if ( compare_nocase(str,"maxcap")==0)
return eMaxCapScore;
else if ( compare_nocase(str,"empty")==0)
return eNoPlayers;
else if ( compare_nocase(str,"manual")==0)
return eManual;
return eTimedGame;
}
bool VotingArbiter::hasSuffrage(const std::string &player) const
{
// is there a poll to vote on?
if (!this->isPollOpen()) {
return false;
}
// was this player granted the right to vote?
bool foundPlayer = false;
for (unsigned int i = 0; i < _suffraged.size(); i++) {
if (compare_nocase(_suffraged[i], player) == 0) {
foundPlayer = true;
break;
}
}
if (!foundPlayer) {
return false;
}
// has this player already voted?
if (_votingBooth->hasVoted(string_util::tolower(player))) {
return false;
}
// are there too many votes somehow (sanity)
if (_votingBooth->getTotalVotes() >= _maxVotes) {
return false;
}
return true;
}
int BZFSHTTPAuth::getLevelFromGroups (const std::vector<std::string> &groups )
{
std::map<int,std::vector<std::string> >::reverse_iterator itr = authLevels.rbegin();
while (itr != authLevels.rend())
{
for (size_t s = 0; s < itr->second.size(); s++ )
{
std::string &perm = itr->second[s];
std::vector<std::string> groupsWithPerm;
if (compare_nocase(perm,"ADMIN")==0)
groupsWithPerm = findGroupsWithAdmin();
else
groupsWithPerm = findGroupsWithPerm(perm);
// check the input groups, and see if any of the them are in the groups with this perm
for (size_t i = 1; i < groups.size(); i++ )
{
if (stringInList(groups[i],groupsWithPerm))
return itr->first;
}
}
itr++;
}
return 0;
}
std::vector<std::string> findGroupsWithPerm( const std::string &perm, bool skipLocal )
{
std::vector<std::string> groupsWithPerms;
bz_APIStringList* groupList = bz_getGroupList();
if (groupList)
{
for ( unsigned int i = 0; i < groupList->size();i++)
{
std::string groupName = groupList->get(i).c_str();
if (skipLocal && compare_nocase(groupName,"LOCAL.ADMIN") == 0)
continue;
bz_APIStringList *groupPerms = bz_getGroupPerms(groupName.c_str());
if (groupPerms)
{
if (permInGroup(perm,groupPerms))
groupsWithPerms.push_back(groupName);
bz_deleteStringList(groupPerms);
}
}
bz_deleteStringList(groupList);
}
return groupsWithPerms;
}
bool VotingArbiter::isPollerWaiting(const std::string &name) const
{
for (unsigned int i = 0; i < _pollers.size(); i++) {
if (compare_nocase(_pollers[i].name, name) == 0) {
return true;
}
}
return false;
}
bool stringInList ( const std::string &str, const std::vector<std::string> stringList )
{
for (std::vector<std::string>::const_iterator itr = stringList.begin(); itr != stringList.end(); itr++)
{
if (compare_nocase(str,*itr) == 0)
return true;
}
return false;
}
bool loadGamesFromFile ( const char* config )
{
endCond = eTimedGame;
timeLimit = 30.0*60.0;
scoreCapLimit = 10;
startTime = -1;
currentIndex = -1;
cycleMode = eLoopInf;
std::vector<std::string> lines = getFileTextLines(config);
if (!lines.size())
return false;
for ( unsigned int i = 0; i < (unsigned int)lines.size(); i++ )
{
std::string line = lines[i];
std::vector<std::string> params = tokenize(line,std::string(","),0,true);
if (params.size())
{
if (compare_nocase(params[0],"mode") == 0)
{
if ( params.size() > 1 )
endCond = condFromString(params[1]);
if ( params.size() > 2 )
{
if (endCond == eTimedGame )
timeLimit = fabs(atof(params[2].c_str()))*60.0;
else
scoreCapLimit = atoi(params[2].c_str());
if (timeLimit == 0.0)
timeLimit = 30;
if ( scoreCapLimit <= 0 )
scoreCapLimit = 10;
}
if ( params.size() > 3)
cycleMode = cycleFromString(params[3]);
}
else
{
Game game;
game.mapFile = params[0];
if ( params.size() > 1 )
game.publicText = params[1];
gameList.push_back(game);
}
}
}
return gameList.size() >0;
}
bool VotingArbiter::grantSuffrage(const std::string &player)
{
for (unsigned int i = 0; i < _suffraged.size(); i++) {
if (compare_nocase(_suffraged[i], player) == 0) {
return true;
}
}
_suffraged.push_front(player);
return true;
}
//output
ostream& operator<< (ostream& os, Context& c)
{
std::vector<string> consts;
for (Context::def_iter i=c.def_begin(); i!=c.def_end(); ++i) {
consts.push_back(*(i->first->name()));
}
std::sort(consts.begin(), consts.end(), compare_nocase());
for (unsigned i=0; i<consts.size(); ++i) {
os << consts[i] << ' ';
}
return os;
}
std::vector<std::string> findGroupsWithPerms( const std::vector<std::string> &perms, bool skipLocal )
{
std::vector<std::string> groupsWithPerms;
bz_APIStringList* groupList = bz_getGroupList();
if (groupList)
{
for ( unsigned int i = 0; i < groupList->size();i++)
{
std::string groupName = groupList->get(i).c_str();
if (skipLocal && compare_nocase(groupName,"LOCAL.ADMIN") == 0)
continue;
bz_APIStringList *groupPerms = bz_getGroupPerms(groupName.c_str());
if (groupPerms)
{
// see if any of the perms are NOT in this group.
bool hasOneWithNoPerm = false;
for (size_t p =0; p < perms.size(); p++)
{
if (!permInGroup(perms[p],groupPerms))
hasOneWithNoPerm = true;
}
bz_deleteStringList(groupPerms);
if (!hasOneWithNoPerm)
groupsWithPerms.push_back(groupName);
}
}
bz_deleteStringList(groupList);
}
return groupsWithPerms;
}
// ***************************************************************************
// This allows the user to send a char* to compare it to a string. Note that
// this simply creates a temporary string and sends it to the above function
bool MiscUtils::compare_nocase(const std::string& s1, const char* s2) throw()
{
std::string str2 = std::string(s2); // create the temp string
return compare_nocase(s1, str2);
}
bool BZFSHTTPAuth::verifyToken ( const HTTPRequest &request, HTTPReply &reply )
{
// build up the groups list
std::string token,user;
request.getParam("token",token);
request.getParam("user",user);
std::vector<std::string> groups;
std::map<int, std::vector<std::string> >::iterator itr = authLevels.begin();
while (itr != authLevels.end())
{
for (size_t i = 0; i < itr->second.size();i++)
{
std::string &perm = itr->second[i];
std::vector<std::string> groupsWithPerm;
if (compare_nocase(perm,"ADMIN")==0)
groupsWithPerm = findGroupsWithAdmin();
else
groupsWithPerm = findGroupsWithPerm(perm);
// only add groups that are not in the list yet
for (size_t g = 0; g < groupsWithPerm.size(); g++)
{
if (std::find(groups.begin(),groups.end(),groupsWithPerm[g]) == groups.end())
groups.push_back(groupsWithPerm[g]);
}
}
itr++;
}
PendingTokenTask *task = new PendingTokenTask;
if (!user.size() || !token.size())
{
reply.body += "Invalid response";
reply.docType = HTTPReply::eText;
return true;
}
task->requestID = request.requestID;
task->URL = "http://my.bzflag.org/db/";
task->URL += "?action=CHECKTOKENS&checktokens=" + url_encode(user);
if (!ipIsLocal(request.ip))
task->URL += "@" + request.ip;
task->URL += "%3D" + token;
task->URL += "&groups=";
for (size_t g = 0; g < groups.size(); g++)
{
task->URL += groups[g];
if ( g+1 < groups.size())
task->URL += "%0D%0A";
}
// give the task to bzfs and let it do it, when it's done it'll be processed
bz_addURLJob(task->URL.c_str(),task);
return false;
}
bool WindowsAddFileStack(const char *szPathName, const char* fileMask,
bool bRecursive,std::vector<std::string> &list,
bool justDirs = false)
{
struct _finddata_t fileInfo;
long hFile;
std::string searchstr;
std::string FilePath;
bool bDone = false;
searchstr = szPathName;
searchstr += "\\";
if (bRecursive)
searchstr += "*.*";
else if (fileMask)
searchstr += fileMask;
else
searchstr += "*.*";
std::string extenstionSearch;
if (fileMask && strchr(fileMask,'.'))
extenstionSearch = strchr(fileMask,'.')+1;
hFile = (long)_findfirst(searchstr.c_str(),&fileInfo);
if (hFile != -1) {
while (!bDone) {
if ((strlen(fileInfo.name) >0) && (strcmp(fileInfo.name,".") != 0) &&
(strcmp(fileInfo.name,"..") != 0)) {
FilePath = szPathName;
//if (!(fileInfo.attrib & _A_SUBDIR))
FilePath += "\\";
FilePath += fileInfo.name;
if (justDirs && (fileInfo.attrib & _A_SUBDIR)) {
// we neever do just dirs recrusively
list.push_back(FilePath);
} else if (!justDirs) {
if ((fileInfo.attrib & _A_SUBDIR) && bRecursive) {
WindowsAddFileStack(FilePath.c_str(),fileMask,bRecursive,list);
} else if (!(fileInfo.attrib & _A_SUBDIR)) {
if (bRecursive && fileMask) {
// if we are recusive we need to check extension manualy,
// so we get dirs and stuff
if (strrchr(FilePath.c_str(),'.')) {
if (compare_nocase(std::string(strrchr(FilePath.c_str(),'.')+1),
extenstionSearch) == 0)
list.push_back(FilePath);
}
} else {
list.push_back(FilePath);
}
}
}
}
if (_findnext(hFile,&fileInfo) == -1)
bDone = true;
}
}
return true;
}
bool BZFSHTTPAuth::generatePage ( const HTTPRequest &request, HTTPReply &reply )
{
if (!authPage.size())
setupAuth();
flushTasks();
int sessionID = request.sessionID;
reply.docType = HTTPReply::eHTML;
reply.returnCode = HTTPReply::e200OK;
std::map<int,AuthInfo>::iterator authItr = authedSessions.find(sessionID);
if ( authItr != authedSessions.end() ) // it is one of our authorized users, be nice and forward the request to our child
{
// put this back to the default
reply.docType = HTTPReply::eText;
authItr->second.time = bz_getCurrentTime();
bool complete = handleAuthedRequest(authItr->second.level,request,reply);
if (!complete)
defferedAuthedRequests.push_back(request.requestID);
return complete;
}
else // they are not fully authorized yet
{
std::map<int,PendingTokenTask*>::iterator pendingItr = pendingTokenTasks.find(request.requestID);
if (pendingItr != pendingTokenTasks.end()) // they have a token, check it
{
AuthInfo info;
info.time = bz_getCurrentTime();
if (!pendingItr->second->groups.size())
info.level = -1;
else
{
if (pendingItr->second->groups.size() == 1)
{
info.username = pendingItr->second->groups[0];
info.level = 0; // just authed, no levels
}
else
{
info.username = pendingItr->second->groups[0];
info.level = getLevelFromGroups(pendingItr->second->groups);
info.groups = pendingItr->second->groups;
info.groups.erase(info.groups.begin()); // pull off the first 'group' because it's a name
}
if (info.level >= 0)
authedSessions[request.sessionID] = info;
}
delete(pendingItr->second);
pendingTokenTasks.erase(pendingItr);
// put this back to the default
reply.docType = HTTPReply::eText;
bool complete = handleAuthedRequest(info.level,request,reply);
if (!complete)
defferedAuthedRequests.push_back(request.requestID);
return complete;
}
else
{
std::string action,user,token;
request.getParam("action",action);
request.getParam("user",user);
request.getParam("token",token);
if (compare_nocase(action,"login") == 0 && user.size() && token.size()) // it's a response from weblogin
return verifyToken(request,reply);
else
{
// it's someone we know NOTHING about, send them the login
templateSystem.startTimer();
size_t s = authPage.find_last_of('.');
if (s != std::string::npos)
{
if (compare_nocase(authPage.c_str()+s,".tmpl") == 0)
{
if(!templateSystem.processTemplateFile(reply.body,authPage.c_str()))
templateSystem.processTemplate(reply.body,authPage);
}
else
templateSystem.processTemplate(reply.body,authPage);
}
else
templateSystem.processTemplate(reply.body,authPage);
}
}
}
return true;
}
void HTTPServer::pending(int connectionID, void *d, unsigned int s)
{
HTTPConnectionMap::iterator itr = liveConnections.find(connectionID);
if (itr == liveConnections.end())
return;
HTTPConnection &connection = itr->second;
// grab the current data
if(d && s) {
char *t = (char*)malloc(s+1);
memcpy(t,d,s);
t[s] = 0;
connection.currentData += t;
free(t);
}
// see what our status is
if (!connection.request) {
std::stringstream stream(connection.currentData);
std::string request, resource, httpVersion;
stream >> request >> resource >> httpVersion;
if (request.size() && resource.size() && httpVersion.size()) {
if (compare_nocase(request,"get") == 0)
connection.request = eGet;
else if (compare_nocase(request,"head") == 0)
connection.request = eHead;
else if (compare_nocase(request,"post") == 0)
connection.request = ePost;
else if (compare_nocase(request,"put") == 0)
connection.request = ePut;
else if (compare_nocase(request,"delete") == 0)
connection.request = eDelete;
else if (compare_nocase(request,"trace") == 0)
connection.request = eTrace;
else if (compare_nocase(request,"options") == 0)
connection.request = eOptions;
else if (compare_nocase(request,"connect") == 0)
connection.request = eConnect;
else
connection.request = eOther;
if (httpVersion != "HTTP/1.1" && httpVersion != "HTTP/1.0")
bz_debugMessagef(1,"HTTPServer HTTP version of %s requested",httpVersion.c_str());
if (resource.size() > 1) {
size_t p = resource.find_first_of('/');
if (p != std::string::npos) {
if (p == 0)
p = resource.find_first_of('/',p+1);
if (p == std::string::npos) {
// there is only one / so the stuff after the slash in the vdir and the resource is NULL
connection.vdir.resize(resource.size()-1);
std::copy(resource.begin()+1,resource.end(),connection.vdir.begin());
} else {
connection.vdir.resize(p-1);
std::copy(resource.begin()+1,resource.begin()+p,connection.vdir.begin());
connection.resource.resize(resource.size()-p-1);
std::copy(resource.begin()+p+1,resource.end(),connection.resource.begin());
}
}
}
}
}
void BZFSHTTPAuth::TSURLCallback::keyCallback(std::string &data, const std::string &key)
{
if(compare_nocase(key,"WebAuthURL") == 0)
data += URL;
}
