void CAccessControlListGroup::WriteToXMLNode ( CXMLNode* pNode )
{
    assert ( pNode );

    // Create the subnode for this
    CXMLNode* pSubNode = pNode->CreateSubNode ( "group" );
    assert ( pSubNode );

    // Create attribute for the name and set it
    CXMLAttribute* pAttribute = pSubNode->GetAttributes ().Create ( "name" );
    pAttribute->SetValue ( m_strGroupName );

    // Write the ACL's this group use
    ACLsList::iterator iterACL = m_ACLs.begin ();
    for ( ; iterACL != m_ACLs.end (); iterACL++ )
    {
        CAccessControlList* pACL = *iterACL;

        // Create the subnode for this object and write the name attribute we generated
        CXMLNode* pObjectNode = pSubNode->CreateSubNode ( "acl" );
        pAttribute = pObjectNode->GetAttributes ().Create ( "name" );
        pAttribute->SetValue ( pACL->GetName () );
    }

    // Write every object
    ObjectList::iterator iter = m_Objects.begin ();
    for ( ; iter != m_Objects.end (); iter++ )
    {
        CAccessControlListGroupObject* pObject = *iter;

        // Find out the object type string
        char szObjectType [255];
        switch ( pObject->GetObjectType () )
        {
            case CAccessControlListGroupObject::OBJECT_TYPE_RESOURCE:
                strcpy ( szObjectType, "resource" );
                break;

            case CAccessControlListGroupObject::OBJECT_TYPE_USER:
                strcpy ( szObjectType, "user" );
                break;

            default:
                strcpy ( szObjectType, "error" );
                break;
        }

        // Append a dot append the name of the node
        strcat ( szObjectType, "." );
        strncat ( szObjectType, pObject->GetObjectName (), NUMELMS( szObjectType ) - 1 );

        // Create the subnode for this object and write the name attribute we generated
        CXMLNode* pObjectNode = pSubNode->CreateSubNode ( "object" );
        pAttribute = pObjectNode->GetAttributes ().Create ( "name" );
        pAttribute->SetValue ( szObjectType );
    }
}
Пример #2
0
int CLuaACLDefs::aclGetName ( lua_State* luaVM )
{
    // Verify the argument types
    if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA )
    {
        // Grab and verify the ACL pointer
        CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
        if ( pACL )
        {
            // Return its name
            lua_pushstring ( luaVM, pACL->GetName () );
            return 1;
        }
    }

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #3
0
int CLuaACLDefs::aclGetName ( lua_State* luaVM )
{
//  string aclGetName ( acl theAcl )
    CAccessControlList* pACL;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadUserData ( pACL );
    
    if ( !argStream.HasErrors () )
    {
        // Return its name
        lua_pushstring ( luaVM, pACL->GetName () );
        return 1;
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #4
0
int CLuaACLDefs::aclGroupRemoveACL ( lua_State* luaVM )
{
//  bool aclGroupRemoveACL ( aclgroup theGroup, acl theACL )
    CAccessControlListGroup* pGroup; CAccessControlList* pACL;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadUserData ( pGroup );
    argStream.ReadUserData ( pACL );
    
    if ( !argStream.HasErrors () )
    {
        // Add the ACL to the group
        pGroup->RemoveACL ( pACL );
        CLogger::LogPrintf ( "ACL: %s: ACL '%s' removed from group '%s'\n", GetResourceName ( luaVM ), pACL->GetName (), pGroup->GetGroupName () );
        // Return success
        lua_pushboolean ( luaVM, true );
        return 1;
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #5
0
int CLuaACLDefs::aclRemoveRight ( lua_State* luaVM )
{
//  bool aclRemoveRight ( acl theAcl, string rightName )
    CAccessControlList* pACL; SString strRight;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadUserData ( pACL );
    argStream.ReadString ( strRight );
    
    if ( !argStream.HasErrors () )
    {
        // Grab the type from the name passed
        const char* szRightAftedDot = strRight;
        CAccessControlListRight::ERightType eType;
        if ( StringBeginsWith ( strRight, "command." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
            szRightAftedDot += 8;
        }
        else if ( StringBeginsWith ( strRight, "function." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
            szRightAftedDot += 9;
        }
        else if ( StringBeginsWith ( strRight, "resource." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
            szRightAftedDot += 9;
        }
        else if ( StringBeginsWith ( strRight, "general." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
            szRightAftedDot += 8;
        }
        else
        {
            lua_pushboolean ( luaVM, false );
            return 1;
        }
        // Try removing the right
        CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
        bool bAccess = pACLRight && pACLRight->GetRightAccess ();
        if ( pACL->RemoveRight ( szRightAftedDot, eType ) )
        {
            CLogger::LogPrintf ( "ACL: %s: Right '%s' %s removed from ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
            // Return success
            lua_pushboolean ( luaVM, true );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #6
0
int CLuaACLDefs::aclSetRight ( lua_State* luaVM )
{
//  bool aclSetRight ( acl theAcl, string rightName, bool hasAccess )
    CAccessControlList* pACL; SString strRight; bool bAccess;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadUserData ( pACL );
    argStream.ReadString ( strRight );
    argStream.ReadBool ( bAccess );
    
    if ( !argStream.HasErrors () )
    {
        // Grab the type from the name passed
        const char* szRightAftedDot = strRight;
        CAccessControlListRight::ERightType eType;
        if ( StringBeginsWith ( strRight, "command." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
            szRightAftedDot += 8;
        }
        else if ( StringBeginsWith ( strRight, "function." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
            szRightAftedDot += 9;
        }
        else if ( StringBeginsWith ( strRight, "resource." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
            szRightAftedDot += 9;
        }
        else if ( StringBeginsWith ( strRight, "general." ) )
        {
            eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
            szRightAftedDot += 8;
        }
        else
        {
            lua_pushboolean ( luaVM, false );
            return 1;
        }
        // Grab the right from the name and type
        CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
        if ( pACLRight )
        {
            // Set the new access right
            if ( pACLRight->GetRightAccess () != bAccess )
                CLogger::LogPrintf ( "ACL: %s: Right '%s' changed to %s in ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
            pACLRight->SetRightAccess ( bAccess );
            lua_pushboolean ( luaVM, true );
            return 1;
        }
        // Try to add it
        pACLRight = pACL->AddRight ( szRightAftedDot, eType, bAccess );
        if ( pACLRight )
        {
            // LOGLEVEL_LOW to stop spam from admin resource at new server startup
            CLogger::LogPrintf ( LOGLEVEL_LOW, "ACL: %s: Right '%s' %s added in ACL '%s'\n", GetResourceName ( luaVM ), strRight.c_str (), bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
            lua_pushboolean ( luaVM, true );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #7
0
int CLuaACLDefs::aclDestroy ( lua_State* luaVM )
{
//  bool aclDestroy ( acl theACL )
    CAccessControlList* pACL;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadUserData ( pACL );
    
    if ( !argStream.HasErrors () )
    {
        // Delete it
        CLogger::LogPrintf ( "ACL: %s: ACL '%s' deleted\n", GetResourceName ( luaVM ), pACL->GetName () );
        m_pACLManager->DeleteACL ( pACL );
        // Return true
        lua_pushboolean ( luaVM, true );
        return 1;
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #8
0
int CLuaACLDefs::aclCreate ( lua_State* luaVM )
{
//  acl aclCreate ( string aclName )
    SString strACLName;
    
    CScriptArgReader argStream ( luaVM );
    argStream.ReadString ( strACLName );
    
    if ( !argStream.HasErrors () )
    {
         // See that the name doesn't exist already
        CAccessControlList* pACL = m_pACLManager->GetACL ( strACLName );
        
        if ( !pACL )
        {
            // Create a new ACL with that name
            pACL = m_pACLManager->AddACL ( strACLName );
            CLogger::LogPrintf ( "ACL: %s: ACL '%s' created\n", GetResourceName ( luaVM ), pACL->GetName () );
            // Return the created ACL
            lua_pushacl ( luaVM, pACL );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogCustom ( luaVM, argStream.GetFullErrorMessage () );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #9
0
int CLuaACLDefs::aclCreate ( lua_State* luaVM )
{
    // Verify the argument types
    if ( lua_type ( luaVM, 1 ) == LUA_TSTRING )
    {
        // Grab the arguments
        const char* szACLName = lua_tostring ( luaVM, 1 );

        // See that the name doesn't exist already
        CAccessControlList* pACL = m_pACLManager->GetACL ( szACLName );
        if ( !pACL )
        {
            // Create a new ACL with that name
            pACL = m_pACLManager->AddACL ( szACLName );
            CLogger::LogPrintf ( "ACL: %s: ACL '%s' created\n", GetResourceName ( luaVM ), pACL->GetName () );

            // Return the created ACL
            lua_pushacl ( luaVM, pACL );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogBadType ( luaVM, "aclCreate" );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #10
0
int CLuaACLDefs::aclGroupRemoveACL ( lua_State* luaVM )
{
    // Verify the arguents
    if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
         lua_type ( luaVM, 2 ) == LUA_TLIGHTUSERDATA )
    {
        // Grab the arguments
        CAccessControlListGroup* pGroup = lua_toaclgroup ( luaVM, 1 );
        CAccessControlList* pACL = lua_toacl ( luaVM, 2 );

        // Verify the group and ACL
        if ( pGroup && pACL )
        {
            // Add the ACL to the group
            pGroup->RemoveACL ( pACL );
            CLogger::LogPrintf ( "ACL: %s: ACL '%s' removed from group '%s'\n", GetResourceName ( luaVM ), pACL->GetName (), pGroup->GetGroupName () );

            // Return success
            lua_pushboolean ( luaVM, true );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogBadType ( luaVM, "aclGroupRemoveACL" );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #11
0
int CLuaACLDefs::aclRemoveRight ( lua_State* luaVM )
{
    // Verify the arguents
    if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
         lua_type ( luaVM, 2 ) == LUA_TSTRING )
    {
        // Grab the argument strings
        CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
        char* szRight = (char*) lua_tostring ( luaVM, 2 );

        // Verify the ACL pointer
        if ( pACL )
        {
            // Grab the type from the name passed
            char* szRightAftedDot = szRight;
            CAccessControlListRight::ERightType eType;
            if ( StringBeginsWith ( szRight, "command." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
                szRightAftedDot += 8;
            }
            else if ( StringBeginsWith ( szRight, "function." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
                szRightAftedDot += 9;
            }
            else if ( StringBeginsWith ( szRight, "resource." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
                szRightAftedDot += 9;
            }
            else if ( StringBeginsWith ( szRight, "general." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
                szRightAftedDot += 8;
            }
            else
            {
                lua_pushboolean ( luaVM, false );
                return 1;
            }

            // Try removing the right
            CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
            bool bAccess = pACLRight && pACLRight->GetRightAccess ();
            if ( pACL->RemoveRight ( szRightAftedDot, eType ) )
            {
                CLogger::LogPrintf ( "ACL: %s: Right '%s' %s removed from ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
                // Return success
                lua_pushboolean ( luaVM, true );
                return 1;
            }
        }
    }
    else
        m_pScriptDebugging->LogBadType ( luaVM, "aclRemoveRight" );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #12
0
int CLuaACLDefs::aclSetRight ( lua_State* luaVM )
{
    // Verify the argument types
    if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA &&
         lua_type ( luaVM, 2 ) == LUA_TSTRING &&
         lua_type ( luaVM, 3 ) == LUA_TBOOLEAN )
    {
        // Grab the arguments
        CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
        char* szRight = (char*) lua_tostring ( luaVM, 2 );
        bool bAccess = lua_toboolean ( luaVM, 3 ) ?true:false;

        // Verify the ACL pointer
        if ( pACL )
        {
            // Grab the type from the name passed
            char* szRightAftedDot = szRight;
            CAccessControlListRight::ERightType eType;
            if ( StringBeginsWith ( szRight, "command." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_COMMAND;
                szRightAftedDot += 8;
            }
            else if ( StringBeginsWith ( szRight, "function." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_FUNCTION;
                szRightAftedDot += 9;
            }
            else if ( StringBeginsWith ( szRight, "resource." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_RESOURCE;
                szRightAftedDot += 9;
            }
            else if ( StringBeginsWith ( szRight, "general." ) )
            {
                eType = CAccessControlListRight::RIGHT_TYPE_GENERAL;
                szRightAftedDot += 8;
            }
            else
            {
                lua_pushboolean ( luaVM, false );
                return 1;
            }

            // Grab the right from the name and type
            CAccessControlListRight* pACLRight = pACL->GetRight ( szRightAftedDot, eType );
            if ( pACLRight )
            {
                // Set the new access right
                if ( pACLRight->GetRightAccess () != bAccess )
                    CLogger::LogPrintf ( "ACL: %s: Right '%s' changed to %s in ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
                pACLRight->SetRightAccess ( bAccess );
                lua_pushboolean ( luaVM, true );
                return 1;
            }

            // Try to add it
            pACLRight = pACL->AddRight ( szRightAftedDot, eType, bAccess );
            if ( pACLRight )
            {
                // Return success
                CLogger::LogPrintf ( "ACL: %s: Right '%s' %s added in ACL '%s'\n", GetResourceName ( luaVM ), szRight, bAccess ? "ALLOW" : "DISALLOW", pACL->GetName () );
                lua_pushboolean ( luaVM, true );
                return 1;
            }
        }
    }
    else
        m_pScriptDebugging->LogBadType ( luaVM, "aclSetRight" );

    lua_pushboolean ( luaVM, false );
    return 1;
}
Пример #13
0
int CLuaACLDefs::aclDestroy ( lua_State* luaVM )
{
    // Verify the argument types
    if ( lua_type ( luaVM, 1 ) == LUA_TLIGHTUSERDATA )
    {
        // Grab the arguments
        CAccessControlList* pACL = lua_toacl ( luaVM, 1 );
        if ( pACL )
        {
            // Delete it
            CLogger::LogPrintf ( "ACL: %s: ACL '%s' deleted\n", GetResourceName ( luaVM ), pACL->GetName () );
            m_pACLManager->DeleteACL ( pACL );

            // Return true
            lua_pushboolean ( luaVM, true );
            return 1;
        }
    }
    else
        m_pScriptDebugging->LogBadType ( luaVM, "aclDestroy" );

    lua_pushboolean ( luaVM, false );
    return 1;
}