[FIX] FileAuthSystem module permissions

This commit is contained in:
Gravita 2021-10-13 20:01:12 +07:00
parent d9b03d3c6a
commit 26ed69e1a7
9 changed files with 73 additions and 48 deletions

View file

@ -50,11 +50,11 @@ public boolean canGetUpdates(String updatesDirName, Client client) {
private boolean isWhitelisted(String property, ClientProfile profile, Client client) { private boolean isWhitelisted(String property, ClientProfile profile, Client client) {
if(client.permissions != null) { if(client.permissions != null) {
String permByUUID = String.format(property, profile.getUUID()); String permByUUID = String.format(property, profile.getUUID());
if(client.permissions.hasAction(permByUUID)) { if(client.permissions.hasPerm(permByUUID)) {
return true; return true;
} }
String permByTitle = String.format(property, profile.getTitle().toLowerCase(Locale.ROOT)); String permByTitle = String.format(property, profile.getTitle().toLowerCase(Locale.ROOT));
if(client.permissions.hasAction(permByTitle)) { if(client.permissions.hasPerm(permByTitle)) {
return true; return true;
} }
} }

View file

@ -85,8 +85,8 @@ public boolean accept(Client client, AuthProviderPair pair, String extendedToken
client.auth_id = info.authId; client.auth_id = info.authId;
client.auth = server.config.getAuthProviderPair(info.authId); client.auth = server.config.getAuthProviderPair(info.authId);
if(client.permissions == null) client.permissions = new ClientPermissions(); if(client.permissions == null) client.permissions = new ClientPermissions();
client.permissions.addAction("launchserver.checkserver"); client.permissions.addPerm("launchserver.checkserver");
client.permissions.addAction(String.format("launchserver.profiles.%s.show", info.serverName)); client.permissions.addPerm(String.format("launchserver.profiles.%s.show", info.serverName));
return true; return true;
} }
} }

View file

@ -5,7 +5,6 @@
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import pro.gravit.launcher.events.request.CheckServerRequestEvent; import pro.gravit.launcher.events.request.CheckServerRequestEvent;
import pro.gravit.launchserver.auth.AuthException; import pro.gravit.launchserver.auth.AuthException;
import pro.gravit.launchserver.auth.AuthProviderPair;
import pro.gravit.launchserver.manangers.AuthManager; import pro.gravit.launchserver.manangers.AuthManager;
import pro.gravit.launchserver.socket.Client; import pro.gravit.launchserver.socket.Client;
import pro.gravit.launchserver.socket.response.SimpleResponse; import pro.gravit.launchserver.socket.response.SimpleResponse;
@ -24,7 +23,7 @@ public String getType() {
@Override @Override
public void execute(ChannelHandlerContext ctx, Client pClient) { public void execute(ChannelHandlerContext ctx, Client pClient) {
if (pClient.permissions == null || !pClient.permissions.hasAction("launchserver.checkserver")) { if (pClient.permissions == null || !pClient.permissions.hasPerm("launchserver.checkserver")) {
sendError("Permissions denied"); sendError("Permissions denied");
return; return;
} }

View file

@ -34,7 +34,7 @@ public String getType() {
@Override @Override
public void execute(ChannelHandlerContext ctx, Client client) { public void execute(ChannelHandlerContext ctx, Client client) {
if (username != null && (!client.isAuth || client.permissions == null || !client.permissions.hasAction("launchserver\\.management\\.kick"))) { if (username != null && (!client.isAuth || client.permissions == null || !client.permissions.hasPerm("launchserver\\.management\\.kick"))) {
sendError("Permissions denied"); sendError("Permissions denied");
return; return;
} }

View file

@ -17,7 +17,7 @@ public String getType() {
@Override @Override
public void execute(ChannelHandlerContext ctx, Client client) { public void execute(ChannelHandlerContext ctx, Client client) {
if (!client.isAuth || client.permissions == null || !client.permissions.hasAction("launchserver\\.management\\.pingserver")) { if (!client.isAuth || client.permissions == null || !client.permissions.hasPerm("launchserver\\.management\\.pingserver")) {
sendError("Access denied"); sendError("Access denied");
return; return;
} }

View file

@ -12,6 +12,6 @@ public class AuthService {
public static ClientProfile profile; public static ClientProfile profile;
public static boolean hasPermission(String permission) { public static boolean hasPermission(String permission) {
return permissions.hasAction(permission); return permissions.hasPerm(permission);
} }
} }

View file

@ -16,7 +16,7 @@ public class ClientPermissions {
@LauncherNetworkAPI @LauncherNetworkAPI
private List<String> roles; private List<String> roles;
@LauncherNetworkAPI @LauncherNetworkAPI
private List<String> actions; private List<String> perms;
private transient List<PermissionPattern> available; private transient List<PermissionPattern> available;
@ -40,7 +40,7 @@ public ClientPermissions(long permissions, long flags) {
public static ClientPermissions getSuperuserAccount() { public static ClientPermissions getSuperuserAccount() {
ClientPermissions perm = new ClientPermissions(); ClientPermissions perm = new ClientPermissions();
perm.setPermission(PermissionConsts.ADMIN, true); perm.setPermission(PermissionConsts.ADMIN, true);
perm.addAction("*"); perm.addPerm("*");
return perm; return perm;
} }
@ -56,8 +56,8 @@ public synchronized void compile() {
if (available != null) { if (available != null) {
return; return;
} }
available = new ArrayList<>(actions.size()); available = new ArrayList<>(perms.size());
for (String a : actions) { for (String a : perms) {
available.add(new PermissionPattern(a)); available.add(new PermissionPattern(a));
} }
if (permissions != 0) { if (permissions != 0) {
@ -68,7 +68,7 @@ public synchronized void compile() {
} }
} }
public boolean hasAction(String action) { public boolean hasPerm(String action) {
if (available == null) { if (available == null) {
compile(); compile();
} }
@ -87,23 +87,34 @@ public void addRole(String role) {
roles.add(role); roles.add(role);
} }
public void addAction(String action) { public void addPerm(String perm) {
if (actions == null) { if (perms == null) {
actions = new ArrayList<>(1); perms = new ArrayList<>(1);
} }
actions.add(action); perms.add(perm);
if(available == null) { if(available == null) {
available = new ArrayList<>(1); available = new ArrayList<>(1);
} }
available.add(new PermissionPattern(action)); available.add(new PermissionPattern(perm));
}
public void removePerm(String action) {
if (perms == null) {
return;
}
if(available == null) {
return;
}
perms.remove(action);
available.remove(new PermissionPattern(action));
} }
public List<String> getRoles() { public List<String> getRoles() {
return roles; return roles;
} }
public List<String> getActions() { public List<String> getPerms() {
return actions; return perms;
} }
//Read methods //Read methods
@ -156,7 +167,7 @@ public final void setFlag(long mask, boolean value) {
public String toString() { public String toString() {
return "ClientPermissions{" + return "ClientPermissions{" +
"roles=" + String.join(", ", roles == null ? Collections.emptyList() : roles) + "roles=" + String.join(", ", roles == null ? Collections.emptyList() : roles) +
", actions=" + String.join(", ", actions == null ? Collections.emptyList() : actions) + ", actions=" + String.join(", ", perms == null ? Collections.emptyList() : perms) +
'}'; '}';
} }
@ -232,5 +243,20 @@ public boolean match(String str) {
} }
return true; return true;
} }
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
PermissionPattern that = (PermissionPattern) o;
return priority == that.priority && Arrays.equals(parts, that.parts);
}
@Override
public int hashCode() {
int result = Objects.hash(priority);
result = 31 * result + Arrays.hashCode(parts);
return result;
}
} }
} }

View file

@ -8,43 +8,43 @@ public class PermissionTest {
public void testPermission() { public void testPermission() {
{ {
ClientPermissions permissions = new ClientPermissions(); ClientPermissions permissions = new ClientPermissions();
permissions.addAction("*"); permissions.addPerm("*");
Assertions.assertTrue(permissions.hasAction("abcd")); Assertions.assertTrue(permissions.hasPerm("abcd"));
Assertions.assertTrue(permissions.hasAction("t.a.c.d.f.*")); Assertions.assertTrue(permissions.hasPerm("t.a.c.d.f.*"));
Assertions.assertTrue(permissions.hasAction("*")); Assertions.assertTrue(permissions.hasPerm("*"));
} }
{ {
ClientPermissions permissions = new ClientPermissions(); ClientPermissions permissions = new ClientPermissions();
permissions.addAction("launchserver.*"); permissions.addPerm("launchserver.*");
Assertions.assertTrue(permissions.hasAction("launchserver.*")); Assertions.assertTrue(permissions.hasPerm("launchserver.*"));
Assertions.assertTrue(permissions.hasAction("launchserver.abcd")); Assertions.assertTrue(permissions.hasPerm("launchserver.abcd"));
Assertions.assertFalse(permissions.hasAction("default.abcd")); Assertions.assertFalse(permissions.hasPerm("default.abcd"));
Assertions.assertFalse(permissions.hasAction("nolaunchserver.abcd")); Assertions.assertFalse(permissions.hasPerm("nolaunchserver.abcd"));
} }
{ {
ClientPermissions permissions = new ClientPermissions(); ClientPermissions permissions = new ClientPermissions();
permissions.addAction("launchserver.*.prop"); permissions.addPerm("launchserver.*.prop");
Assertions.assertTrue(permissions.hasAction("launchserver.ii.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.ii.prop"));
Assertions.assertTrue(permissions.hasAction("launchserver.ia.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.ia.prop"));
Assertions.assertFalse(permissions.hasAction("default.abcd")); Assertions.assertFalse(permissions.hasPerm("default.abcd"));
Assertions.assertFalse(permissions.hasAction("launchserver.ia")); Assertions.assertFalse(permissions.hasPerm("launchserver.ia"));
Assertions.assertFalse(permissions.hasAction("launchserver.ia.prop2")); Assertions.assertFalse(permissions.hasPerm("launchserver.ia.prop2"));
} }
{ {
ClientPermissions permissions = new ClientPermissions(); ClientPermissions permissions = new ClientPermissions();
permissions.addAction("launchserver.*.def.*.prop"); permissions.addPerm("launchserver.*.def.*.prop");
Assertions.assertTrue(permissions.hasAction("launchserver.1.def.2.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.1.def.2.prop"));
Assertions.assertTrue(permissions.hasAction("launchserver.none.def.none.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.none.def.none.prop"));
Assertions.assertTrue(permissions.hasAction("launchserver.def.def.def.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.def.def.def.prop"));
Assertions.assertFalse(permissions.hasAction("launchserver.*.*.prop")); Assertions.assertFalse(permissions.hasPerm("launchserver.*.*.prop"));
Assertions.assertFalse(permissions.hasAction("launchserver.*.undef.*.prop")); Assertions.assertFalse(permissions.hasPerm("launchserver.*.undef.*.prop"));
} }
{ {
ClientPermissions permissions = new ClientPermissions(); ClientPermissions permissions = new ClientPermissions();
permissions.addAction("launchserver.*.e.*.i.*.prop"); permissions.addPerm("launchserver.*.e.*.i.*.prop");
Assertions.assertTrue(permissions.hasAction("launchserver.2.e.3.i.4.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.2.e.3.i.4.prop"));
Assertions.assertTrue(permissions.hasAction("launchserver.12212.e.233455.i.2356436346346345345345345.prop")); Assertions.assertTrue(permissions.hasPerm("launchserver.12212.e.233455.i.2356436346346345345345345.prop"));
Assertions.assertFalse(permissions.hasAction("launchserver.prop")); Assertions.assertFalse(permissions.hasPerm("launchserver.prop"));
} }
} }
} }

@ -1 +1 @@
Subproject commit a6c43731df536111b76e065426b085742ffbbd68 Subproject commit bfcab2ff667d9a53fdee2a9d2fd8d5246eb619b2