PermissionsManager на случай, если authProvider не обрабатывает привилегии

Загрузка привилегий из файла permissions.json
This commit is contained in:
Gravit 2018-12-24 17:00:09 +07:00
parent 232aeb5c68
commit 7e97915fd1
No known key found for this signature in database
GPG key ID: 061981E1E85D3216
7 changed files with 82 additions and 12 deletions

View file

@ -13,6 +13,7 @@
import ru.gravit.launchserver.auth.handler.MemoryAuthHandler; import ru.gravit.launchserver.auth.handler.MemoryAuthHandler;
import ru.gravit.launchserver.auth.hwid.AcceptHWIDHandler; import ru.gravit.launchserver.auth.hwid.AcceptHWIDHandler;
import ru.gravit.launchserver.auth.hwid.HWIDHandler; import ru.gravit.launchserver.auth.hwid.HWIDHandler;
import ru.gravit.launchserver.auth.permissions.JsonFilePermissionsHandler;
import ru.gravit.launchserver.auth.provider.AuthProvider; import ru.gravit.launchserver.auth.provider.AuthProvider;
import ru.gravit.launchserver.auth.provider.RejectAuthProvider; import ru.gravit.launchserver.auth.provider.RejectAuthProvider;
import ru.gravit.launchserver.binary.EXEL4JLauncherBinary; import ru.gravit.launchserver.binary.EXEL4JLauncherBinary;
@ -26,10 +27,7 @@
import ru.gravit.launchserver.config.AuthProviderAdapter; import ru.gravit.launchserver.config.AuthProviderAdapter;
import ru.gravit.launchserver.config.HWIDHandlerAdapter; import ru.gravit.launchserver.config.HWIDHandlerAdapter;
import ru.gravit.launchserver.config.TextureProviderAdapter; import ru.gravit.launchserver.config.TextureProviderAdapter;
import ru.gravit.launchserver.manangers.BuildHookManager; import ru.gravit.launchserver.manangers.*;
import ru.gravit.launchserver.manangers.MirrorManager;
import ru.gravit.launchserver.manangers.ModulesManager;
import ru.gravit.launchserver.manangers.SessionManager;
import ru.gravit.launchserver.response.Response; import ru.gravit.launchserver.response.Response;
import ru.gravit.launchserver.socket.ServerSocketHandler; import ru.gravit.launchserver.socket.ServerSocketHandler;
import ru.gravit.launchserver.texture.RequestTextureProvider; import ru.gravit.launchserver.texture.RequestTextureProvider;
@ -349,6 +347,8 @@ public LaunchServer(Path dir) throws IOException, InvalidKeySpecException {
e.printStackTrace(); e.printStackTrace();
} }
}); });
JsonFilePermissionsHandler.init();
PermissionsManager.registerPermissionsFunction(JsonFilePermissionsHandler::getPermissions);
// init modules // init modules
modulesManager.initModules(); modulesManager.initModules();

View file

@ -0,0 +1,45 @@
package ru.gravit.launchserver.auth.permissions;
import com.google.gson.reflect.TypeToken;
import ru.gravit.launcher.Launcher;
import ru.gravit.launchserver.auth.ClientPermissions;
import ru.gravit.utils.helper.IOHelper;
import java.io.IOException;
import java.io.Reader;
import java.io.Writer;
import java.lang.reflect.Type;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.HashMap;
import java.util.Map;
public class JsonFilePermissionsHandler {
public static String FILE_NAME = "permissions.json";
public static Map<String,ClientPermissions> map;
public static class Enity
{
public String username;
public ClientPermissions permissions;
}
public static ClientPermissions getPermissions(String username)
{
return map.getOrDefault(username,ClientPermissions.DEFAULT);
}
public static void init() throws IOException {
Type type = new TypeToken<Map<String,ClientPermissions>>(){}.getType();
Path path = Paths.get(FILE_NAME);
if(!IOHelper.exists(path))
{
map = new HashMap<>();
try(Writer writer = IOHelper.newWriter(path))
{
Launcher.gson.toJson(map,writer);
}
}
try(Reader reader = IOHelper.newReader(path))
{
map = Launcher.gson.fromJson(reader,type);
}
}
}

View file

@ -4,11 +4,10 @@
import ru.gravit.utils.helper.SecurityHelper; import ru.gravit.utils.helper.SecurityHelper;
public final class AcceptAuthProvider extends AuthProvider { public final class AcceptAuthProvider extends AuthProvider {
private boolean isAdminAccess;
@Override @Override
public AuthProviderResult auth(String login, String password, String ip) { public AuthProviderResult auth(String login, String password, String ip) {
return new AuthProviderResult(login, SecurityHelper.randomStringToken(), isAdminAccess ? ClientPermissions.getSuperuserAccount() : ClientPermissions.DEFAULT); // Same as login return new AuthProviderResult(login, SecurityHelper.randomStringToken()); // Same as login
} }
@Override @Override

View file

@ -1,6 +1,7 @@
package ru.gravit.launchserver.auth.provider; package ru.gravit.launchserver.auth.provider;
import ru.gravit.launchserver.auth.ClientPermissions; import ru.gravit.launchserver.auth.ClientPermissions;
import ru.gravit.launchserver.manangers.PermissionsManager;
public class AuthProviderResult { public class AuthProviderResult {
@ -11,7 +12,7 @@ public class AuthProviderResult {
public AuthProviderResult(String username, String accessToken) { public AuthProviderResult(String username, String accessToken) {
this.username = username; this.username = username;
this.accessToken = accessToken; this.accessToken = accessToken;
permissions = ClientPermissions.DEFAULT; permissions = PermissionsManager.getPermissions(username);
} }
public AuthProviderResult(String username, String accessToken, ClientPermissions permissions) { public AuthProviderResult(String username, String accessToken, ClientPermissions permissions) {

View file

@ -0,0 +1,24 @@
package ru.gravit.launchserver.manangers;
import ru.gravit.launchserver.auth.ClientPermissions;
public class PermissionsManager {
private static PermissionsFunction function = PermissionsManager::returnDefault;
public static void registerPermissionsFunction(PermissionsFunction function)
{
PermissionsManager.function = function;
}
public static ClientPermissions getPermissions(String username)
{
return function.getPermission(username);
}
@FunctionalInterface
public interface PermissionsFunction
{
ClientPermissions getPermission(String username);
}
public static ClientPermissions returnDefault(String username)
{
return ClientPermissions.DEFAULT;
}
}

View file

@ -87,7 +87,7 @@ public void reply() throws Exception {
} }
} }
if (clientData.profile == null) { if (clientData.profile == null) {
throw new AuthException("You profile not found"); throw new AuthException("Your profile is not found");
} }
} }
server.config.hwidHandler.check(OshiHWID.gson.fromJson(hwid_str, OshiHWID.class), result.username); server.config.hwidHandler.check(OshiHWID.gson.fromJson(hwid_str, OshiHWID.class), result.username);

View file

@ -67,14 +67,15 @@ public void reply() throws Exception {
Collection<ClientProfile> profiles = server.getProfiles(); Collection<ClientProfile> profiles = server.getProfiles();
for (ClientProfile p : profiles) { for (ClientProfile p : profiles) {
if (p.getTitle().equals(client)) { if (p.getTitle().equals(client)) {
if (!p.isWhitelistContains(login)) {
throw new AuthException(server.config.whitelistRejectString);
}
clientData.profile = p; clientData.profile = p;
} }
} }
if (clientData.profile == null) { if (clientData.profile == null) {
throw new AuthException("You profile not found"); throw new AuthException("Your profile is not found");
}
if(!clientData.permissions.canServer)
{
throw new AuthException("Your account cannot be a server");
} }
clientData.type = Client.Type.SERVER; clientData.type = Client.Type.SERVER;
clientData.username = result.username; clientData.username = result.username;