Added support for group based authentication.

This commit is contained in:
richard 2009-08-11 03:29:22 +02:00
parent 658a800fea
commit 3a82d3d9b0
7 changed files with 198 additions and 17 deletions

View File

@ -133,6 +133,15 @@ zr_config_path_weapons "configs/zr/weapons.txt"
zr_config_path_hitgroups "configs/zr/hitgroups.txt" zr_config_path_hitgroups "configs/zr/hitgroups.txt"
// ----------------------------------------------------------------------------
// Permission settings
// ----------------------------------------------------------------------------
// Use group authentication instead of flags to access admin features. Generic admin flag is still required on some features.
// -
// Default: "0"
zr_permissions_use_groups "0"
// ---------------------------------------------------------------------------- // ----------------------------------------------------------------------------
// Classes (core) // Classes (core)
// ---------------------------------------------------------------------------- // ----------------------------------------------------------------------------

View File

@ -41,6 +41,7 @@
#include "zr/zombiereloaded" #include "zr/zombiereloaded"
#include "zr/translation" #include "zr/translation"
#include "zr/cvars" #include "zr/cvars"
#include "zr/admintools"
#include "zr/log" #include "zr/log"
#include "zr/config" #include "zr/config"
#include "zr/steamidcache" #include "zr/steamidcache"

168
src/zr/admintools.inc Normal file
View File

@ -0,0 +1,168 @@
/*
* ============================================================================
*
* Zombie:Reloaded
*
* File: admintools.inc
* Type: Core
* Description: Functions for checking extended admin privileges.
*
* Copyright (C) 2009 Greyscale, Richard Helgeby
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* ============================================================================
*/
/**
* @section Pre-defined group names for authenticating players.
*/
#define ZR_GROUP_ADMINS "zr_admins"
#define ZR_GROUP_MODERATORS "zr_moderators"
#define ZR_GROUP_CONFIGURATORS "zr_configurators"
/**
* @endsection
*/
/**
* List of operation types to specify the category of a admin operation.
*/
enum OperationTypes
{
OperationType_Invalid = -1, /** Invalid operation type. */
OperationType_Generic, /** Generic events like infecting or teleporting players. */
OperationType_Configuration, /** Changing settings. */
}
/**
* Returns whether a player is allowed to do a certain operation or not.
*
* @param client The client index.
* @param operationType The operation category.
* @return True if allowed, false otherwise.
*/
stock bool:ZRIsClientPrivileged(client, OperationTypes:operationType = OperationType_Generic)
{
// Validate client index.
if (!ZRIsClientValid(client))
{
return false;
}
// Check if group permissions is enabled.
new bool:groupauth = GetConVarBool(g_hCvarsList[CVAR_PERMISSIONS_USE_GROUPS]);
if (groupauth)
{
/**********************************
* *
* GROUP BASED AUTHENTICATION *
* *
**********************************/
// Check if client is full admin.
if (ZRIsClientInGroup(client, ZR_GROUP_ADMINS))
{
return true;
}
// Check operation type.
switch (operationType)
{
case OperationType_Generic:
{
return ZRIsClientInGroup(client, ZR_GROUP_MODERATORS);
}
case OperationType_Configuration:
{
return ZRIsClientInGroup(client, ZR_GROUP_CONFIGURATORS);
}
}
// Invalid operation type.
return false;
}
else
{
/*********************************
* *
* FLAG BASED AUTHENTICATION *
* *
*********************************/
new AdminFlag:flag;
// Check operation type.
switch (operationType)
{
case OperationType_Generic:
{
flag = Admin_Generic;
}
case OperationType_Configuration:
{
flag = Admin_Config;
}
default:
{
// Invalid operation type.
return false;
}
}
return GetAdminFlag(GetUserAdmin(client), flag);
}
}
/**
* Returns whether a player is in a spesific group or not.
*
* @param client The client index.
* @param groupName SourceMod group name to check.
* @return True if in the group, false otherwise.
*/
stock bool:ZRIsClientInGroup(client, const String:groupName[])
{
new AdminId:id = GetUserAdmin(client);
// Validate id.
if (id == INVALID_ADMIN_ID)
{
return false;
}
// Get number of groups.
new groupnum = GetAdminGroupCount(id);
decl String:groupname[64];
// Validate number of groups.
if (groupnum > 0)
{
// Loop through each group.
for (new group = 0; group < groupnum; group++)
{
// Get group name.
GetAdminGroup(id, group, groupname, sizeof(groupname));
// Compare names.
if (StrEqual(groupName, groupname, false))
{
return true;
}
}
}
// No groups or no match.
return false;
}

View File

@ -52,6 +52,7 @@ enum CvarsList
Handle:CVAR_CONFIG_PATH_CLASSES, Handle:CVAR_CONFIG_PATH_CLASSES,
Handle:CVAR_CONFIG_PATH_WEAPONS, Handle:CVAR_CONFIG_PATH_WEAPONS,
Handle:CVAR_CONFIG_PATH_HITGROUPS, Handle:CVAR_CONFIG_PATH_HITGROUPS,
Handle:CVAR_PERMISSIONS_USE_GROUPS,
Handle:CVAR_CLASSES_SPAWN, Handle:CVAR_CLASSES_SPAWN,
Handle:CVAR_CLASSES_RANDOM, Handle:CVAR_CLASSES_RANDOM,
Handle:CVAR_CLASSES_CHANGE_TIMELIMIT, Handle:CVAR_CLASSES_CHANGE_TIMELIMIT,
@ -235,6 +236,12 @@ CvarsCreate()
g_hCvarsList[CVAR_CONFIG_PATH_HITGROUPS] = CreateConVar("zr_config_path_hitgroups", "configs/zr/hitgroups.txt", "Path, relative to root sourcemod directory, to hitgroups config file."); g_hCvarsList[CVAR_CONFIG_PATH_HITGROUPS] = CreateConVar("zr_config_path_hitgroups", "configs/zr/hitgroups.txt", "Path, relative to root sourcemod directory, to hitgroups config file.");
// ===========================
// Permission Settings
// ===========================
g_hCvarsList[CVAR_PERMISSIONS_USE_GROUPS] = CreateConVar("zr_permissions_use_groups", "0", "Use group authentication instead of flags to access admin features. Generic admin flag is still required on some features.");
// =========================== // ===========================
// Classes (core) // Classes (core)
// =========================== // ===========================

View File

@ -409,15 +409,9 @@ public ClassMenuSelectHandle(Handle:menu, MenuAction:action, client, slot)
* @return True if displayed, false otherwise. * @return True if displayed, false otherwise.
*/ */
bool:ClassTeamSelect(client) bool:ClassTeamSelect(client)
{ {
// Validate client.
if (!ZRIsClientValid(client, false))
{
return false;
}
// Validate permissions. // Validate permissions.
if (!ZRIsClientAdmin(client, Admin_Config)) if (!ZRIsClientPrivileged(client, OperationType_Configuration))
{ {
return false; return false;
} }

View File

@ -64,7 +64,7 @@ public Action:ZAdminCommand(client, argc)
*/ */
bool:ZAdminMenu(client) bool:ZAdminMenu(client)
{ {
// If client isn't an admin, then stop. // If client isn't an generic admin, then stop.
if (!ZRIsClientAdmin(client)) if (!ZRIsClientAdmin(client))
{ {
TranslationPrintToChat(client, "Must be admin"); TranslationPrintToChat(client, "Must be admin");
@ -94,16 +94,18 @@ bool:ZAdminMenu(client)
Format(ztele, sizeof(ztele), "%t", "ZAdmin main force ztele"); Format(ztele, sizeof(ztele), "%t", "ZAdmin main force ztele");
// Get conditions for options. // Get conditions for options.
new bool:hitgroupsenabled = GetConVarBool(g_hCvarsList[CVAR_HITGROUPS]); new configdraw = MenuGetItemDraw(ZRIsClientPrivileged(client, OperationType_Configuration));
new moderatordraw = MenuGetItemDraw(ZRIsClientPrivileged(client, OperationType_Generic));
new bool:hitgroupsenabled = GetConVarBool(g_hCvarsList[CVAR_HITGROUPS]) && ZRIsClientPrivileged(client, OperationType_Configuration);
// Add items to menu. // Add items to menu.
SetMenuTitle(menu_zadmin, title); SetMenuTitle(menu_zadmin, title);
AddMenuItem(menu_zadmin, "classmultipliers", classmultipliers); AddMenuItem(menu_zadmin, "classmultipliers", classmultipliers, configdraw);
AddMenuItem(menu_zadmin, "weapons", weapons); AddMenuItem(menu_zadmin, "weapons", weapons, configdraw);
AddMenuItem(menu_zadmin, "hitgroups", hitgroups, MenuGetItemDraw(hitgroupsenabled)); AddMenuItem(menu_zadmin, "hitgroups", hitgroups, MenuGetItemDraw(hitgroupsenabled));
AddMenuItem(menu_zadmin, "infect", infect); AddMenuItem(menu_zadmin, "infect", infect, moderatordraw);
AddMenuItem(menu_zadmin, "zspawn", zspawn); AddMenuItem(menu_zadmin, "zspawn", zspawn, moderatordraw);
AddMenuItem(menu_zadmin, "ztele", ztele); AddMenuItem(menu_zadmin, "ztele", ztele, moderatordraw);
// Set "Back" button. // Set "Back" button.
SetMenuExitBackButton(menu_zadmin, true); SetMenuExitBackButton(menu_zadmin, true);

View File

@ -235,7 +235,7 @@ stock bool:ZRTeamHasClients(team = -1)
} }
/** /**
* Returns whether a player is a generic admin or not. * Returns whether a player is a admin or not.
* *
* @param client The client index. * @param client The client index.
* @param flag Optional. Flag to check. Default is generic admin flag. * @param flag Optional. Flag to check. Default is generic admin flag.
@ -249,7 +249,7 @@ stock bool:ZRIsClientAdmin(client, AdminFlag:flag = Admin_Generic)
return false; return false;
} }
// If client doesn't have the Admin_Generic flag, then stop. // If client doesn't have the specified flag, then stop.
if (!GetAdminFlag(GetUserAdmin(client), flag)) if (!GetAdminFlag(GetUserAdmin(client), flag))
{ {
return false; return false;