diff options
author | Trumeet <yuuta@yuuta.moe> | 2022-07-26 19:06:11 -0700 |
---|---|---|
committer | Trumeet <yuuta@yuuta.moe> | 2022-07-26 19:06:11 -0700 |
commit | d8fe269327a1a51f2588a3573a4764613da16388 (patch) | |
tree | 97bd20983700bb13eba7f7d524d3c6d529303b46 /mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java | |
parent | 31a5d2990ba666ce5ef4a1f79f7999a9bdfaac2a (diff) | |
download | acron-d8fe269327a1a51f2588a3573a4764613da16388.tar acron-d8fe269327a1a51f2588a3573a4764613da16388.tar.gz acron-d8fe269327a1a51f2588a3573a4764613da16388.tar.bz2 acron-d8fe269327a1a51f2588a3573a4764613da16388.zip |
Move the mod to mod/
Diffstat (limited to 'mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java')
-rw-r--r-- | mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java new file mode 100644 index 0000000..2ab7b97 --- /dev/null +++ b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java @@ -0,0 +1,42 @@ +package moe.ymc.acron.auth; + +import moe.ymc.acron.jvav.Pair; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.jetbrains.annotations.NotNull; + +public class PolicyChecker { + private static final Logger LOGGER = LogManager.getLogger(); + + public static Pair<Action, Boolean> check(@NotNull Client client, + @NotNull String command) { + final String commandToMatch = command.startsWith("/") ? + command.substring(1) : + command; + for (int i = 0; i < client.rules().length; i++) { + final Rule rule = client.rules()[i]; + if (rule.cmdPattern().matcher(commandToMatch).matches()) { + if (rule.action() == Action.DENY) { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly denied by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } else { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly allowed by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } + return new Pair<>(rule.action(), rule.display()); + } + } + LOGGER.warn("The command from client {}, `{}`, was " + + "implicitly {} by the default policy mode.", + client.id(), + command, + client.policyMode() == Action.ALLOW ? "allowed" : "denied"); + return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false); + } +} |