diff options
author | Yuuta Liang <yuuta@yuuta.moe> | 2022-07-13 11:16:27 -0700 |
---|---|---|
committer | Trumeet <yuuta@yuuta.moe> | 2022-07-13 11:16:27 -0700 |
commit | 85045e1e4a15e0a5657d189e83dd202a2c37f2b0 (patch) | |
tree | 944bc9ee7a86bd413dfc940e210f21d2434ec7d3 /src/main/java/moe/ymc/acron/auth | |
download | acron-85045e1e4a15e0a5657d189e83dd202a2c37f2b0.tar acron-85045e1e4a15e0a5657d189e83dd202a2c37f2b0.tar.gz acron-85045e1e4a15e0a5657d189e83dd202a2c37f2b0.tar.bz2 acron-85045e1e4a15e0a5657d189e83dd202a2c37f2b0.zip |
First Commit
Signed-off-by: Trumeet <yuuta@yuuta.moe>
Diffstat (limited to 'src/main/java/moe/ymc/acron/auth')
-rw-r--r-- | src/main/java/moe/ymc/acron/auth/Action.java | 10 | ||||
-rw-r--r-- | src/main/java/moe/ymc/acron/auth/Client.java | 9 | ||||
-rw-r--r-- | src/main/java/moe/ymc/acron/auth/PolicyChecker.java | 39 | ||||
-rw-r--r-- | src/main/java/moe/ymc/acron/auth/Rule.java | 10 |
4 files changed, 68 insertions, 0 deletions
diff --git a/src/main/java/moe/ymc/acron/auth/Action.java b/src/main/java/moe/ymc/acron/auth/Action.java new file mode 100644 index 0000000..17d29a3 --- /dev/null +++ b/src/main/java/moe/ymc/acron/auth/Action.java @@ -0,0 +1,10 @@ +package moe.ymc.acron.auth; + +import com.google.gson.annotations.SerializedName; + +public enum Action { + @SerializedName("allow") + ALLOW, + @SerializedName("deny") + DENY +} diff --git a/src/main/java/moe/ymc/acron/auth/Client.java b/src/main/java/moe/ymc/acron/auth/Client.java new file mode 100644 index 0000000..2124ad4 --- /dev/null +++ b/src/main/java/moe/ymc/acron/auth/Client.java @@ -0,0 +1,9 @@ +package moe.ymc.acron.auth; + +import org.jetbrains.annotations.NotNull; + +public record Client(@NotNull String id, + @NotNull String token, + @NotNull Action policyMode, + @NotNull Rule[] rules) { +} diff --git a/src/main/java/moe/ymc/acron/auth/PolicyChecker.java b/src/main/java/moe/ymc/acron/auth/PolicyChecker.java new file mode 100644 index 0000000..5dea02a --- /dev/null +++ b/src/main/java/moe/ymc/acron/auth/PolicyChecker.java @@ -0,0 +1,39 @@ +package moe.ymc.acron.auth; + +import moe.ymc.acron.jvav.Pair; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.jetbrains.annotations.NotNull; + +public class PolicyChecker { + private static final Logger LOGGER = LogManager.getLogger(); + + public static Pair<Action, Boolean> check(@NotNull Client client, + @NotNull String command) { + for (int i = 0; i < client.rules().length; i++) { + final Rule rule = client.rules()[i]; + if (rule.cmdPattern().matcher(command).matches()) { + if (rule.action() == Action.DENY) { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly denied by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } else { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly allowed by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } + return new Pair<>(rule.action(), rule.display()); + } + } + LOGGER.warn("The command from client {}, `{}`, was " + + "implicitly {} by the default policy mode.", + client.id(), + command, + client.policyMode() == Action.ALLOW ? "allowed" : "denied"); + return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false); + } +} diff --git a/src/main/java/moe/ymc/acron/auth/Rule.java b/src/main/java/moe/ymc/acron/auth/Rule.java new file mode 100644 index 0000000..55ad0d7 --- /dev/null +++ b/src/main/java/moe/ymc/acron/auth/Rule.java @@ -0,0 +1,10 @@ +package moe.ymc.acron.auth; + +import org.jetbrains.annotations.NotNull; + +import java.util.regex.Pattern; + +public record Rule(@NotNull Pattern cmdPattern, + @NotNull Action action, + boolean display) { +} |