aboutsummaryrefslogtreecommitdiff
path: root/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java
diff options
context:
space:
mode:
Diffstat (limited to 'mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java')
-rw-r--r--mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java42
1 files changed, 42 insertions, 0 deletions
diff --git a/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java
new file mode 100644
index 0000000..2ab7b97
--- /dev/null
+++ b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java
@@ -0,0 +1,42 @@
+package moe.ymc.acron.auth;
+
+import moe.ymc.acron.jvav.Pair;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.jetbrains.annotations.NotNull;
+
+public class PolicyChecker {
+ private static final Logger LOGGER = LogManager.getLogger();
+
+ public static Pair<Action, Boolean> check(@NotNull Client client,
+ @NotNull String command) {
+ final String commandToMatch = command.startsWith("/") ?
+ command.substring(1) :
+ command;
+ for (int i = 0; i < client.rules().length; i++) {
+ final Rule rule = client.rules()[i];
+ if (rule.cmdPattern().matcher(commandToMatch).matches()) {
+ if (rule.action() == Action.DENY) {
+ LOGGER.warn("The command from client {}, `{}`, was " +
+ "explicitly denied by rule #{} (starting from 1).",
+ client.id(),
+ command,
+ i + 1);
+ } else {
+ LOGGER.warn("The command from client {}, `{}`, was " +
+ "explicitly allowed by rule #{} (starting from 1).",
+ client.id(),
+ command,
+ i + 1);
+ }
+ return new Pair<>(rule.action(), rule.display());
+ }
+ }
+ LOGGER.warn("The command from client {}, `{}`, was " +
+ "implicitly {} by the default policy mode.",
+ client.id(),
+ command,
+ client.policyMode() == Action.ALLOW ? "allowed" : "denied");
+ return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false);
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-29 14:50:44 +0000