diff options
Diffstat (limited to 'mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java')
-rw-r--r-- | mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java new file mode 100644 index 0000000..2ab7b97 --- /dev/null +++ b/mod/src/main/java/moe/ymc/acron/auth/PolicyChecker.java @@ -0,0 +1,42 @@ +package moe.ymc.acron.auth; + +import moe.ymc.acron.jvav.Pair; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.jetbrains.annotations.NotNull; + +public class PolicyChecker { + private static final Logger LOGGER = LogManager.getLogger(); + + public static Pair<Action, Boolean> check(@NotNull Client client, + @NotNull String command) { + final String commandToMatch = command.startsWith("/") ? + command.substring(1) : + command; + for (int i = 0; i < client.rules().length; i++) { + final Rule rule = client.rules()[i]; + if (rule.cmdPattern().matcher(commandToMatch).matches()) { + if (rule.action() == Action.DENY) { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly denied by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } else { + LOGGER.warn("The command from client {}, `{}`, was " + + "explicitly allowed by rule #{} (starting from 1).", + client.id(), + command, + i + 1); + } + return new Pair<>(rule.action(), rule.display()); + } + } + LOGGER.warn("The command from client {}, `{}`, was " + + "implicitly {} by the default policy mode.", + client.id(), + command, + client.policyMode() == Action.ALLOW ? "allowed" : "denied"); + return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false); + } +} |