package moe.ymc.acron.auth; import moe.ymc.acron.jvav.Pair; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.jetbrains.annotations.NotNull; public class PolicyChecker { private static final Logger LOGGER = LogManager.getLogger(); public static Pair check(@NotNull Client client, @NotNull String command) { final String commandToMatch = command.startsWith("/") ? command.substring(1) : command; for (int i = 0; i < client.rules().length; i++) { final Rule rule = client.rules()[i]; if (rule.cmdPattern().matcher(commandToMatch).matches()) { if (rule.action() == Action.DENY) { LOGGER.warn("The command from client {}, `{}`, was " + "explicitly denied by rule #{} (starting from 1).", client.id(), command, i + 1); } else { LOGGER.warn("The command from client {}, `{}`, was " + "explicitly allowed by rule #{} (starting from 1).", client.id(), command, i + 1); } return new Pair<>(rule.action(), rule.display()); } } LOGGER.warn("The command from client {}, `{}`, was " + "implicitly {} by the default policy mode.", client.id(), command, client.policyMode() == Action.ALLOW ? "allowed" : "denied"); return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false); } }