1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
package moe.ymc.acron.auth;
import moe.ymc.acron.jvav.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.jetbrains.annotations.NotNull;
public class PolicyChecker {
private static final Logger LOGGER = LogManager.getLogger();
public static Pair<Action, Boolean> check(@NotNull Client client,
@NotNull String command) {
final String commandToMatch = command.startsWith("/") ?
command.substring(1) :
command;
for (int i = 0; i < client.rules().length; i++) {
final Rule rule = client.rules()[i];
if (rule.cmdPattern().matcher(commandToMatch).matches()) {
if (rule.action() == Action.DENY) {
LOGGER.warn("The command from client {}, `{}`, was " +
"explicitly denied by rule #{} (starting from 1).",
client.id(),
command,
i + 1);
} else {
LOGGER.warn("The command from client {}, `{}`, was " +
"explicitly allowed by rule #{} (starting from 1).",
client.id(),
command,
i + 1);
}
return new Pair<>(rule.action(), rule.display());
}
}
LOGGER.warn("The command from client {}, `{}`, was " +
"implicitly {} by the default policy mode.",
client.id(),
command,
client.policyMode() == Action.ALLOW ? "allowed" : "denied");
return new Pair<>(client.policyMode() == Action.ALLOW ? Action.ALLOW : Action.DENY, false);
}
}
|