Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-19 08:55:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Core/RBAC: Move RBAC commands to RBAC using individual permissions

Browse Source 
- Use this commit as a sample on how to move commands to RBAC
This commit is contained in:
Spp
2013-08-30 14:52:53 +02:00
parent 3232b69ff3
commit ea26928a99
4 changed files with 105 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
sql/updates/auth/2013_08_30_00_auth_misc.sql Normal file
View File

@@ -0,0 +1,40 @@
-- Add new permissions
DELETE FROM `rbac_permissions` WHERE `id` BETWEEN 200 AND 216;
INSERT INTO `rbac_permissions` (`id`, `name`) VALUES
(200, 'Command: .rbac'),
(201, 'Command: .rbac account'),
(202, 'Command: .rbac account group'),
(203, 'Command: .rbac account group add'),
(204, 'Command: .rbac account group remove'),
(205, 'Command: .rbac account role'),
(206, 'Command: .rbac account role grant'),
(207, 'Command: .rbac account role deny'),
(208, 'Command: .rbac account role revoke'),
(209, 'Command: .rbac account permission'),
(210, 'Command: .rbac account permission grant'),
(211, 'Command: .rbac account permission deny'),
(212, 'Command: .rbac account permission revoke'),
(213, 'Command: .rbac list'),
(214, 'Command: .rbac list groups'),
(215, 'Command: .rbac list roles'),
(216, 'Command: .rbac list permissions');
-- Add Permissions to "Administrator Commands Role"
DELETE FROM `rbac_role_permissions` WHERE `roleId` = 4 AND `permissionId` BETWEEN 200 AND 216;
INSERT INTO `rbac_role_permissions` (`roleId`, `permissionId`) VALUES
(4, 200),
(4, 201),
(4, 202),
(4, 203),
(4, 204),
(4, 205),
(4, 206),
(4, 207),
(4, 208),
(4, 209),
(4, 210),
(4, 211),
(4, 213),
(4, 214),
(4, 215),
(4, 216);

17
sql/updates/world/2013_08_30_02_world_command.sql Normal file
View File

@@ -0,0 +1,17 @@
-- Update command table with new RBAC permissions
UPDATE `command` SET `permission` = 200 WHERE `name` = '.rbac';
UPDATE `command` SET `permission` = 201 WHERE `name` = '.rbac account';
UPDATE `command` SET `permission` = 202 WHERE `name` = '.rbac account group';
UPDATE `command` SET `permission` = 203 WHERE `name` = '.rbac account group add';
UPDATE `command` SET `permission` = 204 WHERE `name` = '.rbac account group remove';
UPDATE `command` SET `permission` = 205 WHERE `name` = '.rbac account role';
UPDATE `command` SET `permission` = 206 WHERE `name` = '.rbac account role grant';
UPDATE `command` SET `permission` = 207 WHERE `name` = '.rbac account role deny';
UPDATE `command` SET `permission` = 208 WHERE `name` = '.rbac account role revoke';
UPDATE `command` SET `permission` = 209 WHERE `name` = '.rbac account permission';
UPDATE `command` SET `permission` = 210 WHERE `name` = '.rbac account permission grant';
UPDATE `command` SET `permission` = 211 WHERE `name` = '.rbac account permission deny';
UPDATE `command` SET `permission` = 212 WHERE `name` = '.rbac account permission revoke';
UPDATE `command` SET `permission` = 214 WHERE `name` = '.rbac account list groups';
UPDATE `command` SET `permission` = 215 WHERE `name` = '.rbac account list roles';
UPDATE `command` SET `permission` = 216 WHERE `name` = '.rbac account list permissions';

20
src/server/game/Accounts/RBAC.h
View File

@@ -96,6 +96,26 @@ enum RBACPermissions
RBAC_PERM_CHANGE_CHANNEL_NOT_MODERATOR = 46, RBAC_PERM_CHANGE_CHANNEL_NOT_MODERATOR = 46,
RBAC_PERM_CHECK_FOR_LOWER_SECURITY = 47, RBAC_PERM_CHECK_FOR_LOWER_SECURITY = 47,
RBAC_PERM_COMMANDS_PINFO_CHECK_PERSONAL_DATA = 48, RBAC_PERM_COMMANDS_PINFO_CHECK_PERSONAL_DATA = 48,
// Leave some space for core permissions
RBAC_PERM_COMMAND_RBAC = 200,
RBAC_PERM_COMMAND_RBAC_ACC = 201,
RBAC_PERM_COMMAND_RBAC_ACC_GROUP = 202,
RBAC_PERM_COMMAND_RBAC_ACC_GROUP_ADD = 203,
RBAC_PERM_COMMAND_RBAC_ACC_GROUP_DEL = 204,
RBAC_PERM_COMMAND_RBAC_ACC_ROLE = 205,
RBAC_PERM_COMMAND_RBAC_ACC_ROLE_GRANT = 206,
RBAC_PERM_COMMAND_RBAC_ACC_ROLE_DENY = 207,
RBAC_PERM_COMMAND_RBAC_ACC_ROLE_REVOKE = 208,
RBAC_PERM_COMMAND_RBAC_ACC_PERM = 209,
RBAC_PERM_COMMAND_RBAC_ACC_PERM_GRANT = 210,
RBAC_PERM_COMMAND_RBAC_ACC_PERM_DENY = 211,
RBAC_PERM_COMMAND_RBAC_ACC_PERM_REVOKE = 212,
RBAC_PERM_COMMAND_RBAC_LIST = 213,
RBAC_PERM_COMMAND_RBAC_LIST_GROUPS = 214,
RBAC_PERM_COMMAND_RBAC_LIST_ROLES = 215,
RBAC_PERM_COMMAND_RBAC_LIST_PERMS = 216,
// custom permissions 1000+
RBAC_PERM_MAX RBAC_PERM_MAX
}; };

56
src/server/scripts/Commands/cs_rbac.cpp
View File

@@ -53,58 +53,58 @@ public:
{ {
static ChatCommand rbacGroupsCommandTable[] = static ChatCommand rbacGroupsCommandTable[] =
{ {
{ "add", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACGroupAddCommand, "", NULL }, { "add", RBAC_PERM_COMMAND_RBAC_ACC_GROUP_ADD, true, &HandleRBACGroupAddCommand, "", NULL },
{ "remove", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACGroupRemoveCommand, "", NULL }, { "remove", RBAC_PERM_COMMAND_RBAC_ACC_GROUP_DEL, true, &HandleRBACGroupRemoveCommand, "", NULL },
{ "", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACGroupListCommand, "", NULL }, { "", RBAC_PERM_COMMAND_RBAC_ACC_GROUP, true, &HandleRBACGroupListCommand, "", NULL },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand rbacRolesCommandTable[] = static ChatCommand rbacRolesCommandTable[] =
{ {
{ "grant", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACRoleGrantCommand, "", NULL }, { "grant", RBAC_PERM_COMMAND_RBAC_ACC_ROLE_GRANT, true, &HandleRBACRoleGrantCommand, "", NULL },
{ "deny", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACRoleDenyCommand, "", NULL }, { "deny", RBAC_PERM_COMMAND_RBAC_ACC_ROLE_DENY, true, &HandleRBACRoleDenyCommand, "", NULL },
{ "revoke", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACRoleRevokeCommand, "", NULL }, { "revoke", RBAC_PERM_COMMAND_RBAC_ACC_ROLE_REVOKE, true, &HandleRBACRoleRevokeCommand, "", NULL },
{ "", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACRoleListCommand, "", NULL }, { "", RBAC_PERM_COMMAND_RBAC_ACC_ROLE, true, &HandleRBACRoleListCommand, "", NULL },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand rbacPermsCommandTable[] = static ChatCommand rbacPermsCommandTable[] =
{ {
{ "grant", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACPermGrantCommand, "", NULL }, { "grant", RBAC_PERM_COMMAND_RBAC_ACC_PERM_GRANT, true, &HandleRBACPermGrantCommand, "", NULL },
{ "deny", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACPermDenyCommand, "", NULL }, { "deny", RBAC_PERM_COMMAND_RBAC_ACC_PERM_DENY, true, &HandleRBACPermDenyCommand, "", NULL },
{ "revoke", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACPermRevokeCommand, "", NULL }, { "revoke", RBAC_PERM_COMMAND_RBAC_ACC_PERM_REVOKE, true, &HandleRBACPermRevokeCommand, "", NULL },
{ "", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACPermListCommand, "", NULL }, { "", RBAC_PERM_COMMAND_RBAC_ACC_PERM, true, &HandleRBACPermListCommand, "", NULL },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand rbacListCommandTable[] = static ChatCommand rbacListCommandTable[] =
{ {
{ "groups", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACListGroupsCommand, "", NULL }, { "groups", RBAC_PERM_COMMAND_RBAC_LIST_GROUPS, true, &HandleRBACListGroupsCommand, "", NULL },
{ "roles", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACListRolesCommand, "", NULL }, { "roles", RBAC_PERM_COMMAND_RBAC_LIST_ROLES, true, &HandleRBACListRolesCommand, "", NULL },
{ "permissions", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACListPermissionsCommand, "", NULL }, { "permissions", RBAC_PERM_COMMAND_RBAC_LIST_PERMS, true, &HandleRBACListPermissionsCommand, "", NULL },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand rbacAccountCommandTable[] = static ChatCommand rbacAccountCommandTable[] =
{ {
{ "group", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacGroupsCommandTable }, { "group", RBAC_PERM_COMMAND_RBAC_ACC_GROUP, true, NULL, "", rbacGroupsCommandTable },
{ "role", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacRolesCommandTable }, { "role", RBAC_PERM_COMMAND_RBAC_ACC_ROLE, true, NULL, "", rbacRolesCommandTable },
{ "permission", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacPermsCommandTable }, { "permission", RBAC_PERM_COMMAND_RBAC_ACC_PERM, true, NULL, "", rbacPermsCommandTable },
{ "", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, &HandleRBACAccountPermissionCommand, "", NULL }, { "", RBAC_PERM_COMMAND_RBAC_ACC, true, &HandleRBACAccountPermissionCommand, "", NULL },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand rbacCommandTable[] = static ChatCommand rbacCommandTable[] =
{ {
{ "account", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacAccountCommandTable }, { "account", RBAC_PERM_COMMAND_RBAC_ACC, true, NULL, "", rbacAccountCommandTable },
{ "list", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacListCommandTable }, { "list", RBAC_PERM_COMMAND_RBAC_LIST, true, NULL, "", rbacListCommandTable },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
static ChatCommand commandTable[] = static ChatCommand commandTable[] =
{ {
{ "rbac", RBAC_PERM_ADMINISTRATOR_COMMANDS, true, NULL, "", rbacCommandTable }, { "rbac", RBAC_PERM_COMMAND_RBAC, true, NULL, "", rbacCommandTable },
{ NULL, RBAC_PERM_ADMINISTRATOR_COMMANDS, false, NULL, "", NULL } { NULL, 0, false, NULL, "", NULL }
}; };
return commandTable; return commandTable;