minenux/minetest-mod-auth_rx
minenux/minetest-mod-auth_rx
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: minenux:b79404f7fa1eeb63e408c4164f6652353e8ff699
Branches Tags
minenux:main
minenux:master
..
compare: minenux:15143fd58fae3de7269d35521c1ccf020b84e829
Branches Tags
minenux:main
minenux:master

3 Commits
b79404f7fa ... 15143fd58f

Author SHA1 Message Date
mckaygerhard
15143fd58f correct handling of permissions when user is global admin 
* there are two king of administrators: those that have many
  of the privilegies and the user that are pointed in config file,
  auth_rx never initialized this from zero cos always assumed
  a starting point as migration, so never need or really detect
  who are the admin of the server, cos after migration the admin
  already has previous privilegies from plain db file.
* override all the possible handlers with right detection of the
  admin user from the config file, on admin detected, no matter
  what .. give it all the (on fly) privilegies currently on server
* still a privilegied user at this commit can erase the admin
  or change the password if have also enought privilegies
* WARNING: this commit will depends of the previusly commit
  as of 2aef6adf19713c2ca9216ced614b5960e7c1457c for right
  admin name detection.
 2023-06-15 23:40:36 -04:00
mckaygerhard
bf20c9f4bd fix engine detection for 5.4 due callbacks handler 
* wrongly invoked register_on_authplayer over 5.0+ engines
 2023-06-15 22:28:49 -04:00
mckaygerhard
2aef6adf19 fix get key configuration helper access 
* seems something related to syntactic sugar seems
  do not works anymore.. as i asked repect some commits
  at https://notabug.org/TenPlus1/nssm/issues/19
 2023-06-15 20:53:42 -04:00
2 changed files with 41 additions and 17 deletions
Show Stats Expand all files Collapse all files

10
helpers.lua
View File

@ -10,12 +10,12 @@
----------------------------------------------------- -----------------------------------------------------
local is_46 = minetest.has_feature("add_entity_with_staticdata") local is_46 = minetest.has_feature("add_entity_with_staticdata")
if is_46 then function get_minetest_config( key )
get_minetest_config = function( key ) if is_46 then
minetest.settings:get( key ) return minetest.settings:get( key )
else
return core.setting_get( key ) -- backwards compatibility
end end
else
get_minetest_config = core.setting_get -- backwards compatibility
end end
function convert_ipv4( str ) function convert_ipv4( str )

48
init.lua
View File

@ -24,7 +24,7 @@ local auth_filter = AuthFilter( world_path, "greenlist.mt" )
local auth_db = AuthDatabase( world_path, "auth.db" ) local auth_db = AuthDatabase( world_path, "auth.db" )
local auth_watchdog = AuthWatchdog( ) local auth_watchdog = AuthWatchdog( )
local is_50 = minetest.has_feature("object_use_texture_alpha") local is_50 = minetest.has_feature("object_use_texture_alpha")
local is_54 = minetest.has_feature("object_use_texture_alpha") local is_54 = minetest.has_feature("direct_velocity_on_players")
if is_50 then if is_50 then
if minetest.register_on_auth_fail then if minetest.register_on_auth_fail then
@ -128,15 +128,15 @@ end )
minetest.register_authentication_handler( { minetest.register_authentication_handler( {
-- translate old auth hooks to new database backend -- translate old auth hooks to new database backend
get_auth = function( username ) get_auth = function( username )
minetest.log( "verbose" , "[auth_rx] get_auth handler access to some resource for " .. username )
local rec = auth_db.select_record( username ) local rec = auth_db.select_record( username )
if rec then if rec then
local assigned_privs = rec.assigned_privs local assigned_privs = rec.assigned_privs
if get_minetest_config( "name" ) == username then if get_minetest_config( "name" ) == username then
-- grant server operator all privileges -- grant server operator all privileges
-- (TODO: implement as function that honors give_to_admin flag)
assigned_privs = { } assigned_privs = { }
for priv in pairs( core.registered_privileges ) do for priv in pairs( minetest.registered_privileges ) do
table.insert( assigned_privs, priv ) table.insert( assigned_privs, priv )
end end
end end
@ -145,28 +145,52 @@ minetest.register_authentication_handler( {
end end
end, end,
create_auth = function( username, password ) create_auth = function( username, password )
if auth_db.create_record( username, password ) then minetest.log( "verbose" , "[auth_rx] create_auth handler new user over server for " .. username )
auth_db.set_assigned_privs( username, get_default_privs( ) ) local rec = auth_db.create_record( username, password )
minetest.log( "info", "Created player '" .. username .. "' in authentication database" ) if rec then
local assigned_privs = get_default_privs( )
if get_minetest_config( "name" ) == username then
-- grant server operator all privileges
assigned_privs = { }
for priv in pairs( minetest.registered_privileges ) do
table.insert( assigned_privs, priv )
end
end
auth_db.set_assigned_privs( username, assigned_privs )
end end
end, end,
delete_auth = function( username ) delete_auth = function( username )
if auth_db.delete_record( username ) then minetest.log( "verbose" , "[auth_rx] delete_auth handler for " .. username )
minetest.log( "info", "Deleted player '" .. username .. "' in authenatication database" ) -- server operator's privileges are immutable
if get_minetest_config( "name" ) ~= username then
local rec = auth_db.delete_record( username )
if rec then
minetest.log( "info", "Deleted player '" .. username .. "' in authenatication database" )
end
end end
end, end,
set_password = function ( username, password ) set_password = function ( username, password )
if auth_db.set_password( username, password ) then minetest.log( "verbose" , "[auth_rx] set_password handler for " .. username )
local rec = auth_db.set_password( username, password )
if rec then
minetest.log( "info", "Reset password of player '" .. username .. "' in authentication database" ) minetest.log( "info", "Reset password of player '" .. username .. "' in authentication database" )
end end
end, end,
set_privileges = function ( username, privileges ) set_privileges = function ( username, privileges )
minetest.log( "verbose" , "[auth_rx] set_privileges handler grants for " .. username )
local assigned_privs = pack_privileges( privileges )
-- server operator's privileges are immutable -- server operator's privileges are immutable
if get_minetest_config( "name" ) == username then return end if get_minetest_config( "name" ) == username then
assigned_privs = { }
for priv in pairs( minetest.registered_privileges ) do
table.insert( assigned_privs, priv )
end
end
if auth_db.set_assigned_privs( username, pack_privileges( privileges ) ) then if auth_db.set_assigned_privs( username, assigned_privs ) then
minetest.notify_authentication_modified( username ) minetest.notify_authentication_modified( username )
minetest.log( "info", "Reset privileges of player '" .. username .. "' in authentication database" )
end end
end, end,
record_login = function ( ) end, record_login = function ( ) end,