Add on_grant and on_revoke callbacks (#4713)

* Add register_on_priv_grant/revoke, and on_grant/revoke to privs. Call from /grant and /revoke

* Call on_grant and on_revoke callbacks from set_privs
This commit is contained in:
rubenwardy 2017-08-26 07:17:05 +01:00 committed by Loïc Blot
parent ad9677a14f
commit 096ea031de
4 changed files with 45 additions and 3 deletions

@ -125,6 +125,21 @@ core.builtin_auth_handler = {
core.get_password_hash(name, core.get_password_hash(name,
core.settings:get("default_password"))) core.settings:get("default_password")))
end end
-- Run grant callbacks
for priv, _ in pairs(privileges) do
if not core.auth_table[name].privileges[priv] then
core.run_priv_callbacks(name, priv, nil, "grant")
end
end
-- Run revoke callbacks
for priv, _ in pairs(core.auth_table[name].privileges) do
if not privileges[priv] then
core.run_priv_callbacks(name, priv, nil, "revoke")
end
end
core.auth_table[name].privileges = privileges core.auth_table[name].privileges = privileges
core.notify_authentication_modified(name) core.notify_authentication_modified(name)
save_auth_file() save_auth_file()

@ -132,6 +132,9 @@ local function handle_grant_command(caller, grantname, grantprivstr)
if privs_unknown ~= "" then if privs_unknown ~= "" then
return false, privs_unknown return false, privs_unknown
end end
for priv, _ in pairs(grantprivs) do
core.run_priv_callbacks(grantname, priv, caller, "grant")
end
core.set_player_privs(grantname, privs) core.set_player_privs(grantname, privs)
core.log("action", caller..' granted ('..core.privs_to_string(grantprivs, ', ')..') privileges to '..grantname) core.log("action", caller..' granted ('..core.privs_to_string(grantprivs, ', ')..') privileges to '..grantname)
if grantname ~= caller then if grantname ~= caller then
@ -193,12 +196,18 @@ core.register_chatcommand("revoke", {
end end
end end
if revoke_priv_str == "all" then if revoke_priv_str == "all" then
revoke_privs = privs
privs = {} privs = {}
else else
for priv, _ in pairs(revoke_privs) do for priv, _ in pairs(revoke_privs) do
privs[priv] = nil privs[priv] = nil
end end
end end
for priv, _ in pairs(revoke_privs) do
core.run_priv_callbacks(revoke_name, priv, name, "revoke")
end
core.set_player_privs(revoke_name, privs) core.set_player_privs(revoke_name, privs)
core.log("action", name..' revoked (' core.log("action", name..' revoked ('
..core.privs_to_string(revoke_privs, ', ') ..core.privs_to_string(revoke_privs, ', ')

@ -435,6 +435,17 @@ function core.run_callbacks(callbacks, mode, ...)
return ret return ret
end end
function core.run_priv_callbacks(name, priv, caller, method)
if not core.registered_privileges[priv]["on_" .. method] or
core.registered_privileges[priv]["on_" .. method](name, caller) then
for _, func in ipairs(core["registered_on_priv_" .. method]) do
if not func(name, caller) then
break
end
end
end
end
-- --
-- Callback registration -- Callback registration
-- --
@ -553,10 +564,11 @@ core.registered_craft_predicts, core.register_craft_predict = make_registration(
core.registered_on_protection_violation, core.register_on_protection_violation = make_registration() core.registered_on_protection_violation, core.register_on_protection_violation = make_registration()
core.registered_on_item_eats, core.register_on_item_eat = make_registration() core.registered_on_item_eats, core.register_on_item_eat = make_registration()
core.registered_on_punchplayers, core.register_on_punchplayer = make_registration() core.registered_on_punchplayers, core.register_on_punchplayer = make_registration()
core.registered_on_priv_grant, core.register_on_priv_grant = make_registration()
core.registered_on_priv_revoke, core.register_on_priv_revoke = make_registration()
-- --
-- Compatibility for on_mapgen_init() -- Compatibility for on_mapgen_init()
-- --
core.register_on_mapgen_init = function(func) func(core.get_mapgen_params()) end core.register_on_mapgen_init = function(func) func(core.get_mapgen_params()) end

@ -2446,6 +2446,12 @@ Call these functions only at load time!
* `definition`: `{ description = "description text", give_to_singleplayer = boolean}` * `definition`: `{ description = "description text", give_to_singleplayer = boolean}`
the default of `give_to_singleplayer` is true the default of `give_to_singleplayer` is true
* To allow players with `basic_privs` to grant, see `basic_privs` minetest.conf setting. * To allow players with `basic_privs` to grant, see `basic_privs` minetest.conf setting.
* `on_grant(name, granter_name)`: Called when given to player `name` by `granter_name`.
`granter_name` will be nil if the priv was granted by a mod.
* `on_revoke(name, revoker_name)`: Called when taken from player `name` by `revoker_name`.
`revoker_name` will be nil if the priv was revoked by a mod
* Note that the above two callbacks will be called twice if a player is responsible -
once with the player name, and then with a nil player name.
* `minetest.register_authentication_handler(handler)` * `minetest.register_authentication_handler(handler)`
* See `minetest.builtin_auth_handler` in `builtin.lua` for reference * See `minetest.builtin_auth_handler` in `builtin.lua` for reference