mirror of
https://github.com/minetest/minetest.git
synced 2024-11-26 17:43:45 +01:00
Address set_player_privs
footgun (#14297)
--------- Co-authored-by: grorp <gregor.parzefall@posteo.de>
This commit is contained in:
parent
5958714309
commit
afc48cf224
@ -92,8 +92,16 @@ core.builtin_auth_handler = {
|
|||||||
|
|
||||||
core_auth.save(auth_entry)
|
core_auth.save(auth_entry)
|
||||||
|
|
||||||
-- Run grant callbacks
|
for priv, value in pairs(privileges) do
|
||||||
for priv, _ in pairs(privileges) do
|
-- Warnings for improper API usage
|
||||||
|
if value == false then
|
||||||
|
core.log('deprecated', "`false` value given to `minetest.set_player_privs`, "..
|
||||||
|
"this is almost certainly a bug, "..
|
||||||
|
"granting a privilege rather than revoking it")
|
||||||
|
elseif value ~= true then
|
||||||
|
core.log('deprecated', "non-`true` value given to `minetest.set_player_privs`")
|
||||||
|
end
|
||||||
|
-- Run grant callbacks
|
||||||
if not prev_privs[priv] then
|
if not prev_privs[priv] then
|
||||||
core.run_priv_callbacks(name, priv, nil, "grant")
|
core.run_priv_callbacks(name, priv, nil, "grant")
|
||||||
end
|
end
|
||||||
@ -180,6 +188,20 @@ core.set_player_privs = auth_pass("set_privileges")
|
|||||||
core.remove_player_auth = auth_pass("delete_auth")
|
core.remove_player_auth = auth_pass("delete_auth")
|
||||||
core.auth_reload = auth_pass("reload")
|
core.auth_reload = auth_pass("reload")
|
||||||
|
|
||||||
|
function core.change_player_privs(name, changes)
|
||||||
|
local privs = core.get_player_privs(name)
|
||||||
|
for priv, change in pairs(changes) do
|
||||||
|
if change == true then
|
||||||
|
privs[priv] = true
|
||||||
|
elseif change == false then
|
||||||
|
privs[priv] = nil
|
||||||
|
else
|
||||||
|
error("non-bool value given to `minetest.change_player_privs`")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
core.set_player_privs(name, privs)
|
||||||
|
end
|
||||||
|
|
||||||
local record_login = auth_pass("record_login")
|
local record_login = auth_pass("record_login")
|
||||||
core.register_on_joinplayer(function(player)
|
core.register_on_joinplayer(function(player)
|
||||||
record_login(player:get_player_name())
|
record_login(player:get_player_name())
|
||||||
|
@ -5841,8 +5841,20 @@ Authentication
|
|||||||
* `name`: string; if omitted, all auth data should be considered modified
|
* `name`: string; if omitted, all auth data should be considered modified
|
||||||
* `minetest.set_player_password(name, password_hash)`: Set password hash of
|
* `minetest.set_player_password(name, password_hash)`: Set password hash of
|
||||||
player `name`.
|
player `name`.
|
||||||
* `minetest.set_player_privs(name, {priv1=true,...})`: Set privileges of player
|
* `minetest.set_player_privs(name, privs)`: Set privileges of player `name`.
|
||||||
`name`.
|
* `privs` is a **set** of privileges:
|
||||||
|
A table where the keys are names of privileges and the values are `true`.
|
||||||
|
* Example: `minetest.set_player_privs("singleplayer", {interact = true, fly = true})`.
|
||||||
|
This **sets** the player privileges to `interact` and `fly`;
|
||||||
|
`singleplayer` will only have these two privileges afterwards.
|
||||||
|
* `minetest.change_player_privs(name, changes)`: Helper to grant or revoke privileges.
|
||||||
|
* `changes`: Table of changes to make.
|
||||||
|
A field `[privname] = true` grants a privilege,
|
||||||
|
whereas `[privname] = false` revokes a privilege.
|
||||||
|
* Example: `minetest.change_player_privs("singleplayer", {interact = true, fly = false})`
|
||||||
|
will grant singleplayer the `interact` privilege
|
||||||
|
and revoke singleplayer's `fly` privilege.
|
||||||
|
All other privileges will remain unchanged.
|
||||||
* `minetest.auth_reload()`
|
* `minetest.auth_reload()`
|
||||||
* See `reload()` in authentication handler definition
|
* See `reload()` in authentication handler definition
|
||||||
|
|
||||||
@ -10745,8 +10757,8 @@ Used by `minetest.register_authentication_handler`.
|
|||||||
|
|
||||||
set_privileges = function(name, privileges),
|
set_privileges = function(name, privileges),
|
||||||
-- Set privileges of player `name`.
|
-- Set privileges of player `name`.
|
||||||
-- `privileges` is in table form, auth data should be created if not
|
-- `privileges` is in table form: keys are privilege names, values are `true`;
|
||||||
-- present.
|
-- auth data should be created if not present.
|
||||||
|
|
||||||
reload = function(),
|
reload = function(),
|
||||||
-- Reload authentication data from the storage location.
|
-- Reload authentication data from the storage location.
|
||||||
|
Loading…
Reference in New Issue
Block a user