Mamanyonyo/akashi-esquizolandia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Splitting commands part 1, authentication

Browse Source
This commit is contained in:
MangosArentLiterature 2021-04-15 00:49:57 -05:00
parent 853e6e3ff4
commit 7dca20efe5
4 changed files with 530 additions and 480 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
akashi.pro
View File

@ -31,6 +31,8 @@ SOURCES += src/advertiser.cpp \
src/aopacket.cpp \
src/area_data.cpp \
src/commands.cpp \
src/commands/areas.cpp \
src/commands/authentication.cpp \
src/config_manager.cpp \
src/db_manager.cpp \
src/logger.cpp \

514
include/aoclient.h
View File

@ -624,44 +624,6 @@ class AOClient : public QObject {
{"EE", {ACLFlags.value("NONE"), 4, &AOClient::pktEditEvidence }},
};
/**
* @brief Literally just an invalid default command. That's it.
*
* @note Can be used as a base for future commands.
*
* @iscommand
*/
void cmdDefault(int argc, QStringList argv);
/**
* @brief Lists all the commands that the caller client has the permissions to use.
*
* @details No arguments.
*
* @iscommand
*/
void cmdHelp(int argc, QStringList argv);
/**
* @brief Gets or sets the server's Message Of The Day.
*
* @details If called without arguments, gets the MOTD.
*
* If it has any number of arguments, it is set as the **MOTD**.
*
* @iscommand
*/
void cmdMOTD(int argc, QStringList argv);
/**
* @brief Gives a very brief description of Akashi.
*
* @details No arguments.
*
* @iscommand
*/
void cmdAbout(int argc, QStringList argv);
/**
* @name Authentication
*/
@ -921,13 +883,13 @@ class AOClient : public QObject {
void cmdStatus(int argc, QStringList argv);
/**
* @brief Returns the currently playing music in the area, and who played it.
*
* @details No arguments.
*
* @iscommand
*/
void cmdCurrentMusic(int argc, QStringList argv);
* @brief Sends an out-of-character message with the judgelog of an area.
*
* @details No arguments.
*
* @iscommand
*/
void cmdJudgeLog(int argc, QStringList argv);
///@}
@ -939,6 +901,35 @@ class AOClient : public QObject {
*/
///@{
/**
* @brief Lists all the commands that the caller client has the permissions to use.
*
* @details No arguments.
*
* @iscommand
*/
void cmdHelp(int argc, QStringList argv);
/**
* @brief Gets or sets the server's Message Of The Day.
*
* @details If called without arguments, gets the MOTD.
*
* If it has any number of arguments, it is set as the **MOTD**.
*
* @iscommand
*/
void cmdMOTD(int argc, QStringList argv);
/**
* @brief Gives a very brief description of Akashi.
*
* @details No arguments.
*
* @iscommand
*/
void cmdAbout(int argc, QStringList argv);
/**
* @brief Lists the currently logged-in moderators on the server.
*
@ -993,50 +984,6 @@ class AOClient : public QObject {
*/
void cmdKick(int argc, QStringList argv);
/**
* @brief Sends out a decorated global message, for announcements.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdG()
*/
void cmdAnnounce(int argc, QStringList argv);
/**
* @brief Sends a message in the server-wide, moderator only chat.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*/
void cmdM(int argc, QStringList argv);
/**
* @brief Sends out a global message that is marked with an `[M]` to mean it is coming from a moderator.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdG()
*/
void cmdGM(int argc, QStringList argv);
/**
* @brief Sends out a local message that is marked with an `[M]` to mean it is coming from a moderator.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdLM()
*/
void cmdLM(int argc, QStringList argv);
// Casing/RP
/**
* @brief Mutes a client.
*
@ -1081,28 +1028,6 @@ class AOClient : public QObject {
*/
void cmdOocUnMute(int argc, QStringList argv);
/**
* @brief DJ-blocks a client.
*
* @details The only argument is the **target client's user ID**.
*
* @iscommand
*
* @see #is_dj_blocked
*/
void cmdBlockDj(int argc, QStringList argv);
/**
* @brief Removes the DJ-blocked status from a client.
*
* @details The only argument is the **target client's user ID**.
*
* @iscommand
*
* @see #is_dj_blocked
*/
void cmdUnBlockDj(int argc, QStringList argv);
/**
* @brief WTCE-blocks a client.
*
@ -1144,6 +1069,27 @@ class AOClient : public QObject {
*/
void cmdAllow_Blankposting(int argc, QStringList argv);
/**
* @brief Looks up info on a ban.
*
* @details If it is called with **one argument**, that argument is the ban ID to look up.
*
* If it is called with **two arguments**, then the first argument is either a ban ID, an IPID,
* or an HDID, and the the second argument specifies the ID type.
*
* @iscommand
*/
void cmdBanInfo(int argc, QStringList argv);
/**
* @brief Reloads all server configuration files.
*
* @details No arguments.
*
* @iscommand
*/
void cmdReload(int argc, QStringList argv);
///@}
/**
@ -1154,28 +1100,6 @@ class AOClient : public QObject {
*/
///@{
/**
* @brief Plays music in the area.
*
* @details The arguments are **the song's filepath** originating from `base/sounds/music/`,
* or **the song's URL** if it's a stream.
*
* As described above, this command can be used to play songs by URL (for clients at and above version 2.9),
* but it can also be used to play songs locally available for the clients but not listed in the music list.
*
* @iscommand
*/
void cmdPlay(int argc, QStringList argv);
/**
* @brief A global message expressing that the client needs something (generally: players for something).
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*/
void cmdNeed(int argc, QStringList argv);
/**
* @brief Flips a coin, returning heads or tails.
*
@ -1206,24 +1130,6 @@ class AOClient : public QObject {
*/
void cmdRollP(int argc, QStringList argv);
/**
* @brief Sets the `/doc` to a custom text.
*
* @details The arguments are **the text** that the client wants to set the doc to.
*
* @iscommand
*/
void cmdDoc(int argc, QStringList argv);
/**
* @brief Sets the `/doc` to `"No document."`.
*
* @details No arguments.
*
* @iscommand
*/
void cmdClearDoc(int argc, QStringList argv);
/**
* @brief Gets or sets the global or one of the area-specific timers.
*
@ -1245,29 +1151,6 @@ class AOClient : public QObject {
*/
void cmdTimer(int argc, QStringList argv);
/**
* @brief Changes the evidence mod in the area.
*
* @details The only argument is the **evidence mod** to change to.
*
* @iscommand
*
* @see AreaData::EvidenceMod
*/
void cmdEvidenceMod(int argc, QStringList argv);
/**
* @brief Changes position of two pieces of evidence in the area.
*
* @details The two arguments are the indices of the evidence items you want to swap the position of.
*
* @iscommand
*
* @see Area::Evidence_Swap
*
*/
void cmdEvidence_Swap(int argc, QStringList argv);
/**
* @brief Changes the subtheme of the clients in the current area.
*
@ -1305,51 +1188,13 @@ class AOClient : public QObject {
void cmdNoteCardClear(int argc, QStringList argv);
/**
* @brief Sets are to PLAYBACK mode
* @brief Randomly selects an answer from 8ball.txt to a question.
*
* @details Enables control over the stored testimony, prevent new messages to be added and
* allows people to navigate trough it using > and <.
* @details The only argument is the question the client wants answered.
*
* @iscommand
*/
void cmdExamine(int argc, QStringList argv);
/**
* @brief Enables the testimony recording functionality.
*
* @details Any IC-Message send after this command is issues will be recorded by the testimony recorder.
*/
void cmdTestify(int argc, QStringList argv);
/**
* @brief Allows user to update the currently displayed IC-Message from the testimony replay.
*
* @details Using this command replaces the content of the current statement entirely. It does not append information.
*/
void cmdUpdateStatement(int argc, QStringList argv);
/**
* @brief Deletes a statement from the testimony.
*
* @details Using this deletes the entire entry in the QVector and resizes it appropriately to prevent empty record indices.
*/
void cmdDeleteStatement(int argc, QStringList argv);
/**
* @brief Pauses testimony playback.
*
* @details Disables the testimony playback controls.
*/
void cmdPauseTestimony(int argc, QStringList argv);
/**
* @brief
*
* @details
*
*/
void cmdAddStatement(int argc, QStringList argv);
// Messaging/Client
void cmd8Ball(int argc, QStringList argv);
///@}
@ -1436,13 +1281,65 @@ class AOClient : public QObject {
void cmdPM(int argc, QStringList argv);
/**
* @brief Randomly selects an answer from 8ball.txt to a question.
* @brief A global message expressing that the client needs something (generally: players for something).
*
* @details The only argument is the question the client wants answered.
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*/
void cmd8Ball(int argc, QStringList argv);
void cmdNeed(int argc, QStringList argv);
/**
* @brief Sends out a decorated global message, for announcements.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdG()
*/
void cmdAnnounce(int argc, QStringList argv);
/**
* @brief Sends a message in the server-wide, moderator only chat.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*/
void cmdM(int argc, QStringList argv);
/**
* @brief Sends out a global message that is marked with an `[M]` to mean it is coming from a moderator.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdG()
*/
void cmdGM(int argc, QStringList argv);
/**
* @brief Sends out a local message that is marked with an `[M]` to mean it is coming from a moderator.
*
* @details The arguments are **the message** that the client wants to send.
*
* @iscommand
*
* @see AOClient::cmdLM()
*/
void cmdLM(int argc, QStringList argv);
///@}
/**
* @name Fun
*
* @brief All functions that detail the actions of commands,
* that are related to various kinds of fun moderator commands.
*/
///@{
/**
* @brief Replaces a target client's in-character messages with strings randomly selected from gimp.txt.
@ -1497,36 +1394,156 @@ class AOClient : public QObject {
* @iscommand
*/
void cmdUnShake(int argc, QStringList argv);
///@}
/**
* @brief Reloads all server configuration files.
* @name Casing
*
* @brief All functions that detail the actions of commands,
* that are related to casing.
*/
///@{
/**
* @brief Sets the `/doc` to a custom text.
*
* @details The arguments are **the text** that the client wants to set the doc to.
*
* @iscommand
*/
void cmdDoc(int argc, QStringList argv);
/**
* @brief Sets the `/doc` to `"No document."`.
*
* @details No arguments.
*
* @iscommand
*/
void cmdReload(int argc, QStringList argv);
/**
* @brief Sends an out-of-character message with the judgelog of an area.
*
* @details No arguments.
*
* @iscommand
*/
void cmdJudgeLog(int argc, QStringList argv);
/**
* @brief Looks up info on a ban.
*
* @details If it is called with **one argument**, that argument is the ban ID to look up.
*
* If it is called with **two arguments**, then the first argument is either a ban ID, an IPID,
* or an HDID, and the the second argument specifies the ID type.
*
* @iscommand
*/
void cmdBanInfo(int argc, QStringList argv);
void cmdClearDoc(int argc, QStringList argv);
/**
* @brief Changes the evidence mod in the area.
*
* @details The only argument is the **evidence mod** to change to.
*
* @iscommand
*
* @see AreaData::EvidenceMod
*/
void cmdEvidenceMod(int argc, QStringList argv);
/**
* @brief Changes position of two pieces of evidence in the area.
*
* @details The two arguments are the indices of the evidence items you want to swap the position of.
*
* @iscommand
*
* @see Area::Evidence_Swap
*
*/
void cmdEvidence_Swap(int argc, QStringList argv);
/**
* @brief Sets are to PLAYBACK mode
*
* @details Enables control over the stored testimony, prevent new messages to be added and
* allows people to navigate trough it using > and <.
*/
void cmdExamine(int argc, QStringList argv);
/**
* @brief Enables the testimony recording functionality.
*
* @details Any IC-Message send after this command is issues will be recorded by the testimony recorder.
*/
void cmdTestify(int argc, QStringList argv);
/**
* @brief Allows user to update the currently displayed IC-Message from the testimony replay.
*
* @details Using this command replaces the content of the current statement entirely. It does not append information.
*/
void cmdUpdateStatement(int argc, QStringList argv);
/**
* @brief Deletes a statement from the testimony.
*
* @details Using this deletes the entire entry in the QVector and resizes it appropriately to prevent empty record indices.
*/
void cmdDeleteStatement(int argc, QStringList argv);
/**
* @brief Pauses testimony playback.
*
* @details Disables the testimony playback controls.
*/
void cmdPauseTestimony(int argc, QStringList argv);
/**
* @brief Adds a statement to an existing testimony.
*
* @details Inserts new statement after the currently displayed recorded message. Increases the index by 1.
*
*/
void cmdAddStatement(int argc, QStringList argv);
///@}
/**
* @name Music
*
* @brief All functions that detail the actions of commands,
* that are also related to music in some way.
*/
///@{
/**
* @brief Plays music in the area.
*
* @details The arguments are **the song's filepath** originating from `base/sounds/music/`,
* or **the song's URL** if it's a stream.
*
* As described above, this command can be used to play songs by URL (for clients at and above version 2.9),
* but it can also be used to play songs locally available for the clients but not listed in the music list.
*
* @iscommand
*/
void cmdPlay(int argc, QStringList argv);
/**
* @brief DJ-blocks a client.
*
* @details The only argument is the **target client's user ID**.
*
* @iscommand
*
* @see #is_dj_blocked
*/
void cmdBlockDj(int argc, QStringList argv);
/**
* @brief Removes the DJ-blocked status from a client.
*
* @details The only argument is the **target client's user ID**.
*
* @iscommand
*
* @see #is_dj_blocked
*/
void cmdUnBlockDj(int argc, QStringList argv);
/**
* @brief Returns the currently playing music in the area, and who played it.
*
* @details No arguments.
*
* @iscommand
*/
void cmdCurrentMusic(int argc, QStringList argv);
///@}
@ -1539,6 +1556,15 @@ class AOClient : public QObject {
*/
///@{
/**
* @brief Literally just an invalid default command. That's it.
*
* @note Can be used as a base for future commands.
*
* @iscommand
*/
void cmdDefault(int argc, QStringList argv);
/**
* @brief Returns a textual representation of the time left in an area's Timer.
*

236
src/commands.cpp
View File

@ -25,55 +25,6 @@ void AOClient::cmdDefault(int argc, QStringList argv)
return;
}
void AOClient::cmdLogin(int argc, QStringList argv)
{
if (authenticated) {
sendServerMessage("You are already logged in!");
return;
}
if (server->auth_type == "simple") {
if (server->modpass == "") {
sendServerMessage("No modpass is set! Please set a modpass before authenticating.");
}
else if(argv[0] == server->modpass) {
sendPacket("AUTH", {"1"}); // Client: "You were granted the Disable Modcalls button."
sendServerMessage("Logged in as a moderator."); // pre-2.9.1 clients are hardcoded to display the mod UI when this string is sent in OOC
authenticated = true;
}
else {
sendPacket("AUTH", {"0"}); // Client: "Login unsuccessful."
sendServerMessage("Incorrect password.");
}
server->areas.value(current_area)->logger->logLogin(this, authenticated, "moderator");
}
else if (server->auth_type == "advanced") {
if (argc < 2) {
sendServerMessage("You must specify a username and a password");
return;
}
QString username = argv[0];
QString password = argv[1];
if (server->db_manager->authenticate(username, password)) {
moderator_name = username;
authenticated = true;
sendPacket("AUTH", {"1"}); // Client: "You were granted the Disable Modcalls button."
if (version.release <= 2 && version.major <= 9 && version.minor <= 0)
sendServerMessage("Logged in as a moderator."); // pre-2.9.1 clients are hardcoded to display the mod UI when this string is sent in OOC
sendServerMessage("Welcome, " + username);
}
else {
sendPacket("AUTH", {"0"}); // Client: "Login unsuccessful."
sendServerMessage("Incorrect password.");
}
server->areas.value(current_area)->logger->logLogin(this, authenticated, username);
}
else {
qWarning() << "config.ini has an unrecognized auth_type!";
sendServerMessage("Config.ini contains an invalid auth_type, please check your config.");
}
}
void AOClient::cmdGetAreas(int argc, QStringList argv)
{
QStringList entries;
@ -187,39 +138,6 @@ void AOClient::cmdKick(int argc, QStringList argv)
sendServerMessage("User with ipid not found!");
}
void AOClient::cmdChangeAuth(int argc, QStringList argv)
{
if (server->auth_type == "simple") {
change_auth_started = true;
sendServerMessage("WARNING!\nThis command will change how logging in as a moderator works.\nOnly proceed if you know what you are doing\nUse the command /rootpass to set the password for your root account.");
}
}
void AOClient::cmdSetRootPass(int argc, QStringList argv)
{
if (!change_auth_started)
return;
sendServerMessage("Changing auth type and setting root password.\nLogin again with /login root [password]");
authenticated = false;
QSettings settings("config/config.ini", QSettings::IniFormat);
settings.beginGroup("Options");
settings.setValue("auth", "advanced");
server->auth_type = "advanced";
#if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
qsrand(QDateTime::currentMSecsSinceEpoch());
quint32 upper_salt = qrand();
quint32 lower_salt = qrand();
quint64 salt_number = (upper_salt << 32) | lower_salt;
#else
quint64 salt_number = QRandomGenerator::system()->generate64();
#endif
QString salt = QStringLiteral("%1").arg(salt_number, 16, 16, QLatin1Char('0'));
server->db_manager->createUser("root", salt, argv[0], ACLFlags.value("SUPER"));
}
void AOClient::cmdSetBackground(int argc, QStringList argv)
{
AreaData* area = server->areas[current_area];
@ -252,161 +170,7 @@ void AOClient::cmdBgUnlock(int argc, QStringList argv)
server->broadcast(AOPacket("CT", {"Server", current_char + " unlocked the background.", "1"}), current_area);
}
void AOClient::cmdAddUser(int argc, QStringList argv)
{
#if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
qsrand(QDateTime::currentMSecsSinceEpoch());
quint32 upper_salt = qrand();
quint32 lower_salt = qrand();
quint64 salt_number = (upper_salt << 32) | lower_salt;
#else
quint64 salt_number = QRandomGenerator::system()->generate64();
#endif
QString salt = QStringLiteral("%1").arg(salt_number, 16, 16, QLatin1Char('0'));
if (server->db_manager->createUser(argv[0], salt, argv[1], ACLFlags.value("NONE")))
sendServerMessage("Created user " + argv[0] + ".\nUse /addperm to modify their permissions.");
else
sendServerMessage("Unable to create user " + argv[0] + ".\nDoes a user with that name already exist?");
}
void AOClient::cmdRemoveUser(int argc, QStringList argv)
{
if (server->db_manager->deleteUser(argv[0]))
sendServerMessage("Successfully removed user " + argv[0] + ".");
else
sendServerMessage("Unable to remove user " + argv[0] + ".\nDoes it exist?");
}
void AOClient::cmdListPerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
QStringList message;
if (argc == 0) {
// Just print out all permissions available to the user.
message.append("You have been given the following permissions:");
for (QString perm : ACLFlags.keys()) {
if (perm == "NONE"); // don't need to list this one
else if (perm == "SUPER") {
if (user_acl == ACLFlags.value("SUPER")) // This has to be checked separately, because SUPER & anything will always be truthy
message.append("SUPER (Be careful! This grants the user all permissions.)");
}
else if ((ACLFlags.value(perm) & user_acl) == 0); // user doesn't have this permission, don't print it
else
message.append(perm);
}
}
else {
if ((user_acl & ACLFlags.value("MODIFY_USERS")) == 0) {
sendServerMessage("You do not have permission to view other users' permissions.");
return;
}
message.append("User " + argv[0] + " has the following permissions:");
unsigned long long acl = server->db_manager->getACL(argv[0]);
if (acl == 0) {
sendServerMessage("This user either doesn't exist, or has no permissions set.");
return;
}
for (QString perm : ACLFlags.keys()) {
if ((ACLFlags.value(perm) & acl) != 0 && perm != "SUPER") {
message.append(perm);
}
}
}
sendServerMessage(message.join("\n"));
}
void AOClient::cmdAddPerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
argv[1] = argv[1].toUpper();
if (!ACLFlags.keys().contains(argv[1])) {
sendServerMessage("That permission doesn't exist!");
return;
}
if (argv[1] == "SUPER") {
if (user_acl != ACLFlags.value("SUPER")) {
// This has to be checked separately, because SUPER & anything will always be truthy
sendServerMessage("You aren't allowed to add that permission!");
return;
}
}
if (argv[1] == "NONE") {
sendServerMessage("Added no permissions!");
return;
}
unsigned long long newperm = ACLFlags.value(argv[1]);
if ((newperm & user_acl) != 0) {
if (server->db_manager->updateACL(argv[0], newperm, true))
sendServerMessage("Successfully added permission " + argv[1] + " to user " + argv[0]);
else
sendServerMessage(argv[0] + " wasn't found!");
return;
}
sendServerMessage("You aren't allowed to add that permission!");
}
void AOClient::cmdRemovePerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
argv[1] = argv[1].toUpper();
if (!ACLFlags.keys().contains(argv[1])) {
sendServerMessage("That permission doesn't exist!");
return;
}
if (argv[0] == "root") {
sendServerMessage("You cannot change the permissions of the root account!");
return;
}
if (argv[1] == "SUPER") {
if (user_acl != ACLFlags.value("SUPER")) {
// This has to be checked separately, because SUPER & anything will always be truthy
sendServerMessage("You aren't allowed to remove that permission!");
return;
}
}
if (argv[1] == "NONE") {
sendServerMessage("Removed no permissions!");
return;
}
unsigned long long newperm = ACLFlags.value(argv[1]);
if ((newperm & user_acl) != 0) {
if (server->db_manager->updateACL(argv[0], newperm, false))
sendServerMessage("Successfully removed permission " + argv[1] + " from user " + argv[0]);
else
sendServerMessage(argv[0] + " wasn't found!");
return;
}
sendServerMessage("You aren't allowed to remove that permission!");
}
void AOClient::cmdListUsers(int argc, QStringList argv)
{
QStringList users = server->db_manager->getUsers();
sendServerMessage("All users:\n" + users.join("\n"));
}
void AOClient::cmdLogout(int argc, QStringList argv)
{
if (!authenticated) {
sendServerMessage("You are not logged in!");
return;
}
authenticated = false;
moderator_name = "";
sendPacket("AUTH", {"-1"}); // Client: "You were logged out."
}
void AOClient::cmdPos(int argc, QStringList argv)
{

258
src/commands/authentication.cpp Normal file
View File

@ -0,0 +1,258 @@
//////////////////////////////////////////////////////////////////////////////////////
// akashi - a server for Attorney Online 2 //
// Copyright (C) 2020 scatterflower //
// //
// This program is free software: you can redistribute it and/or modify //
// it under the terms of the GNU Affero General Public License as //
// published by the Free Software Foundation, either version 3 of the //
// License, or (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU Affero General Public License for more details. //
// //
// You should have received a copy of the GNU Affero General Public License //
// along with this program. If not, see <https://www.gnu.org/licenses/>. //
//////////////////////////////////////////////////////////////////////////////////////
#include "include/aoclient.h"
// Be sure to register the command in the header before adding it here!
void AOClient::cmdLogin(int argc, QStringList argv)
{
if (authenticated) {
sendServerMessage("You are already logged in!");
return;
}
if (server->auth_type == "simple") {
if (server->modpass == "") {
sendServerMessage("No modpass is set! Please set a modpass before authenticating.");
}
else if(argv[0] == server->modpass) {
sendPacket("AUTH", {"1"}); // Client: "You were granted the Disable Modcalls button."
sendServerMessage("Logged in as a moderator."); // pre-2.9.1 clients are hardcoded to display the mod UI when this string is sent in OOC
authenticated = true;
}
else {
sendPacket("AUTH", {"0"}); // Client: "Login unsuccessful."
sendServerMessage("Incorrect password.");
}
server->areas.value(current_area)->logger->logLogin(this, authenticated, "moderator");
}
else if (server->auth_type == "advanced") {
if (argc < 2) {
sendServerMessage("You must specify a username and a password");
return;
}
QString username = argv[0];
QString password = argv[1];
if (server->db_manager->authenticate(username, password)) {
moderator_name = username;
authenticated = true;
sendPacket("AUTH", {"1"}); // Client: "You were granted the Disable Modcalls button."
if (version.release <= 2 && version.major <= 9 && version.minor <= 0)
sendServerMessage("Logged in as a moderator."); // pre-2.9.1 clients are hardcoded to display the mod UI when this string is sent in OOC
sendServerMessage("Welcome, " + username);
}
else {
sendPacket("AUTH", {"0"}); // Client: "Login unsuccessful."
sendServerMessage("Incorrect password.");
}
server->areas.value(current_area)->logger->logLogin(this, authenticated, username);
}
else {
qWarning() << "config.ini has an unrecognized auth_type!";
sendServerMessage("Config.ini contains an invalid auth_type, please check your config.");
}
}
void AOClient::cmdChangeAuth(int argc, QStringList argv)
{
if (server->auth_type == "simple") {
change_auth_started = true;
sendServerMessage("WARNING!\nThis command will change how logging in as a moderator works.\nOnly proceed if you know what you are doing\nUse the command /rootpass to set the password for your root account.");
}
}
void AOClient::cmdSetRootPass(int argc, QStringList argv)
{
if (!change_auth_started)
return;
sendServerMessage("Changing auth type and setting root password.\nLogin again with /login root [password]");
authenticated = false;
QSettings settings("config/config.ini", QSettings::IniFormat);
settings.beginGroup("Options");
settings.setValue("auth", "advanced");
server->auth_type = "advanced";
#if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
qsrand(QDateTime::currentMSecsSinceEpoch());
quint32 upper_salt = qrand();
quint32 lower_salt = qrand();
quint64 salt_number = (upper_salt << 32) | lower_salt;
#else
quint64 salt_number = QRandomGenerator::system()->generate64();
#endif
QString salt = QStringLiteral("%1").arg(salt_number, 16, 16, QLatin1Char('0'));
server->db_manager->createUser("root", salt, argv[0], ACLFlags.value("SUPER"));
}
void AOClient::cmdAddUser(int argc, QStringList argv)
{
#if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
qsrand(QDateTime::currentMSecsSinceEpoch());
quint32 upper_salt = qrand();
quint32 lower_salt = qrand();
quint64 salt_number = (upper_salt << 32) | lower_salt;
#else
quint64 salt_number = QRandomGenerator::system()->generate64();
#endif
QString salt = QStringLiteral("%1").arg(salt_number, 16, 16, QLatin1Char('0'));
if (server->db_manager->createUser(argv[0], salt, argv[1], ACLFlags.value("NONE")))
sendServerMessage("Created user " + argv[0] + ".\nUse /addperm to modify their permissions.");
else
sendServerMessage("Unable to create user " + argv[0] + ".\nDoes a user with that name already exist?");
}
void AOClient::cmdRemoveUser(int argc, QStringList argv)
{
if (server->db_manager->deleteUser(argv[0]))
sendServerMessage("Successfully removed user " + argv[0] + ".");
else
sendServerMessage("Unable to remove user " + argv[0] + ".\nDoes it exist?");
}
void AOClient::cmdListPerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
QStringList message;
if (argc == 0) {
// Just print out all permissions available to the user.
message.append("You have been given the following permissions:");
for (QString perm : ACLFlags.keys()) {
if (perm == "NONE"); // don't need to list this one
else if (perm == "SUPER") {
if (user_acl == ACLFlags.value("SUPER")) // This has to be checked separately, because SUPER & anything will always be truthy
message.append("SUPER (Be careful! This grants the user all permissions.)");
}
else if ((ACLFlags.value(perm) & user_acl) == 0); // user doesn't have this permission, don't print it
else
message.append(perm);
}
}
else {
if ((user_acl & ACLFlags.value("MODIFY_USERS")) == 0) {
sendServerMessage("You do not have permission to view other users' permissions.");
return;
}
message.append("User " + argv[0] + " has the following permissions:");
unsigned long long acl = server->db_manager->getACL(argv[0]);
if (acl == 0) {
sendServerMessage("This user either doesn't exist, or has no permissions set.");
return;
}
for (QString perm : ACLFlags.keys()) {
if ((ACLFlags.value(perm) & acl) != 0 && perm != "SUPER") {
message.append(perm);
}
}
}
sendServerMessage(message.join("\n"));
}
void AOClient::cmdAddPerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
argv[1] = argv[1].toUpper();
if (!ACLFlags.keys().contains(argv[1])) {
sendServerMessage("That permission doesn't exist!");
return;
}
if (argv[1] == "SUPER") {
if (user_acl != ACLFlags.value("SUPER")) {
// This has to be checked separately, because SUPER & anything will always be truthy
sendServerMessage("You aren't allowed to add that permission!");
return;
}
}
if (argv[1] == "NONE") {
sendServerMessage("Added no permissions!");
return;
}
unsigned long long newperm = ACLFlags.value(argv[1]);
if ((newperm & user_acl) != 0) {
if (server->db_manager->updateACL(argv[0], newperm, true))
sendServerMessage("Successfully added permission " + argv[1] + " to user " + argv[0]);
else
sendServerMessage(argv[0] + " wasn't found!");
return;
}
sendServerMessage("You aren't allowed to add that permission!");
}
void AOClient::cmdRemovePerms(int argc, QStringList argv)
{
unsigned long long user_acl = server->db_manager->getACL(moderator_name);
argv[1] = argv[1].toUpper();
if (!ACLFlags.keys().contains(argv[1])) {
sendServerMessage("That permission doesn't exist!");
return;
}
if (argv[0] == "root") {
sendServerMessage("You cannot change the permissions of the root account!");
return;
}
if (argv[1] == "SUPER") {
if (user_acl != ACLFlags.value("SUPER")) {
// This has to be checked separately, because SUPER & anything will always be truthy
sendServerMessage("You aren't allowed to remove that permission!");
return;
}
}
if (argv[1] == "NONE") {
sendServerMessage("Removed no permissions!");
return;
}
unsigned long long newperm = ACLFlags.value(argv[1]);
if ((newperm & user_acl) != 0) {
if (server->db_manager->updateACL(argv[0], newperm, false))
sendServerMessage("Successfully removed permission " + argv[1] + " from user " + argv[0]);
else
sendServerMessage(argv[0] + " wasn't found!");
return;
}
sendServerMessage("You aren't allowed to remove that permission!");
}
void AOClient::cmdListUsers(int argc, QStringList argv)
{
QStringList users = server->db_manager->getUsers();
sendServerMessage("All users:\n" + users.join("\n"));
}
void AOClient::cmdLogout(int argc, QStringList argv)
{
if (!authenticated) {
sendServerMessage("You are not logged in!");
return;
}
authenticated = false;
moderator_name = "";
sendPacket("AUTH", {"-1"}); // Client: "You were logged out."
}